Date: Fri, 20 Oct 2006 16:03:01 -0700 From: Chuck Swiger <cswiger@mac.com> To: Brian Hawk <brian@tnetus.com> Cc: freeBSD List <freebsd-questions@freebsd.org> Subject: Re: Gateway problem Message-ID: <C69558AB-9B87-4DA2-A1B3-216D16EB0955@mac.com> In-Reply-To: <45394C2A.8090205@tnetus.com> References: <45391895.8010507@tnetus.com> <200610202337.21893.dpenev@mnet.bg> <45394C2A.8090205@tnetus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 20, 2006, at 3:22 PM, Brian Hawk wrote: >> No, you are wrong. Packet will be forwarded to default gateway >> through the interface which is on same network with it. You need >> some kind of policy routing. I'm not very familiar with ipf but >> with pf you can do: >> > Unfortunately it doesn't go thru the interface which has Src IP > address same as with it. But goes thru the default gateway. But > since the Src IP address in the IP packet is 212.64.212.180, all > TCP replies come from the right interface (xl1) which makes sense > because the devices on the internet wouldn't make the same mistake. >> pass out on $ext_if0 route-to ($ext_if1 $ext_gw1) inet from >> $ext_if1 to any >> pass out on $ext_if1 route-to ($ext_if0 $ext_gw0) inet from >> $ext_if0 to any >> or with ipfw you can use "fwd" rule action. >> > a "fwd" cannot solve my problem because it likes to forward packets > to a certain IP addr or an IP:port, which is not what I want. I > just need to forward (or rather route) them thru an "interface". > Again, I still think this is what FreeBSD should really be doing > for packets which have interface's IP as Src IP addr in the IP > header. The source address of a packet is irrelevant to normal routing; only the destination matters. Unless you set up a routing daemon which implements other policies, the FreeBSD TCP/IP stack uses only the destination address to do a lookup in the kernel's routing table, using the most precise matching route, or the default route if one is present and no other route is available. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C69558AB-9B87-4DA2-A1B3-216D16EB0955>