From: Vincent Jaussaud <tatooin@kelkoo.com>
To: lartc@vger.kernel.org
Subject: Re: Re: [LARTC] multipath routing problem [Shorter version] - Help
Date: Fri, 25 Oct 2002 18:44:54 +0000 [thread overview]
Message-ID: <marc-lartc-103557153101573@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103555678715833@msgid-missing>
On Fri, 2002-10-25 at 20:21, Arthur van Leeuwen wrote:
> On 25 Oct 2002, Vincent Jaussaud wrote:
>
> > However, I don't get why, in the same SSH session, TOS may differ from
> > one packet to another. Using tcpdump, it seems that TOS value change
> > right after the authentication has been successfully made.
>
> Shit... you figured that one out *quite* a bit faster than I did at the
> time... took me two weeks.
>
:-)
> What openssh does is first authenticate, then set the TOS value depending on
> whether you're doing interactive communications (ssh) or bulk transfer
> (scp). One could see this as a way of minimizing information leakage...
>
OK, now I know why openssh is changing it's TOS !. Thanks. :-)
> Oh, and yes, it does what you deduced. I finally got that from reading the
> sources...
I could mangle the TOS field as you suggested, but I don't like this,
since packets *should* be able to find their way out, whatever path they
use to come back.
The thing I don't understand, is that even by NAT'ing everything,
everywhere, my connections still break.
I've tried to NAT on the firewall everything coming from a test IP, just
to see how it goes. No luck.
I even tried NAT'ing on the firewall, then on the gateways, then on the
final router, in the other network. Still no luck ! This is non sense !
There has to be something wrong, somewhere.
Thanks for your reply.
Regards,
Vincent.
>
> Doei, Arthur.
>
> --
> /\ / | arthurvl@sci.kun.nl | Work like you don't need the money
> /__\ / | A friend is someone with whom | Love like you have never been hurt
> / \/__ | you can dare to be yourself | Dance like there's nobody watching
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
--
Vincent Jaussaud
Kelkoo.com Security Manager
email: tatooin@kelkoo.com
"The UNIX philosophy is to design small tools that do one thing, and do
it well."
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-10-25 18:44 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-25 14:38 Re: [LARTC] multipath routing problem [Shorter version] - Help Vincent Jaussaud
2002-10-25 14:55 ` Julian Anastasov
2002-10-25 15:31 ` Vincent Jaussaud
2002-10-25 16:12 ` Julian Anastasov
2002-10-25 18:15 ` Vincent Jaussaud
2002-10-25 18:17 ` Arthur van Leeuwen
2002-10-25 18:21 ` Arthur van Leeuwen
2002-10-25 18:44 ` Vincent Jaussaud [this message]
2002-10-25 18:45 ` Julian Anastasov
2002-10-25 19:13 ` Vincent Jaussaud
2002-10-25 19:28 ` Julian Anastasov
2002-10-28 14:29 ` Vincent Jaussaud
2002-10-28 22:21 ` Julian Anastasov
2002-10-29 16:32 ` Vincent Jaussaud
2002-10-29 22:31 ` Julian Anastasov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103557153101573@msgid-missing \
--to=tatooin@kelkoo.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.