snat bridge routes reply packets
Amin Azez
azez at ufomechanic.net
Thu Sep 29 15:12:33 CEST 2005
Martijn Lievaart wrote:
> Amin Azez zei:
>
>>Henrik Nordstrom wrote:
>>
>>>But I strongly suspect your problems is not at all related to routing.
>>>It would only be routing related if your bridge does not have correct
>>>routing info for either the source or destination.
>>
>>My bridge does may not have routing for the source in many instances.
>
>
> Maybe a stupid remark, but if you create routes for the source to the
> existing IP where you want the packet delivered? Does that solve your
> problem?
My actual problem is that I need a bridging kernel that can be deployed
in unknown network environments and nat to a known gateway that is the
only machine guaranteed to be on the same subnet. It's not pretty.
We have created broad network aliases for the bridge so that all IP
addresses are local and roughly get the scenario you speak of, but then
we need to add static arp entries to assign the default gateway's mac to
specific known non-local ip, which is of course a worse hack than
mending snat for source-bridge scenarios.
Sam
More information about the netfilter-devel
mailing list