On 10/1/2014 10:29 PM, James Andrewartha wrote: > Hi, > > I see that in 4.6.0 [1], USE_DEFAULT_RT was changed to Yes by default. I > couldn't find any documentation of this change in the release notes. I > can see why this change was made, however I want to use quagga for > routing, which inserts routes into the main routing table. Although it > looks like zebra (part of quagga) can be configured to use a different > table [2]. I also have a VPN with a subnet routed behind it. > > The main thing for me is that policy routing needs to keep working, so > #5 at [3] indicates that just setting USE_DEFAULT_RT=No is the quick > fix. However you've indicated that you want to deprecate it, so what > other options are there? Should I just set zebra to drop its routes into > the balance table? Will they get removed when restarting shorewall? > > [1] > http://sourceforge.net/p/shorewall/code/ci/cea237620a136b5f75415f62449d885eaf9e6c3d/ > [2] http://www.nongnu.org/quagga/docs/docs-info.html#Static-Route-Commands > [3] http://shorewall.net/MultiISP.html#USE_DEFAULT_RT >
You should just let quagga put its routes into the main table, since that is the table that will be searched first and is the only table that isn't rebuilt during a restart. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
