Good Evening, There seems to be a bug in iproute caused by nla policy introduction to the kernel: http://mailman.ds9a.nl/pipermail/lartc/2007q1/020493.html So I was not able to set ip rules using e.g.: ip rule add from all fwmark 3 table TONLINE1 which lead to an error: RTNETLINK answers: Numerical result out of range I did the trick with replacing 'all' with '0.0.0.0/0' Best Regards Marcus