From owner-freebsd-net@FreeBSD.ORG Tue Dec 9 05:03:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C44A516A4CF for ; Tue, 9 Dec 2003 05:03:33 -0800 (PST) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33E2A43D1D for ; Tue, 9 Dec 2003 05:03:32 -0800 (PST) (envelope-from andre@freebsd.org) Received: (qmail 57457 invoked from network); 9 Dec 2003 13:03:30 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 9 Dec 2003 13:03:30 -0000 Message-ID: <3FD5C822.8E3CA370@freebsd.org> Date: Tue, 09 Dec 2003 14:03:30 +0100 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: haesu@towardex.com References: <20031208185320.GA45737@scylla.towardex.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Sourcing ICMP reply to a different ip address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Dec 2003 13:03:33 -0000 haesu@towardex.com wrote: > > Hi, > > Is there anyway to source the ICMP reply (i.e. ttl-exceeded for traceroute) on > a FreeBSD box acting as router to an IP address different than the one bound on > the interface, in which the destination route is pointed at? > > For example: > > Let say we have an asymmetric routing situation here... > > A client host is 1.2.3.4, and the FreeBSD box has fxp0 with 2.2.2.2, and fxp1 > with 3.3.3.3, > > Client runs traceroute to a host routed by the FreeBSD router. The packet > arrives on FreeBSD router's FXP0 interface. But the route for 1.2.3.4 (client) > on router's routing table points out to FXP1. > > Here in this case, the icmp ttl-exceeded message from the FreeBSD router will > be sourced from 3.3.3.3, which is the main ip address of FXP1 (hence, the > interface where route for 1.2.3.4(the client) is bound to) > > I'm looking to make it so that if a packet arrives on FXP0, I'd like the FreeBSD > box to respond icmp ttl-exceeded OUT via FXP0, with source address of FXP0's IP. > So in other words, I'd like to have icmp replies go out via the interface the > packet originally hit the box, instead of via the interface that holds the > route for the source of the packet. This type of implementation is done on > some vendors (including Cisco) and sometimes can be helpful troubleshooting > asym. routing situations.. Yes, this can be done. Nice feature for debugging as you say. I've got a couple of other things in the priority queue first. It'll be after christmas/new-year until I can do it. -- Andre