Packet traversal when tunneling
Steffen Bloedt
Steffen.Bloedt@eed.ericsson.se
Wed, 26 Sep 2001 14:57:04 +0200
Hello all,
I am currently working on policy routing and tunneling and I discovered
a strange behavior. I am using iptables 1.2.1 with kernel 2.4.4 (with
FTOS patch). Under
http://www.knowplace.org/netfilter/ipt_flow_mirror.html
I found the a very good diagram about the packet traversal. This diagram
is not true when I am tunneling packets (ip tunnel ...). The packets go
the following way:
PREROUTING -> IN-ROUTE -> FORWARD -> Encapsulator -> OUTPUT -> OUT-Route
I think this is very strange. The packets go directly from the
FORWARD-chain to the encapsulator. Is the encapsulator a sort of local
process? The packets don't cross the POSTROUTING-chain!!! Why?
I discovered this behavior by dropping special packets in different
chains. Maybe I made a mistake. Is there a more complete diagram that
shows the packet traversal when tunneling packets?
TIA
Steffen
--
Steffen Bloedt Ericsson Eurolab Deutschland GmbH
Steffen.Bloedt@eed.ericsson.se D-52072 Aachen