Re: Bridges

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 23/08/10 09:22, Pascal Hambourg wrote:

Jonathan Tripathy a écrit :

"IP routing" may have different meanings. It can be a synonym for "IP
forwarding", like in "IP routers do IP routing". But in the context of
the Linux IP stack, it rather means the handling of an IP packet
according to the routing table. In short :
- for an incoming packet, determine whether it is for local delivery or
to be forwarded ;
- for an outgoing or forwarded packet, determine the output interface
and gateway.

I definitely still want link to do that though, with my bridge traffic...

Do what ? I don't understand, sorry.
Sorry, I'm not wording my questions very well. Let me start from the top. Thanks everyone for the fantastic help by the way :)
Ok, so as I understand Linux, and please correct me if I'm wrong, when a packet comes into a physical interface on a Linux machine, regardless of the status of the net.ipv4.conf.<interface>.forwarding, Linux will always put the packet onto a "chain". This will either be the INPUT chain or the FORWARD chain. Is that correct?
Next, if the packet it destined for an IP of one of the local interfaces, it puts it onto the INPUT chain, correct?
However if the packet it destined for a non-local host, it puts it onto the FORWARD chain, correct?
Then, when the packet is on the forward chain, it depends on if the incoming interface is connected to a bridge or not. If it is connected to a bridge, the packet will transverse the FORWARD chain and go out the interface which must be part of the same bridge, correct?
If, however, the incoming interface is not connected to a bridge, Linux will fordward the packet out of another interface which is thinks is correct (as defined by the routing table), but it will only do this if net.ipv4.conf.<interface>.forwarding is set to 1, correct?
Before I go on with my next set of question, I'd just like someone to correct the above if it is wrong 

Many Thanks
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux