Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 01 Aug 2017 08:04:09 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 221137] FreeBSD 11+ does not send ICMP redirects
Message-ID:  <bug-221137-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221137

            Bug ID: 221137
           Summary: FreeBSD 11+ does not send ICMP redirects
           Product: Base System
           Version: 11.1-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: igorr@speechpro.com

Created attachment 184886
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D184886&action=
=3Dedit
Very naive patch to support ICMP redirects.

On default gateway "internal" interface has IP 192.168.2.4/21
Also there is dedicated router for 192.168.8.0/23 network.=20
So part of routing table on default gateway looks like:
192.168.0.0/21     link#5             U           em0
192.168.8.0/23     192.168.5.116      UGS         em0

Router 192.168.5.116 is accessible from our internal network (of course).

When we had FreeBSD 9.2 on 192.168.2.4 and tried to access some host in
192.168.8.0/23 network it would send ICMP redirect message with new route:

PING 192.168.8.118 (192.168.8.118): 56 data bytes
36 bytes from gw.stc (192.168.2.4): Redirect Host(New addr: 192.168.5.116)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 4442   0 0000  3f  01 ab86 192.168.2.26  192.168.8.118=20


I have upgraded FreeBSD version on our default gateway from 9.2 to 11.0. And
now it does not send ICMP redirects.

I assume that this is caused by removing net.inet.ip.fastforwarding sysctl:
https://svnweb.freebsd.org/base?view=3Drevision&revision=3Dr290383

Unfortunattely we need ICMP redirects, because not all equipment support
getting routes via DHCP options, also some of our workstations and servers =
have
static IP addresses and don't use DHCP.

I have created very naive patch against FreeBSD 11-STABLE (revision 321782).
And now ICMP redirects work. Patch is attached. It just checks if packet sh=
ould
be routed to same interface it was received from and in this case just pass
control from ip_tryforward() to ip_input() by returning not NULL.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-221137-8>