** Reply to message from Raymond van den Houwen <[EMAIL PROTECTED]> on Tue, 03 Dec 2002 09:44:22 +0000
> Hi Mike, > > I already found the problem, thanks for your help: > > The problem was that the Linux kernel has a LOT more routing > capability then is normally discussed. It allows policy-based routing > and lots of other options, along with -- and this is what killed me -- > reverse path filtering. Reverse path filtering, when enabled, > specifically tells the kernel to drop packets that have a source > address that isn't appropriate for the network from which it is > arriving. Dropping these packets is a BAD thing when multiple > interfaces are used for the connection to the outside world, since > this implies asymmetric routing, i.e. packets will often come in via > one interface and the reply will be via the other interface. > > Reverse packet filtering is disabled by the following: > > for file in /proc/sys/net/ipv4/conf/*/rp_filter > do > echo "0" > $file > done Or the Red Hat way: Replace the "1" with a "0" in the following line in /etc/sysctl.conf # Controls source route verification net.ipv4.conf.default.rp_filter = 1 and then issue an "/sbin/service network restart" jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
