But here's a problem: the kernel supports only up to 256 route domains, and I'd like to be able to use more interfaces than that, physical plus virtual. Cheers, Andrei --- On Thu, 4/7/11, Mikael Abrahamsson <swmike@xxxxxxxxx> wrote: > From: Mikael Abrahamsson <swmike@xxxxxxxxx> > Subject: Re: Should ICMP echo responses be 'bound to the interface' of the incoming ICMP echo request? > To: "andrei radulescu-banu" <iubica2@xxxxxxxxx> > Cc: "Ketil Froyn" <ketil@xxxxxxxxxx>, linux-net@xxxxxxxxxxxxxxx > Date: Thursday, April 7, 2011, 3:14 AM > On Wed, 6 Apr 2011, andrei > radulescu-banu wrote: > > > So let me rephrase my question then. Say that I want > to add a sysctl to the interface, to put it in a mode where > ICMP responses go out of the same interface where the > request came in. By default, the interface would keep the > current behavior, where the ICMP responses simply choose the > longest match route irrespective of the interface. I'm not > too concerned with the mechanics of implementing the sysctl > - that is pretty much cut and paste code. But where I am > stuck is - I can't understand how to pass interface > information in the ip_route_output_key() flow parameter. > > Don't you want to source-route the packets out the correct > interface, regardless how the packet was generated? > > Instead of keeping track of where the packet came in, make > sure any packets going out uses the routing table for the > interface of the src IP address of the packet? Sounds like a > more generic solution. > > -- Mikael Abrahamsson email: swmike@xxxxxxxxx > -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
