icmp problem with a-symmetric routing
Sun, 1 Jul 2001 17:39:13 -0400
If you read his original posting you'll see that he says:
** Now I don't know if this behavior is as expected, but the funny thing is
** that, when I am initiating a TCP connection from 10.1.11.10 to 10.0.10.66, I
** am not experiencing any problems at all, 10.0.10.2 is forwarding anything it
** receives from 10.0.10.66.
So, asymmetric routing and ip_conntrack would not affect tcp but does affect
icmp, which is a bit hard to swallow.
On Sun, Jul 01, 2001 at 09:15:59PM +0200, Patrick Schaaf wrote:
> > No, I haven't, and given the fact than noone has replied to me to point me
> > to something obvious I may have overlooked, I am more or less convinced that
> > I've hit a (minor) bug in the Linux networking stack.
> Just reread your original request. Considering your asymetric routing
> situation, can you please remove any trace of the conntracking code
> from the firewall machine (check that you have no /proc/net/ip_conntrack
> pseudofile), and see if you still have the problem? If yes, please
> report again, so the core team can think about whether they want to
> do something about it.
> Note that conntracking cannot reasonably work in an asymetric routing
> setup anyway, so it's best to leave it out, lest you have code active
> which could become confused.
> best regards