On Tue, 2008-07-01 at 07:12 -0700, Tom Eastep wrote: > > Brian, > > I owe you an apology.
No worries. I was not totally convinced myself that it would work (or I would have been more persistent, but to have been more that it would work I would have had to find the time to do an implemenation) and was hoping for verification/critique by those more experienced than I. > I missed (or kept ignoring) the essential feature of > your proposal that *does* allow it to work; namely the way in which you > re-ordered the routing rules. Excellent. > I awoke this morning with the realization that > your proposal would work with the right rule ordering and when I looked at > your original post, there it was. :-) > I'm truly sorry for being so > dense/stubborn/whatever. Again, no worries. I had not totally given up the idea but I knew I had put my money where my mouth was and actually try it out to see for myself why it would or wouldn't work. > So given that it can work, we need to decide what to do about it. I really > dislike the notion of two models for routing but I suspect that is the only > way in which I could implement this scheme without causing serious > compatibility issues. More thought needed. Is it "two models" or just a re-implementation of the existing model? What if the only change was to do the route rules re-ordering so that applications populating the main table would get what they want? Does anything "user visible" (i.e. anything in /etc/shorewall/) really need to change? route_rules could even still be functional, just not needed as much (there might still be corner cases) or at all. I guess there is the slight user visible change that they have to ensure that interface plumbing processes don't plumb a default route. Then again, shorewall could always just [re]move them [to the default table]. I think it's generally a requirement that shorewall be reloaded when interfaces go up and down anyway. b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
