In answer to CA's question and EL's response, Along the same lines, if you encapsulated the marked packet (IP in IP) and set (mangled) the TOS bits in the envelope packet, they could carry the mark without modifying the original packet. Would be a completely non-standard usage of the TOS bits (unless they happened to correspond to the reasons that you are marking packets,;>), but - since they wouldn't get out of your area of responsibility, it might provide an easy-to-setup-and-manage alternative. You would only need one "tunnel" that way, not one for each type of mark... Of course, you could always filter the packet in user-land, encapsulating in an envelope with the mark data, and re-filter again at the second router (again in user-land), to de-cap and re-mark. No kernel patches needed... Dick Shorter dicks@xxxxxxxxxxx -----Original Message <editted> ----- Subject: Re: howto mark packets > 2. if the answer to the first q. is yes, can that be done w/o patching > the kernel on the first router w/ experimental patches ? you can do that in a "capillotracté" way (such an idea) by using tunnels (gre or ipip) and doing some iproute2 an A do push packet in a tunnel corresponding to their mark and have B route by interface. _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
