[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Incoming/Outgoing route of IP subnet

Alexander Steinert wrote:
> OK, let's assume we have
> an IP subnet N,
> a host H in N,
> a host G in N and
> a host A outside of N.
> Packets from H to A go via G, since H is configured as gateway on H. 
> How save is it to assume that all packets from A to H (the other way
> round) go via G?

Hmm...  Not really safe at all since the specs say that the routes do
not need to be symmetrical.  Since they are not required to be you can
almost certainly assume that at times they will not be symmetrical.
Therefore an assumption like that will certainly break something at
some time in the future.

Could you give us a hint?  What are you planning?  Usually I find that
specific questions like this are often the result of other more
general questions and the latter are the more interesting ones.

> I'm looking real world examples where a packet enters an IP subnet on
> one way (interface) and an answering packet leaves N on another way
> (different interface).

Larger corporate environments come to mind.  If you have a large
geographically separated network with multiple external POP routers
then it is possible that packets will leave the network by one route
but be returned by a different route.  Not typical in a SOHO but I
could certainly construct one that way.

> Only load-balancing or dedicated firewalls come to my mind. Is such
> an environment found often? Are the other examples?

What other types of firewalls are there if not dedicated?


Attachment: pgptnmVQtekdu.pgp
Description: PGP signature

Reply to: