Re: [PATCH net] net: vrf: Drop conntrack data after pass through VRF device on Tx

From: David Ahern Date: Wed, 14 Dec 2016 14:31:11 -0800 > Locally originated traffic in a VRF fails in the presence of a POSTROUTING > rule. For example, > > $ iptables -t nat -A POSTROUTING -s 11.1.1.0/24 -j MASQUERADE > $ ping -I red -c1 11.1.1.3 > ping: Warning: source address mi

[PATCH net] net: vrf: Drop conntrack data after pass through VRF device on Tx

Locally originated traffic in a VRF fails in the presence of a POSTROUTING rule. For example, $ iptables -t nat -A POSTROUTING -s 11.1.1.0/24 -j MASQUERADE $ ping -I red -c1 11.1.1.3 ping: Warning: source address might be selected on device other than red. PING 11.1.1.3 (11.1.1.3)