Hello, On Mon, 12 Jan 2004, Patrick McHardy wrote: > Why should we do a route lookup at all ? MASQUERADE doesn't need the > dst_entry but only the interface address. Using ifa_list->ifa_local > of the outgoing in_device seems like the simplest solution to me. Because it is possible the output interface to be used for many logical subnets. In such cases it is desired maddr to be the preferred source address for the target. If the users do not want to fill the routing cache with such entries they can add SNAT rule for each path. The drawback is that SNAT has only -o match, there is no GW match. As result, we can not properly assign maddr in setups that have two GWs on same output interface. > Regards, > Patrick Regards -- Julian Anastasov <ja@ssi.bg> - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html