add some context for the next guy

2026-04-01 05:25:18 +02:00 · 2026-03-04 13:38:58 -06:00
parent a2c2235b9b
commit 3e3bd9cead
1 changed files with 4 additions and 0 deletions
--- a/overlay/tun_linux.go
+++ b/overlay/tun_linux.go
@@ -560,6 +560,10 @@ func (t *tun) addRoutes(logErrors bool) error {
 	}

 	if t.snatAddr.IsValid() {
+		//at least for Linux, we need to set a return route for the SNATted traffic in order to satisfy the reverse-path filter,
+		//and to help the kernel deliver our reply traffic to the tun device.
+		//however, it is important that we do not actually /assign/ the SNAT address,
+		//since link-local addresses will not be routed between interfaces without significant trickery.
 		return t.setSnatRoute()
 	}
 	return nil