[Gllug] Linux Source Address selection

- Tethys tethys at gmail.com
Mon Oct 18 10:33:44 UTC 2010


On Mon, Oct 18, 2010 at 11:20 AM, Robert McKay <robert at mckay.com> wrote:

> I want to make sure that a tunnel's address is never used as the source even
> when the routing goes over the tunnel, unless the socket is explicitly bound
> to the tunnel address.

So if you're routing traffic over the tunnel, which source address do
you want to use? If you use a non-tunnel address, then you're going to
get into horrendous asymmetric routing nightmares.

FWIW, we explicitly set the source address with squid for our outbound
traffic, and use policy routing to send stuff over the approriate
tunnel based on that source address. It's horrible hacky, but it
mostly seems to work.

Tet

-- 
“It seems intuitively obvious to me, which means that it might be
wrong.” -- Chris Torek
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list