Hi Guys Does anyone have any idea as to the following? Mar 23 02:02:58 firewall kernel: Neighbour table overflow. Mar 23 02:02:58 firewall kernel: MASQUERADE: No route: Rusty's brain broke! Mar 23 02:03:03 firewall kernel: NET: 6 messages suppressed. Mar 23 02:03:03 firewall kernel: Neighbour table overflow. Mar 23 02:03:03 firewall kernel: MASQUERADE: No route: Rusty's brain broke! Mar 23 02:03:08 firewall kernel: NET: 6 messages suppressed. Mar 23 02:03:08 firewall kernel: Neighbour table overflow. Mar 23 02:03:10 firewall kernel: MASQUERADE: No route: Rusty's brain broke! Mar 23 02:03:11 firewall kernel: MASQUERADE: No route: Rusty's brain broke! About here to firewall stops responding to the network. This is a minimum SuSE 9.0 + SuSEfirewall2 box that has been running fine for 2 months until I added the following Policy based routing to push all traffic from the internal web proxy (10.10.1.4) out via a cheaper ADSL connection (10.13.1.2) instead of the more expensive Leased line (218.x.x.x) ip route add 10.13.0.0/16 via 10.13.1.1 table networka proto static ip route add default via 10.13.1.2 table networka proto static ip route add 218.x.x.y/29 via 218.x.x.x table networkb proto static ip route add default via 218.x.x.x table networkb proto static ip rule add from 10.10.1.4 to 0/0 pref 15000 table networka These 2 routes are actually on 2 different ethernet interfaces, but that should not make any difference.. SuSEfirewall is configured to MASQ on both external interfaces. (Yes, I know double nat to the ADSL "router" is not necessarily good, but it should work..) TIA for any help.. -- Viel Spaß Peter Nixon - nix@susesecurity.com SuSE Security FAQ Maintainer http://www.susesecurity.com/faq/ "If you think cryptography will solve the problem, then you don't understand cryptography and you don't understand your problem."