Re: GRE problem - Marcin Giedz

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Marcin Giedz <marcin.giedz@eulerhermes.pl>
Cc: netfilter@lists.netfilter.org
Subject: Re: GRE problem
Date: Thu, 13 Jan 2005 22:20:43 +0100	[thread overview]
Message-ID: <41E6E62B.4010400@eulerhermes.pl> (raw)
In-Reply-To: <1105626751.917.21.camel@les-home.futuresource.com>

U¿ytkownik Les Mikesell napisa³:

>On Thu, 2005-01-13 at 03:13, Marcin Giedz wrote:
>
>  
>
>>When first client is trying to connect to VPN server out side our office all
>>packets are sent through "linux router". When he finishes the connection
>>and second client wants to make a new connection no GRE packets are sent
>>through router. If I down and up interfaces on "linux router" everything
>>works OK as earlier - GRE packets are transmitted through router. If I
>>don't down and up interfaces but wait eg. for next day everything also
>>works OK. It seems for me that some "timeout" variable is set on my linux
>>router but I didn't set anything. 
>>    
>>
>
>Is NAT involved here?  
>
Yes it is

>I have a similar problem where a GRE
>connection goes out the wrong interface as the gateway starts
>up, getting a NAT association in ip_conntrack and the NAT
>never goes away after the correct interface and route come
>up.  
>
Seems similar ;)

>I think you need to get rid of the /proc/net/ip_conntrack
>entry but there is no mechanism to do this.
>
>  
>
So how this is removed from ip_conntrack after some period of time?. As
I said before, on a next day all GRE packets are transimited through
router, thence it seems that there is some "TTL" on "these" packets.

BR,
Marcin

next prev parent reply	other threads:[~2005-01-13 21:20 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-01-13  9:13 GRE problem Marcin Giedz
     [not found] ` <1105616014.2985.6.camel@e500>
2005-01-13 14:08   ` Marcin Giedz
2005-01-13 14:32 ` Les Mikesell
2005-01-13 21:20   ` Marcin Giedz [this message]
     [not found]   ` <41E6E3C1.7030909@hermes-kredit.pl>
2005-01-13 21:40     ` Les Mikesell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=41E6E62B.4010400@eulerhermes.pl \
    --to=marcin.giedz@eulerhermes.pl \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.