Hi! I'm involved in a project where I want to conduct labelswitching in an isolated subnet. The labels should be put in the flowlabel-field in an IPv6 header. I have come to the conclusion that Netfilter is a good API to use. What I want to do is:
packet arrives -> check if flowlabel differs from zero -> if so (check in an internal routing table what device the packet should be sent on and send it there) if not (do nothing, just let the kernel deal with the packet in normal manner) I have started coding my own Netfilter module but it turns out to be harder than I first thought. Especially the part where I want to force a packet to a specific interface gets me confused. The already existing routing behaviour in the IPv6-stack is obfuscating things a bit as well, since I dont know what caches to be invalidated etc. when I in the POST_ROUTING hook forces the packet to another part than the routing algorithms has decied. My question is: is there a way to use the already existing Netfilter modules in order to acheive the described behaviour? In that case, how do I configure them? Sincerily, Gabriel Paues Swedish Institue of Computer Science
