[OpenSIPS-Users] mediaproxy stops relaying packets
Ruud Klaver
ruud at ag-projects.com
Fri Jul 24 18:28:56 CEST 2009
Hi Jeff,
On 24 Jul 2009, at 14:34, Jeff Pyle wrote:
> Hi Ruud,
>
> Well that was easy... Resetting the rp_filter values to 0 fixed
> it. I had
> forgotten about that until I looked in the /etc/sysctl.conf on your
> recommendation and noticed the change from before.
>
> Now, everything acts as expected with the route tables while the
> relay is
> forwarding in userspace. All packets enter and leave through eth1.
> As soon
> as it flips to the conntrack rule the tables no longer apply.
> Outbound,
> relayed packets leave with the correct eth1 source IP address but
> via eth0.
> Inbound packets still arrive via eth1 since that's the IP they're
> sent to.
>
> I don't know enough about kernel route tables and conntrack rules to
> begin
> to explain the odd interaction. I suppose it doesn't matter much,
> now that
> reverse path filtering has been disabled once again.
>
> Ultimately I suppose it doesn't matter. Both interfaces connect to a
> layer-3 switch that doesn't know what reverse path filtering is.
> Upstream
> from the switch is all one IP pipe anyway.
>
> Thanks for your help.
>
>
>
> - Jeff
Great, good to hear at least something is working. Whenever I do some
dodgy routing things this variable tends to cause a lot of headaches,
so it was just a hunch that it may have been in the way...
To be honest, I have never actually used that ip route tables
mechanism that you mention and I have no idea how or where it is
applied. Apparently it is something that is entirely bypassed by linux
connection tracking. If you want a quick fix, you could probably add a
rule to the mangle/POSTROUTING table to force the packets being
proxied to go out through eth1.
Best of luck with the setup.
Ruud Klaver
AG Projects
More information about the Users
mailing list