[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Woody routing question...



On Sat, 10 Aug 2002 07:49:14 -0700, Ted Deppner <ted@psyber.com>
wrote:
>On Fri, Aug 09, 2002 at 11:00:21PM +0200, Marc Haber wrote:
>> On Fri, 9 Aug 2002 10:19:36 -0700, Ted Deppner <ted@psyber.com> wrote:
>> >If you want to be able to use both IPs from either network (a common
>> >occurance even if you didn't plan it), you should probably turn off
>> >RP_FILTER in the kernel.
>> 
>> Why?
>
>rp_filter will drop packets coming in interface A that have a source in
>the network of interface B.  It essentially polices that packets that
>"should" come in B have to come in B.

Notice "source address". So, rp_filter's setting is irrelevant when it
comes to reaching _any_ ip address of the local host as long as it
comes in from the interface that matches the source address.

>This is only usually a concern where you have two interfaces facing the
>same general network traffic.

Or when you suspect IP spoofing.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29



Reply to: