whiplash wrote: > Geoff Crompton wrote: > >> So when I ping from a machine behind this firewall, it should be routed >> via 203.28.240.92, but it isn't. I've been running tcpdump on both >> 203.28.240.92 and 203.28.240.91, and the packets are definately being >> routed via 203.28.240.91. > > Did you > ip route flush cache > before testing? No, but I have now, and it made no difference. From my perspective, it looks like a failure in the routing policy database, so I'm not suprised that an 'ip route' command didn't change the situation. (However I know nothing about the code internals, so I'm happy to conceed the point if someone knows better). BTW, how long do route caches last? -- +-Geoff Crompton +--Debian System Administrator +---Trinity College -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
