From owner-freebsd-hackers  Tue Dec  1 13:53:24 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA21886
          for freebsd-hackers-outgoing; Tue, 1 Dec 1998 13:53:24 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA21881
          for <hackers@FreeBSD.ORG>; Tue, 1 Dec 1998 13:53:22 -0800 (PST)
          (envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.1/8.9.1) id NAA10746;
	Tue, 1 Dec 1998 13:53:02 -0800 (PST)
	(envelope-from dillon)
Date: Tue, 1 Dec 1998 13:53:02 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199812012153.NAA10746@apollo.backplane.com>
To: Nate Williams <nate@mt.sri.com>
Cc: Luigi Rizzo <luigi@labinfo.iet.unipi.it>, nate@mt.sri.com (Nate Williams),
        hackers@FreeBSD.ORG
Subject: Re: TCP bug
References: <199812011811.LAA00104@mt.sri.com>
	<199812011619.RAA02622@labinfo.iet.unipi.it> <199812011834.LAA00343@mt.sri.com>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


:
:> > In trying to track down why some boxes in my network can't connect to
:> > certain WWW hosts, I determined that my FreeBSD is not routing the
:> > packets for some reason.  It's receiving them, and the firewall code
:> > *thinks* it's passing them on, but tcpdump doesn't see these packets go
:> > out on the wire.
:> 
:> just to understand, what is the problem related to ?
:
:...
:
:Yep, no difference.  It appears my router box is not passing packets
:through to the boxes on the internal ethernet.  I stuck the firewall on
:that box just to see if the TCP stack was getting the incoming packets,
:...
:Nate

    I've noticed that FreeBSD doesn't always bind the local side of the
    connection to the outgoing interface but instead binds the local side
    of the connection to some other interface.

    For example, if I have two interfaces and I telnet out, FreeBSD might
    not use the outgoing interface's IP address for the local address and
    instead might use the other interface's IP address.

    This can wreak havoc with firewalls and isolated subnets.  I don't
    know if FreeBSD-current has this problem, but FreeBSD-stable definitely
    did.

						-Matt

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message