Brian J. Murrell wrote: > On Wed, 2007-02-07 at 07:23 -0800, Tom Eastep wrote: >> Your problem is how to handle VPN interfaces in a multi-ISP environment -- > > Not quite even. It's how to make the DUPLICATEd routing tables receive > the same updates that the table it's duplicated from receive. i.e. when > the main table gets a new route for an instantiated openvpn connection, > the duplicated tables need to know too. > >> the route_rules file was designed exactly for that purpose > > Hrm. As I read it, it's for dedicating a certain traffic pattern to an > Internet interface. I guess this is one way to solve this problem, but > it's more rigid than just allowing the the routing engine to solve the > problem. >
OTOH, I challenge you to give us a good reason for replicating your tun0 route in multiple tables rather than simply using the single copy of that route that is is automatically added to the main table by OpenVPN. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
