solved it (at lest for me) "MASQUERADE: Route sent us somewhere else."

• Previous message: Suparna Bhattacharya: "Re: [PATCH linux-2.6.0-test10-mm1] dio-read-race-fix"
• Next in thread: Anders Westrup: "Re: solved it (at lest for me) "MASQUERADE: Route sent us somewhere else.""
• Reply: Anders Westrup: "Re: solved it (at lest for me) "MASQUERADE: Route sent us somewhere else.""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: linux-kernel@vger.kernel.org
Date:	Thu, 08 Jan 2004 22:52:26 -0500

Hi,

        I figured out my routing problems which were causing

MASQUERADE: Route sent us somewhere else.

messages from the kernel. I use iptables to masquerade and mangle
packets so with the advanced router features i can send it out
appropriate interfaces (i.e. web traffic out my residential ISP service
not my commercial ISP service). See the earlier thread on this for more
info (Subject 2.4.23 masquerading broken?). I got a useful reply from
Martin Josefsson who suggested that ipt_MASQUERADE could no longer find
the input-interface anymore. Upon further investigation and it seems all
the rules with iif or from in them no longer work (at least for me). So
rules like the following will cause the error in post 2.4.22 kernels.

ip rule add pri 420 from IP lookup TABLE

I now use exclusively rules of the form

ip rule add pri 420 fwmark MARK table TABLE

and mark all packets needing special routing with mangling rules such as

iptables -t mangle -A PREROUTING -s IP -j MARK --set-mark MARK

this seems to prevent the problem. Don't know what changed in the
kernel.

                Neal

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Previous message: Suparna Bhattacharya: "Re: [PATCH linux-2.6.0-test10-mm1] dio-read-race-fix"
• Next in thread: Anders Westrup: "Re: solved it (at lest for me) "MASQUERADE: Route sent us somewhere else.""
• Reply: Anders Westrup: "Re: solved it (at lest for me) "MASQUERADE: Route sent us somewhere else.""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: [patch 4/10] s390: network driver. ... if the kernel is going to queue these packets without notifying ... However, AFAICS, there are no such notification mechanisms on a ... per-packet basis implemented in the kernel. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: IPsec AH failure over IPv6 ... Tcpdump reads the packets but they are not passed on to netperf. ... Im using manual keying, and the 2.5.75 kernel. ... James Morris ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) repeated Oops on Kernel 2.6.12.2 ... module that spawns a kernel thread to perform a task on a group of packets. ... To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ ... (Linux-Kernel) Issue on packets sending through ip_route_output_key() to xfrm_lookup() in native IPsec ... xfrm_lookup(struct dst_entry **dst_p, struct flowi ... kernel will call ... Are these packets all ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: Linux 2.4.23-pre1 ... Aug 28 10:48:42 pc kernel: NET: 1 messages suppressed. ... Aug 28 10:48:43 pc kernel: MASQUERADE: Route sent us somewhere else. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel)