Re: [LARTC] full policy routing

From: Tomas Bonnedahl <tomas@yes.nu>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] full policy routing
Date: Tue, 18 Feb 2003 16:02:41 +0000	[thread overview]
Message-ID: <marc-lartc-104558421624672@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104558134019449@msgid-missing>

hello martin, thank you for your quick reply.

(the default routing table is empty for me, but is listed in /etc/iproute2/rt_tables)

i want to use "as much" rules as i can, meaning that the main table will only have one route to my network that come from networks
not defined in the rules.

now, about the local table. if the local table is the first one consulted when the router is to determine a path for a packet, i dont
want that to be filled with rules that is not defined from that network, but the rules maybe override that? when i looked in my local
table, i just see broadcast address and local connected addresses, as you also said.

any idea? it seems best to go with "ip route flush table main", btw, you also reminded me to clean the other tables too when
re-populating the tables, i forgot it. thank you. ;)

you probably understand that my native language is not english. please feel free to ask if there's something in this you dont
understand.

best regards,
tomas

On Tue, Feb 18, 2003 at 09:26:06AM -0600, Martin A. Brown wrote:
> 
> Tomas,
> 
> It never occurred to me to try "ip route flush table all".  Does it work?
> [ I'll have to try that on my critical Internet connected router! ;-) ]
> 
> I have gotten in the habit of using "ip route flush table $ID" for any
> table I'm about to populate with routes.  This way, I know I'm starting
> from an empty routing table.  Typically I don't muck about with the main
> routing table, and just use the RPDB to override the routes configured in
> the main routing table.
> 
> I don't know what you mean by the "default" routing table, but the local
> routing table is a very important routing table--it's the first one
> consulted in most route lookups, to see if the IP is a locally hosted IP,
> a broadcast address, or a (dumb) NAT transformation.
> 
> Have a good day,
> 
> -Martin
> 
>  : when you are using full policy routing (multiple tables and rules for every network),
>  : is one supposed to wipe all the tables clean with
>  :
>  : "ip route flush table all"
>  :
>  : or use
>  :
>  : "ip route flush table main"
>  :
>  : and still be sure that the policy routing works as it's supposed to?
>  :
>  : indeed, i dont know what the local and default tables are really doing.
>  :
>  :
>  : enlighentment would be appriciated.
>  :
>  : best regards,
>  : tomas
>  : _______________________________________________
>  : LARTC mailing list / LARTC@mailman.ds9a.nl
>  : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>  :
> 
> -- 
> Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
> 
> 
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/