Hello,
On Fri, 29 Nov 2002, Janssen Alexander wrote:
> ip route add 10.1.56.222 dev eth1 # Router1
> ip route add 10.1.56.193 dev eth0 # Workstation1
> # every Workstation has it's own table
> ip rule add from 10.1.56.193 table 193
> ip route add default via 10.1.56.222 dev eth1 table 193
>
> In my understanding the firewall should not answer to
> arp-whois requests for IP 10.1.56.193 on interface eth0.
> Or did i get it wrong?
Yes
May be only one missing line to be happy with medium_id:
ip rule add prio 100 table main
Explanation:
I see only the table for .193 but I assume there are other
similar tables, you have asymmetric routing configured when it should
not be in this way. What happens:
A and B are on same LAN, Host A resolves B:
who-has B tell A
firewall:
Q: I see probe "who-has B tell A" on dev X. Where points the route
from A to B?
A: There is route "from A to 0/0 => Forward via DEV Y". Well, X != Y,
they have different medium_id values => answer this ARP probe on DEV X.
The problem is that you have routes in this order (ip rule show):
from A to 0/0 => DEV Y (table A)
from 0/0 to B => DEV X (table main)
You need to inspect the main table first.
Regards
--
Julian Anastasov <[EMAIL PROTECTED]>
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
