>> IP address being a part of a IP network is just plain bitwise >> calculation and has nothing to do with interfaces. AB> AB> This is obvious, but the fact that the Kernel accepted the packet on AB> eth0 implies it is either part of 10.0.0.0/8 or 10.0.0.0/24. No, it does not imply. It only implies that it was either sent via a router that has a link-level connection to eth0 or from a host that has a link-level connection to eth0. AB> Yes, but what if your routing requirements are dynamic based on AB> src/dest-net/mask? Are you saying it is not possible to make such a AB> routing decision? What exactly are you trying to achieve? >> There is one additional thing you might want to have a look at when >> you are building routers with asymmetric routing: rp_filter. You >> might to want to turn it off for the interfaces in questions. AB> AB> Isn't that the default? Several distributions turn it on as a security measure (so you can prevent some kinds of IP spoofing on a gateway host without any filtering rules). At least Debian does turn it on from my recent experiences. -- Meelis Roos - : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
