Date: Sun, 29 Aug 2010 21:09:39 +0200 From: volker@vwsoft.com To: =?ISO-8859-1?Q?=D6zkan_KIRIK?= <ozkan.kirik@gmail.com> Cc: net@freebsd.org Subject: Re: Default router changes unexpectedly Message-ID: <4C7AB073.2040802@vwsoft.com> In-Reply-To: <AANLkTinQ3=6eqOLBzJF18dHb=-oEu-G6AmSG9C7TqwKW@mail.gmail.com> References: <AANLkTinQ3=6eqOLBzJF18dHb=-oEu-G6AmSG9C7TqwKW@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 08/29/10 19:50, Özkan KIRIK wrote: > Hi, > > I am using FreeBSD 7.3 STABLE-201004. IPFW + In kernel NAT and if_vlan > used mostly. > System has 3 em interfaces. Scenario is classical, LAN DMZ WAN. > > Sometimes default router changes unexpectedly. I inspected logs if > someone logged in or changed route. I found nothing. > This problem repeats at least 1 times per day. I wrote a shell script > which monitors the default router. > I saw that sometimes netstat -rn shows that default router is changed > as 10.3.1.64 or 10.5.3.189 etc. which are client IP addresses but > routing still routes to right router 212.X.Y.Z . > After a while, routing really fails. > I use em nics for all. > At the weekends (when most clients are now working) i dont have any problems. > I think some network packets affects the defaultrouter. > I tried to block packets belongs to the IP addresses which shown as > default router (10.3.1.64, 10.5.3.189 etc.. ). Then the problem is > solved. > > I wonder how the default router can be changed with packets that came > from network? > How can i prevent this without writing firewall rules? > Or which packets should I drop? > > Any ideas? Özkan, just one: Do you see RIP (521/tcp, 521/udp) traffic? Volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C7AB073.2040802>