* Externally transparent routing
@ 2000-07-24 8:45 Jordi Verwer
0 siblings, 0 replies; 3+ messages in thread
From: Jordi Verwer @ 2000-07-24 8:45 UTC (permalink / raw)
To: Linux Kernel Mailing List
Hello all,
To prevent my NAT-box from showing up on traceroutes I'd like to let it
route without decreasing the TTL. I was told that proxy arp also archieves
this, however I have no need for proxy arp per se and am also not completely
confident that that will do what I want. I also saw TTL decrease/increase
settings in the iptables mangling options, however I use 2.2 and would
rather not upgrade. So my question is: is this possible under 2.2 and if so,
how?
Thanks in advance,
Jordi Verwer
P.S.: Please send me a CC of your reply, as I am not subscibed.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Externally transparent routing
[not found] <no.id>
@ 2001-07-24 17:56 ` Alan Cox
2001-07-25 9:43 ` Jordi Verwer
0 siblings, 1 reply; 3+ messages in thread
From: Alan Cox @ 2001-07-24 17:56 UTC (permalink / raw)
To: Jordi Verwer; +Cc: Linux Kernel Mailing List
> To prevent my NAT-box from showing up on traceroutes I'd like to let it
> route without decreasing the TTL. I was told that proxy arp also archieves
And what happens if you get a routing loop ?
A NAT box really does need to drop the TTL. Nothing stops you giving it a
more bizarre name, or indeed you can do what a few folks have found
excruciatingly funny to do to tracerouters which is to spoof totally bogus
icmp unreachables so they see crazy paths
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Externally transparent routing
2001-07-24 17:56 ` Alan Cox
@ 2001-07-25 9:43 ` Jordi Verwer
0 siblings, 0 replies; 3+ messages in thread
From: Jordi Verwer @ 2001-07-25 9:43 UTC (permalink / raw)
To: Alan Cox; +Cc: Linux Kernel Mailing List
> And what happens if you get a routing loop ?
Bad Things would happen, but I only have one router and since it's a NAT box
it isn't very likely to end up in a routing loop anyway.
> A NAT box really does need to drop the TTL. Nothing stops you giving it a
> more bizarre name, or indeed you can do what a few folks have found
> excruciatingly funny to do to tracerouters which is to spoof totally bogus
> icmp unreachables so they see crazy paths
What I wanted to do was be able to send my traceroutes to websites that
don't function properly, but since my NAT box is headless and I'd like to
avoid the hassle of SSH-ing to it, I do these traceroutes from one of my
internal machines. If I don't manually remove my NAT box from the list, the
braindead webmaster will allways blame my NAT box (which naturally is
innocent;)). But I suppose you do not want this to be possible. That is
understandable, but still BSD has a very clean implementation of
transrouting and I see no reason not to let Linux do this.
Jordi Verwer
P.S.: I adjust my computer's (which isn't mine btw, but belongs to my
"boss") date.
P.P.S.: Still not subscribed, so please CC any replies to me. Thank you.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2001-07-25 9:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2000-07-24 8:45 Externally transparent routing Jordi Verwer
[not found] <no.id>
2001-07-24 17:56 ` Alan Cox
2001-07-25 9:43 ` Jordi Verwer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox