From: Gawith (gawith@gmx.de)
Date: Sun May 04 2003 - 16:29:22 EDT
Hi gurus!
Unfortunately there seems to be no easy way to force packets to be sent
via the incoming interface.
I need this, because our firewall doesn't want to receive answers from
an interface which is not the interface where the request was sent.
There were some suggestions:
-using static routes; ok if you have a limited network topology
-setting ip_strict_dst_multihoming; this only drops special packets
-using ipfilter; might work
I think using ipfilter might solve the problem, but I didn't have the
time to check it in detail.
Thanks.
JS
---- original message ----
>Hi gurus!
>
>I'm looking for a solution that a multi-homed server is
responding via
>the interface the request came from.
>I don't want loadbalancing or something like that. I
just want the
>packets to leave via the "right" interface, so that I
don't get warnings
>from the firewall.
>
>Any ideas?
>
>Regards,
>JS
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:20 EDT