From owner-freebsd-net@FreeBSD.ORG Wed May 6 20:05:27 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AEA5C24F; Wed, 6 May 2015 20:05:27 +0000 (UTC) Received: from mail-yh0-x22b.google.com (mail-yh0-x22b.google.com [IPv6:2607:f8b0:4002:c01::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6CB3016AF; Wed, 6 May 2015 20:05:27 +0000 (UTC) Received: by yhrr66 with SMTP id r66so5426511yhr.3; Wed, 06 May 2015 13:05:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NyhY04Tb1aB790TVHCV6HCK4PzsQtoXpikoS/Rf/0Z0=; b=z2w9pbNSW4CfHBsWgApUQ+z4gcsLH7QpRea9iLFn+HC5X8syan9SbXFeyiwwkuvq5c Vn2281HhWXgEOc3mFgOdrJNGGVyjUvaqPg4o/nAgIMtAIP02/glnIzAz36vg9QM1I4z+ qy6znqXIo48k+fj76hdne7zYBK76ekdeQuPO4YZTbvG5WFEsk1up1gCO8nPkHKY2rDK6 vVkNGEB9PVQMVH7HjJEhyoYoISZf7YxX3N5awVrbQoDy2X0YYbn6xeJ1+TKfH1x/ThRk fWfi8xU89aswg1nXGmqXDmLcz7CTNSi9NL3D/xI2CJ6z7W1BRRpKT5p+xbqYIi7rhRhd owJQ== MIME-Version: 1.0 X-Received: by 10.236.13.80 with SMTP id a56mr331665yha.25.1430942726635; Wed, 06 May 2015 13:05:26 -0700 (PDT) Received: by 10.13.252.6 with HTTP; Wed, 6 May 2015 13:05:26 -0700 (PDT) In-Reply-To: References: Date: Wed, 6 May 2015 22:05:26 +0200 Message-ID: Subject: Re: FreeBSD makes linux think other subet is in same lan. From: Martin Larsson To: =?UTF-8?Q?Ermal_Lu=C3=A7i?= Cc: freebsd-net Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 May 2015 20:05:27 -0000 yes, without adding the route, ping -S 192.168.1.1 10.11.12.13 works. On Wed, May 6, 2015 at 9:51 PM, Ermal Lu=C3=A7i wrote: > > > On Wed, May 6, 2015 at 2:51 PM, Martin Larsson > wrote: > >> This is a small summary of >> >> https://forums.freebsd.org/threads/routing-issue-with-ipsec-windows-work= s-linux-doesnt.51201/ >> . >> >> >> Setup: >> My side >> 192.168.1.0/24 >> Freebsd (default gateway and ipsec gateway, 192.168.1.1) >> windows, linux etc >> >> 10.11.12.0/24 >> other net >> >> 1: connect with ipsec to another subnet. >> When tunnel is up, all computers behind can ping the remote subnet, but >> not >> freebsd itself. >> > > Did you try by running ping with -S option to ping? > Normally you should not need the route below since ping needs to be > sourcing from your LAN ip to go to the other end. > > >> So, I add a route: route add -net 10.11.12.0/24 192.168.1.1 >> >> Now, FreeBSD itselt can also ping 10.11.12.0/24 host, but Linux stop >> working. >> windows can ping in both cases though. >> >> Here is arp -n on linux after the route is added on the freebsd gateway. >> >> Linux:~ # arp -a >> ? (10.11.12.13) at on eth0 >> ? (192.168.1.125) at b4:52:7e:95:2a:f5 [ether] on eth0 >> ? (192.168.1.1) at 00:1b:21:00:62:62 [ether] on eth0 >> ? (192.168.1.160) at 84:38:38:6a:ec:91 [ether] on eth0 >> ? (192.168.1.6) at 1c:6f:65:21:36:96 [ether] on eth0 >> ? (192.168.1.5) at 00:1a:4d:63:d8:5c [ether] on eth0 >> >> So somehow it thinks 10.11.12.0/24 is in its lan. >> This very same scenario works fine if I replace my freebsd gateway with >> openbsd or linux. >> So could this be a bug or am I doing something wrong? >> >> Best regards >> Niklas >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > > > > -- > Ermal >