[plug] Prevent Gateway from redirecting

vertito vertito at aim-consultants.com
Sat Dec 30 04:43:38 WST 2006 

i presume you are have a flat network on that subnet as the routing and switch table
shows there's a direct and shorter route hop to the modem instead of going to the gateway
first.

why not implement a VLAN ? 
or connect the whole subnet directly to the other interface of the linux box using
a crossed cable so everything goes to the gateway straight first before the modem,
as an alternative to switched VLAN network.

HTH
 

-----Original Message-----
From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf Of Timothy White
Sent: Friday, December 29, 2006 8:41 AM
To: plug at plug.org.au
Subject: Re: [plug] Prevent Gateway from redirecting

On 12/29/06, Adrian Chadd <adrian at creative.net.au> wrote:
> On Fri, Dec 29, 2006, Timothy White wrote:
>
> > A number of things shouldn't go through the gateway though, and I 
> > don't want to be changing routes for them. Namely, VoIP needs the 
> > redirect so it can go straight via the modem (not just for lowest 
> > latency, but also because of it's physical connection, no point 
> > jumping through 2 switches just to jump back! And if someone in the 
> > house starts playing games...
>
> I'd be surprised if VOIP going via your linux box made any actual 
> difference. Except, of course, when your Linux box was down.
> If it did then you could just setup priority queueing on your Linux 
> box so it treated VoIP packets with higher priority and dequeued them 
> as such.

Hmmm, I had forgot that would let me finally do QoS....

>
> > >Still - just disable ICMP redirects. I'm sure there's a way to do 
> > >selective ICMP redirect responses based on iptables rules but it'll 
> > >be more trouble than its worth in the long run.
> >
> > Any ideas on that? Once I finish recompiling my local kernel with 
> > iptables support (left out due to the fact it never needed it, being 
> > totally firewalled in with 2 other firewalls), I'll do the redirect 
> > locally, if I can work out which table it now needs to go in!!
>
> Erm, which distro are you using? modprobe iptables should do the trick..

Ubuntu, but I compiled a custom kernel for my own machine for a few reason.

>
> Nope, no idea. I haven't deployed that kinda stuff - I just turn off 
> ICMP redirects and configure routers right. :)

I may just try that, now I realise QoS would be avaliable...
:-D

Thanks

Tim
--
Linux Counter user #273956
Don't email joeblogs at scouts.org.au
_______________________________________________
PLUG discussion list: plug at plug.org.au
http://www.plug.org.au/mailman/listinfo/plug
Committee e-mail: committee at plug.linux.org.au

More information about the plug mailing list