this basically boils down to the next thread I began. Since my first question was already answered
PS. Thanks alot for your help so far, really appreciated. Regards Mark ---------------------------------------------------------------- I am. Therefore, I think. I think. ---------------------------------------------------------------- On Wed, 23 Jul 2003, Trevor Talbot wrote: >On Wednesday, Jul 23, 2003, at 03:36 US/Pacific, Mark Bojara wrote: > >> I understand what you mean but this is only for a outgoing connection >> with keepstated incoming. If another completely different incoming >> connection gets established then since it did not orignate as a >> outgoing connection the keep state will not apply. > >I don't follow. If all of your rules specify queues, then the queues >will apply. Is there a case where you don't want to specify queues >that I missed? > >> On Wed, 23 Jul 2003, Trevor Talbot wrote: >> >>> On Tuesday, Jul 22, 2003, at 23:46 US/Pacific, Mark Bojara wrote: >>> >>>> Thanks for the advice, Ive tried to have one rule to catch both >>>> directions but if it is outgoing traffic then the keepstate will >>>> automatically allocate the incoming packets that are comming back to >>>> the same queue. But if the request originated from a incoming >>>> request there is no way possible that the same outgoing queue will >>>> work for that traffic. > >>> Anyway, the tagging in the state entry happens no matter which >>> direction the packet is traveling. Thus, when you create a state on >>> an inbound packet, the queue tag will only matter for reply packets >>> (going back out on that interface). The inbound packets will still >>> be tagged, but the tags don't match any queue on the interface they >>> go out on, so nothing happens. Meanwhile, you also have a rule to >>> create state out on that other interface, and that queue tag does >>> apply. >>> >>> You should keep the one-rule-per-interface setup, i.e. "pass in on >>> $i01", "pass out on $i03". You should also set each rule to use the >>> appropriate queue on that same interface, no matter which direction >>> the rule is for. > >
