17 Aug
2011
17 Aug
'11
8:01 p.m.
Ondrej, --On 17 August 2011 22:08:19 +0200 Ondrej Zajicek <santiago@crfreenet.org> wrote:
One thought - you can use 'ip route add proto kernel', such route (like other kernel routes) will not be learned even if you have 'learn' and 'import all' in kernel protocol. But it is a hack.
Sure. I am more concerned about a random operator putting in a new route without thinking - this is essentially an appliance. We've all (at least once) leaked a pile of routes through unintended redistribution, and I want to make things as idiot-proof as possible. Manually installed routes all go in as "boot" (IIRC), whereas I'm currently installing mine as "static" (though I could choose anything). -- Alex Bligh