Hi,
I noticed that my WAN IP became unreachable from within the LAN when I had a default route in a secondary routing table with dhcp-interface, e.g.
```
set protocols static table 10 route 0.0.0.0 dhcp-interface eth0
```
I managed to narrow it down to **vyatta-cfg-quagga/scripts/vyatta-static-dhcp.pl**:
```
if (($oip ne $nip) && ($table ne "main") && ($route eq "0.0.0.0/0")) {
my $mark = 0x7fffffff + $table;
if ($oip ne "") {
system("sudo /sbin/iptables -t mangle -D OUTPUT -s $oip/32 -j MARK --set-mark $mark");
}
if (($nip ne "") && ($nip ne "127.0.0.1")) {
system("sudo /sbin/iptables -t mangle -D OUTPUT -s $nip/32 -j MARK --set-mark $mark");
system("sudo /sbin/iptables -t mangle -I OUTPUT -s $nip/32 -j MARK --set-mark $mark");
}
}
```
Why is mMarking here required? Logically, shouldn't local replies, from the router, always go via the main table?the WAN IP here does not seem to scale well, I don't see how this would scale if default routes using the same dhcp-interface were being used across multiple if the same rule is used across multiple table only the first rule will be matched in iptables. E.g.
```
set protocols static table 10 route 0.0.0.0 dhcp-interface eth0
set protocols static table 20 route 0.0.0.0 dhcp-interface eth0
```Which could result in blackholed reply packets.