On Fri, Mar 12, 2010 at 10:54:43AM +0000, Stuart Henderson wrote: > On 2010-03-12, Claudio Jeker <[email protected]> wrote: > > On Fri, Mar 12, 2010 at 12:28:33AM +0000, Stuart Henderson wrote: > >> On 2010-03-10, Massimo Lusetti <[email protected]> wrote: > >> > Hi misc, > >> > I got a 4.5 box which act as a perimeter ipsec routing gateway, it > >> > has 682 flow (by ipsecctl -sf | wc -l). > >> > > >> > Some of this flow are up with a static route to the other point of the > >> > ipsec tunnel and some of these routes are changing dynamically (netstat > >> > shows UGHMS flags). > >> > > > > > Wow that's a strange flag combo. Why is S & M set together? > > Hmm. Another strange routing thing I need to have a loot at. > > Most probably the cloning is done wrong. > > Hmm, does it have to be cloned? Couldn't this be the result of > route add -host, and then receiving a redirect? > > Massimo, what command are you using to add these static routes? >
He adds static host routes and the redirect changes the gateway of the static route. I think it would be better to add the redirect with a high priority to the table so the original one is not modified. At least something like this would work now. -- :wq Claudio
