Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Jul 2007 03:08:44 +0700 (NOVST)
From:      m_wlist@weirdwire.ru
To:        "Milan Obuch" <freebsd-net@dino.sk>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Policy-based routing for packets originating from local  machine ('reinject' packets back into kernel?)
Message-ID:  <52002.10.23.23.1.1185134924.squirrel@mail.weirdwire.ru>
In-Reply-To: <200707221744.11119.freebsd-net@dino.sk>
References:  <51976.10.23.23.1.1185116844.squirrel@mail.weirdwire.ru> <200707221744.11119.freebsd-net@dino.sk>
index | next in thread | previous in thread | raw e-mail 

> On Sunday 22 July 2007, m_wlist@weirdwire.ru wrote:
>> At the moment I'm trying to get that working with netgraph's ngeth
>> interfaces. But they seem to behave in some really weird way.
>> Details:
>> # ifconfig ngeth0 10.42.42.1 netmask 255.255.255.250
>
> Netmask 255.255.255.250 looks weird to me. Something like this is really
> unusual. What does ifconfig ngeth0 show?

Oh. Yes, that was a typo in command that I've copypasted here.
Thank you for pointing to that.

>> # ngctl connect ngeth0: ngeth1: lower upper
>> # ngctl connect ngeth1: ngeth0: lower upper
>> ('tcpdump -ni ngeth0' on other terminal for great justice)
>> # ping 10.42.42.2
>> (here after some delay I get 'host is down' messages with no output from
>> tcpdump).
>> # ping 10.42.42.5
>> (broadcast address, gives nothing from ping, and 'blal blah 10.42.42.1 >
>> 10.42.42.5: ICMP echo request, blah' from tcpdump)
>> (here i change tcpdump from ngeth0 to ngeth1)
>> # ping 10.42.42.2 and # ping 10.42.42.3
>> give 'host is down' from ping and nothing from tcpdump
>> # ping 10.42.42.4
>> (LOL WUT!) still gives 'host is down' from ping, but tcpdump -ni ngeth1
>> gives 'arp who-has 10.42.42.4 tell 10.42.42.1'!
>>
>> That raises two questins:
>> 1) Wtf is going on?
>> 2) How to make ngeth just send ip packet, avoiding that arp stuff (or is
>> there any other virtual interface devices available that do that)?
>>
>
> I can't comment on these question, but my recommendation would be to
> choose
> more usual mask - if it's not a typo, this could cause various interesting
> errors.

Now It looks more sane -- arp messages appear on trying to ping every
(except first that belongs to ngeth0) ip in that subnet.
So the second question is still open.
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52002.10.23.23.1.1185134924.squirrel>