Hi Alexandr,
Not quite, this is the corrected diagram:
.--->-- rpki.ripe.net ---->--------.
| |
| |
| |
^ echo request: V echo reply:
| 172.16.0.91 -> 193.0.6.138 | 193.0.6.138 -> 172.16.0.91
| |
| vlan367 | vlan313
,------+-------. ,------+-------.
| gw2 | vlan209 | gw1 |
| 172.16.0.91 +-------------------+ 172.16.0.90 |
| | | |
| +-------------------+ |
| | vlan409 | |
`--------------' `--------------'
> I would try to make state check less paranoid at gw1:
> pass quick proto { icmp, icmp6 } keep state (sloppy)
That does fix it!
Would you mind explaining more about this?
Thanks,
Ian
On Mon, May 2, 2022 at 8:53 AM Alexandr Nedvedicky
<[email protected]> wrote:
> I wonder if diagram above matches your topology.
> [snip]
