Daniel Hartmeier wrote:
If I understand it correctly, you're asking whether you could use
route-to loopback and queueing on loopback to queue incoming packets (on
their way through the firewall) on one central interface (lo0).
I'm only vaguely understanding the situation myself, so if my suggestion is totally
inappropriate, say so.
First, try the route-to lo0 scheme without any queueing. If you route
incoming packets to lo0, do they actually come back in on lo0 and cause
the normal IP forwarding procedure (i.e. lookup of the proper interface
to forward them through, arp, etc.)? Or does loopback act like a black
hole for any traffic which is not destined for a daemon running locally
and bound to 127.0.0.1?
...
The loopback interface is special in many ways. Basically, there's this
abstract idea of what it should do (like a phyisical cable looping back to
an interface, so anything going out comes right back in verbatim), but how
that translations to behaviour in specific aspects is not always
well-defined. If you're using loopback in an unconventional way for the
first time, there may very well be surprises. Try and see :)
Are there not, also, two-endpoint tunnel interfaces that one could configure, where the
traffic going in one end and out the other (on the same machine) would be two different
interfaces that could be handled differently?
Daniel
--
Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/
"I set the wheels in motion, turn up all the machines, activate the programs,
and run behind the scenes. I set the clouds in motion, turn up light and
sound,
activate the window, and watch the world go 'round." -Prime Mover, Rush.
