Is there a reason why packets passing through (possibly related to NAT) do not generate an entry in the IRE cache of the machine with ipfilter?
Is there a way to get it to happen? Here's the situation: ipfilter running on a solaris 10 machine with multiple default routes; if I proxy through that machine, it load balances ok and I see it create IRE cache entries via ndd -get /dev/ip ipv4_ire_status, however if I use ipfilter and try and use the machine to NAT from the lan I see packets going out on both default routes round robin, and load balancing does not work but if I use wget on the machine with ipfilter, I see an entry get created in the IRE cache, and NAT will now work at it appears to use the IRE cache entry to pick the outgoing interface, then it stops working when the IRE cache entry is removed by the OS. I've tried hacking on ip_nat.c to lookup a route using ire_route_lookup, but I don't know how to fill in the ire_t to pass it to ire_add. (yes I know load balancing default routes on solaris does not really work)
