Re: [mpls-linux-general] problems with classes and iptables
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
Re: [mpls-linux-general] problems with classes and iptables
|
From: Javier L. <jml...@gm...> - 2008-04-24 10:29:09
|
> If I remember correctly the MPLS target should only be used > in the POSTROUTE or OUTPUT chains, quite possibly only in the 'mangle' table. But, here, Ethernet over MPLS example for mpls-linux-1.95x<http://sourceforge.net/docman/display_doc.php?docid=31115&group_id=15443> I find: ebtables -t nat -A PREROUTING -i eth1 -j mpls --nhlfe 0x2 If you use the POSTROUTE or OUTPUT chain, you won't be able to use de -i eth1 option. And about the problem, if I create the key and do iptables -A FORWARD -s 172.16.30.0/24 -m dscp --dscp 26 -j mpls --nhlfe 0x2 I have no problem: [root@localhost ~]# iptables -A FORWARD -s 172.16.30.0/24 -m dscp --dscp 26 -j mpls --nhlfe 0x2 [root@localhost ~]# iptables -L Chain FORWARD (policy ACCEPT) target prot opt source destination mpls all -- 172.16.30.0/24 anywhere DSCP match 0x1a nhlfe 0x2 I only obtain the invalid argument response if I haven't created the key first. So I don't know why it is not working. |
