Re: [44net] Routing and encap minor issue in JNOS

Also, Mark: What we've been suggesting to you, namely "ip rule ...", is not iptables. The "ip" command is part of the iproute2 policy routing package. Another reason to perform the gateway function in linux is to be able to apply firewall rules to the tunnel traffic. If the ip/ip tunnel traffic is decapsulated in linux, then you can apply firewall rules to it within linux, before forwarding it across to JNOS. Otherwise, you're tunneling through your firewall directly between the Internet and JNOS. Michael N6MEF