Użytkownik Les Mikesell napisał:
On Thu, 2005-01-13 at 03:13, Marcin Giedz wrote:
When first client is trying to connect to VPN server out side our office all
packets are sent through "linux router". When he finishes the connection
and second client wants to make a new connection no GRE packets are sent
through router. If I down and up interfaces on "linux router" everything
works OK as earlier - GRE packets are transmitted through router. If I
don't down and up interfaces but wait eg. for next day everything also
works OK. It seems for me that some "timeout" variable is set on my linux
router but I didn't set anything.
Is NAT involved here?
Yes it is
I have a similar problem where a GRE
connection goes out the wrong interface as the gateway starts
up, getting a NAT association in ip_conntrack and the NAT
never goes away after the correct interface and route come
up.
Seems similar ;)
I think you need to get rid of the /proc/net/ip_conntrack entry but there is no mechanism to do this.
So how this is removed from ip_conntrack after some period of time?. As I said before, on a next day all GRE packets are transimited through router, thence it seems that there is some "TTL" on "these" packets.
BR, Marcin
