[mpls-linux-general] problems using netfilter
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
[mpls-linux-general] problems using netfilter
|
From: <due...@cs...> - 2002-01-31 11:27:45
|
Hi all,
we have encountered some problems using
the mpls-iptables patch. We wanted to use
netfilter at the ingress node to bind labels
to specific ip traffic.
Here's what we did:
- first patched linux kernel 2.4.14 with mpls-linux-0.993
- second applied mpls-iptables-0.3 patch (.full patch)
- made menuconfig ("netfilter MPLS match support",
"Packet mangling/MPLS target support" + the "normal"
MPLS stuff)
- patched and compiled iptables 1.2.2
Excerpt from our configuration script:
...
mplsadm -v -A -O gen:33:eth1:ipv4:192.168.2.3
KEY3=`grep 'gen 33' /proc/net/mpls_out | cut -d' ' -f1`
iptables -v -I PREROUTING -t mangle -d 192.168.6.1 \
-s 192.168.5.2 -j MPLS --set-mpls 0x$KEY3
This all works so far (giving no error messages
from mplsadm or iptables), but the traffic seems
to be forwarded normally using the ip routing table,
although the packet counter of iptables shows that
the rule matched.
Has anybody experienced similar problems?
Which combination of the linux kernel/patches is known to be
working best?
Thanks,
Uli & Daniel
|
