On Fri, 2007-02-09 at 21:52 -0500, Brian J. Murrell wrote: > > If the kernel does essentially the same as this "ip route get" when > determining if an inbound packet is routable through the interface it > came in on I can see how it would fail and think it's a martian.
I think this is the problem. I just had it happen again and solved it by adding a specific route to the "martian source" via the interface that it was a martian on and the udp packets started flowing again. An immediate removal of the specific route left the "ip route get" returning the eth1 default route (route caching I guess) and things are still flowing. So it seem that having a 2 default routes when you really only want one (i.e. no balance) is a bad thing. I will experiment with removing the ppp0 default route and see what kind of badness comes from that. b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
