On Sat, 19 Dec 2009 19:39:51 +0100, Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > (Searching in kernel changelogs...) Guess I need to read those more closely to catch subtle but important changes in kernel behavior :) > changing rp_filter type from boolean to integer and assigning the value > 2 to the new loose mode (see Documentation/networking/ip-sysctl.txt for > details). [...] > Notes : > 1) "Loose" reverse path filtering may be a bit better than no reverse > path filtering and should work with your setup. Tried "loose" and it worked great on my multi-homed setup, thanks for the tip. > 2) Reverse path filtering in kernel 2.6.32 uses the mark as in policy > routing, so strict reverse path filtering may work better in multihomed > setups like yours. Looking forward to it, I'll give it a try once I upgrade to .32 Cheers, Scott -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
