Re: npf and source routing

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

>> Sounds like what srt is designed for.
> I remember I wanted to git it a try some time ago, but the "srt is
> EXPERIMENTAL" comment in conf/ALL discouraged me.  Is that comment
> still relevant?

I don't know.  I've been using it routinely.  I'm not aware of anyone
else who has been, but I wouldn't expect to be.  I have not, however,
been using it in anything past 5.2, because I don't run anything past
5.2 (for unrelated reasons)[%], so I have no experience to say whether
or not it's bitrotted.

[%] Except at work, and the work setup isn't using srt.

> Anyway, thanks for the setup tutorial!  Maybe it should be added to
> the srtconfig man page?

You're welcome!  Putting it somewhere would be reasonable - either in
the manpage or somewhere else (/usr/share/examples?) with a pointer
from the manpage.

Rereading what I wrote, though, I think I made a mistake.

>	srtconfig srt0 set 0 10.0.0.0/24 vlan0 10.0.0.1
>	srtconfig srt0 set 1 172.16.0.0/24 vlan1 172.16.0.1

I think those need to be

	srtconfig srt0 set 0 10.0.0.0 /24 vlan0 10.0.0.1
	srtconfig srt0 set 1 172.16.0.0 /24 vlan1 172.16.0.1

(this is a misfeature in srtconfig; someone(tm) should fix it).

It's been years since I was in a position to commit anything, though.
I could send-PR it, or you could; since you're presumably using the
more recent system, it might make more sense for you to.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B