[NCLUG] [OT] Re: Question about IP forwarding

Bob Proulx bob at proulx.com
Mon Apr 26 17:35:41 MDT 2010


Marcio Luis Teixeira wrote:
> ... but TCP expects the ACK to be delivered to the same machine that
> sent the original packet.

It must be using a combination of ethernet address and interface in
the calculation.  Probably an anti-spoofing enhancement.  There still
might be a way to configure it in the linux kernel.  But of course
then if you are locally configuring the machine you might as well add
a local route and avoid all of the issues instead.

> I thought I was being clever by setting up the routing the way I
> did, but I guess I shot myself in the proverbial foot.

I wouldn't be down about it.  I think you were being clever and had a
good shot at pulling it off.  And you and the rest of us along with
you learned some good stuff because of it.  That is always worthwhile.

Bob



More information about the NCLUG mailing list