13 Jul
2017
13 Jul
'17
3:18 p.m.
Try turning off RPF (return path filtering at the
kernel level) if it goes out on one interface and comes in the other, then RPF is almost
always at fault as it will by default drop the connection
I expect it is something invisible and nasty like that, but rp_filter is not active on
that system.
(I never enable this because it is so difficult to monitor what it does... on gw-44-137 I
use packet
marking using the "rpfilter" matcher in mangle and drop of the marked packets
with logging in the filter)
Rob