On Wednesday 2010-03-17 15:08, Dominik Kaspar wrote: >>>I have a question about why packets are disappearing in my setup. My >>>machine has two L2TP tunnels (10.6.1.2 and 10.6.1.3) to a Web server >>>(10.6.1.1). The local machine uses a command such as "wget >>>http://10.6.1.1/file --bind-address 10.6.1.2" to request a file from >>>the server. On the server, outgoing packets are rewritten to 10.6.1.3, >>>so that they travel back through the other tunnel. That works fine. >> >> For asymmetric routing, you should not be using NAT, but proper >> policy routing. > >But what exactly did >you mean by "proper policy routing" when saying that NAT should not be >used for asymmetric routing? It means that the webserver does something along the lines of ip route add 10.6.1.2/32 [via GW as needed] dev ltptun2 and not modifying the src/dst addresses at all. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
