Hello,
On 28 Oct 2002, Vincent Jaussaud wrote:
> My question is, if we ensure that EVERY packets, whatever path they use
> to arrive, finally pass through a single peer doing NAT, is this suppose
> to work around my TOS problem ?
Sounds correct. The requirement is each packet from one
connection to be NAT-ed only from one NAT router and to same
masquerade address and port. The routing cache can not guarantee
that. It can be done only from the patched masquerade.
> What about the rp_filter kernel value ? Could it be a problem in such
> setup ?
The patches are designed to work with rp_filter enabled.
You can safely use it, it is changed to work only with the defined
paths.
> Thanks again.
> Vincent.
Regards
--
Julian Anastasov <[EMAIL PROTECTED]>
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
