On 2008/01/17 17:00, Alexander Burnos wrote: > No, I don't. I receive just default routes. I think that using of > fullview to solve routes priority problem - it's a little bit overkill.
Since we don't currently support route priorities, I think that might be the cleanest workaround. Another way is to add a static route (just a /32 would do) to a host which you can connect from if there's a problem, but that's much more of a hack. > So, my understanding is: i have a directly connected gateway and no > default route in my routing table, > when incoming packet comes through external interface the new state is > created and all outgoing traffic for this session should flow to > 'reply-to' gateway even if there is no 'default route' entry in my main > routing table. > > So this option should work for incoming sessions. Maybe I'm wrong. If I understand the code, ip_output (which happens before PF) will look for a route for the destination and if it can't find one, stops processing the packet with EHOSTUNREACH.
