Re: GRE-NAT broken - SOLVED

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Am 02.02.2018 um 21:21 schrieb Grant Taylor:
>
>> I haven't seen the code so far, maybe I just need another source-NAT
>> based rule for GRE?
>
> I don't know.
>
> Take a look at the GRE-NAT.sh script that I shared in a previous email.
You have a SNAT rule in there.

But my masquerading rule should do the exact same thing:
-A POSTROUTING -s 192.168.10.0/24 ! -d 192.168.10.0/24 -j MASQUERADE

Both cases, the first package from the inside and from the outside
should be covered. Or am I missing something here?

>
> I think the race is who sends packets first, not a problem in the code
> or implementation.
>
True, but the implementation and my configuration of the same should
handle both cases.
>
> How often does BGP send packets if there aren't any updates or changes
> to advertise?  -  Cursory Google search makes me think that BGP sends
> a a keepalive (heartbeat) packet every minute.  -  I would think that
> would be often enough to keep connection tracking entries from timing
> out.
>
I'd have to look that up. So far the ping keeps the tunnels going.

Bye,
Matthias

--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux