|
||||||||
I have a machine in a rack where I can get free power and free bandwidth. In return it is available as a time server with good integrity (multiple GPS and HF receivers). It is also a member of the ntp pool project, and that is where my problems begin. The monowall 1.3 in front of it acts as a router - it has routable addresses on both wan interface and the one my machine is on, and there is no NAT involved for the traffic between the wild internet and my machine. The normal traffic is not a problem; When Turk Telecom's broken DNS points all of Turkey at me, however, the state count in monowall goes up. Fast. And it sometimes exhausts the 30k state table, at which point all traffic suffers. What I need is primitive, stateless packet pushing between the two interfaces. Preferably without adding another box in front of it, since the monowall also acts as 6to4, pptp, and nat for the lan. Is there a way to get stateless routing through editing the XML? Or do I need to do a custom image using my truly lacking pf skills? /Kasper Pedersen |