Simon White wrote:
>
> Interesting, I just stumbled across this in a totally different context,
> but those of you doing interception caching may benefit from a quick read
> here:
>
> http://lartc.org/HOWTO//cvs/2.4routing/html/x1780.html
>
> Basically it uses packet marking and iproute2 instead of just redirecting
> via an iptables rule, which appears to be a better way of doing things. I
> may be wrong, your comments appreciated.
Unfortunately doing this will cause problems with Path MTU discovery
between the clients and the proxy as ICMP packets are not redirected.
But the solution is there in form of my CONNMARK iptables extension
(found in patch-o-matic of current iptables versions).
Regards
Henrik
Received on Sat Apr 27 2002 - 04:07:24 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:43 MST