From: Andrzej O. <an...@ma...> - 2009-12-08 13:24:37
|
Serge Leschinsky wrote: > On 12/04/2009 07:42 AM, Andrzej Odyniec wrote: >>The main difference, I think, is Quagga version -- now 0.99.15 patched for >>realms using diffs for 0.99.12. >>I will try now to patch it (mainly bgpd) by newest accessible set of Adrian >>Ban patches based on Calin Velea patches for realms tested for 0.99.14. > > Thanks for pointing to the problem - I've updated the patch in DL sources. Patch > for 0.99.14 is completely compatible with 0.99.15, the difference is only the > line with version. Thanks Serge, Yes. I know about this compatibility. BTW. Pointing of incompatibility of Quagga and patches for realms was absolutely side-effect. Real problem is (I think now) in other place. It is hard to test problems with routing on real company network. I can do it only immediately after midnight. But I tested this effect on all accessible version combinations of quagga with and without realms patch set: 13, 14 and 15. All works on DL compilation from july and all is not correct working on last compiled DL. I think, there is no problem with quagga, but with Shorewall. Tom Eastep changed Shorewall functionality in many places. Kernel was changed too. In July was Shorewall 4.2.6 and now is Shorewall 4.4.2. With last DL I see on border interfaces via tcpdump ping packets from my south Branches like from other Divisions, but there is no answers for this from south and is normal echo answer for rest of pings. There is no this effect when I load DL from July. I have open Shorewall for ping from all directions. Shorewall configuration was this same, but probably interpretation has changed. Maybe now is used source route (or other new) criterium? I need read discussion on Shorewall list and look on counters in netfilter rules. BTW. Thanks. Regards Andrzej |