Date: Sat, 9 Apr 2011 00:00:25 GMT From: Rudy <crapsh@monkeybrains.net> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/156268: jails don't use routing table Message-ID: <201104090000.p3900PJK090960@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/156268; it has been noted by GNATS. From: Rudy <crapsh@monkeybrains.net> To: bug-followup@FreeBSD.org, crapsh@monkeybrains.net Cc: Subject: Re: kern/156268: jails don't use routing table Date: Fri, 08 Apr 2011 16:04:42 -0700 Looks like just ICMP has issues... TCP OK 16:00:26.303086 IP 2.2.2.200.51884 > 3.3.3.3.80: Flags [F.], seq 1176726875, ack 3364247674, win 8326, options [nop,nop, TS val 188728165 ecr 659781298], length 0 16:00:26.325530 IP 3.3.3.3.80 > 2.2.2.200.51884: Flags [F.], seq 1, ack 1, win 2896, options [nop,nop,TS val 659796605 e cr 188728165], length 0 ICMP NOT OK 16:00:32.824971 IP 1.1.1.1 > 3.3.3.3: ICMP echo request, id 47701, seq 0, length 64 16:00:33.825828 IP 1.1.1.1 > 3.3.3.3: ICMP echo request, id 47701, seq 1, length 64 UDP OK (there is not dns on target... just a bogus UDP packet to see if src IP was OK) 16:00:41.826238 IP 2.2.2.200.43454 > 3.3.3.3.53: 63527+ PTR? 5.5.5.10.in-addr.arpa. (39) 16:00:41.838730 IP 3.3.3.3 > 2.2.2.200: ICMP 3.3.3.3 udp port 53 unreachable, length 75 Of course, I have security.jail.allow_raw_sockets: 1 or else I wouldn't be able to do ICMP at all. Looks like the raw sockets ignores routing table.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201104090000.p3900PJK090960>