From owner-freebsd-questions  Sat Apr 27 11:38:24 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id LAA29067
          for questions-outgoing; Sat, 27 Apr 1996 11:38:24 -0700 (PDT)
Received: from iectech.com (netgate.iectech.com [198.136.226.10])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id LAA29061
          for <questions@FreeBSD.org>; Sat, 27 Apr 1996 11:38:22 -0700 (PDT)
Received: by netgate.iectech.com id <6146>; Sat, 27 Apr 1996 14:38:09 -0400
From: Chris Peltier <CPELTIER@iectech.com>
To: "'questions@FreeBSD.org'" <questions@FreeBSD.org>
Subject: Re: Private Address forwarding by BSD
Date: Sat, 27 Apr 1996 14:31:17 -0400
X-Mailer:  Microsoft Exchange Server Internet Mail Connector Version 4.12.736
Encoding: 61 TEXT
Message-Id: <96Apr27.143809edt.6146@netgate.iectech.com>
Sender: owner-questions@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk


The consensus is that FreeBSD will forward packets from the private address
group as defined in RFC 1597.  
 I built a test network to prove the concept and it appears that FreeBSD
does
not forward private IP packets. The info describing the network is as
follows:

ifconfig -a
eth0: flags=41<UP,RUNNING> mtu 1500
	inet 211.1.1.89 netmask 0xffffffff 
de0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 198.136.226.1 netmask 0xffffff00 broadcast 198.136.226.255
	ether 00:00:f8:01:51:b1 
de1: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	ether 00:00:f8:01:51:bd 
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000 
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
etha100: flags=51<UP,POINTOPOINT,RUNNING> mtu 1500
	inet 206.137.132.18 --> 206.137.132.17 netmask 0xfffffffc 
etha101: flags=51<UP,POINTOPOINT,RUNNING> mtu 1500
	inet 207.76.242.1 --> 207.76.242.2 netmask 0xfffffffc 

netstat -rn
Routing tables

Internet:
Destination      Gateway            Flags     Refs     Use     Netif Expire
default          206.137.132.17     UGSc        8    27856   etha100
127.0.0.1        127.0.0.1          UH          0        5       lo0
192.168.1        link#3             UC          0        0 
192.168.1.1      0:0:f8:1:51:bd     UHLW        0       22       lo0
192.168.1.2      aa:0:4:0:6:4       UHLW        0        5       de1    891
192.168.1.5      0:0:f8:0:2:e4      UHLW        0       22       de1    717
198.136.226      link#2             UC          1        0 
198.136.226.1    0:0:f8:1:51:b1     UHLW        1      313       lo0
198.136.226.5    0:0:f8:1:4b:f7     UHLW        0      118       de0   1132
198.136.226.7    0:0:f8:1:51:7d     UHLW        1     1738       de0   1094
198.136.226.10   0:0:c0:33:8c:d6    UHLW        1       40       de0    538
206.67.12        206.137.132.17     UGSc        1        5   etha100
206.137.132.17   206.137.132.18     UH         11        0   etha100
207.76.242.2     207.76.242.1       UH          2       66   etha101
211.1.1.89       211.1.1.89         Uc          0        0      eth0

>From host address on the 192.168.1.0 net I cannot ping or traceroute past
192.168.1.1. From the
BSD box (192.168.1.1 and 198.136.226.1) I can reach everybody. From
207.76.242.1 I can reach
all hosts in the 198.136.226.0 network (and the rest of the internet for
that matter), however, the 
192.168.1.0 net is totally unreachable. From hosts on the 198.136.226.0
network I can reach
everywhere except the 192.168.1.0 net. IPFW kernel options are enabled but
no firewall chain entries
exist. IP forwarding is enabled. FreeBSD version 2.1.0.

It appears that FreeBSD does not forward private IP addresses or am I
missing something?

-- Chris Peltier