Date: 14 Dec 2007 11:20:32 +0100 From: vermaden <vermaden@interia.pl> To: freebsd-net@freebsd.org Subject: default route Message-ID: <20071214102032.51D6D259A3A@f16.poczta.interia.pl>
next in thread | raw e-mail | index | archive | help
> Good day.
>=20
> Fri, Dec 14, 2007 at 10:11:24AM +0100, vermaden wrote:
> > network 10.0.0.0/24 is put on rl0 and 192.168.0.0/16
> > is on rl1, default router is set to 10.0.0.1 on /etc/rc.conf as
> > defaultrouter=3D"10.0.0.1", the problem:
> >=20
> > When I ping some box from 10.0.0.0 network, it responds, when some box
> from
> > 10.0.0.0 network ping my box, my box responds, when I ping someone from
> > 192.168.0.0 network, he responds, when someone from 192.168.0.0 network
> > pings me my box does not response, propably packets are coming IN by
> rl1
> > and going out by defaultgateway 10.0.0.1 so thru rl0,
>=20
> 1. You can inspect where the system will send the packet for the
> host in 192.168/16 by doing 'route get 192.168.X.Y'. In normal
> (or simple) conditions this should give you rl1, since 192.168
> sits on that interface (provided that you didn't played with
> routing table manually).
>=20
> 2. When someone from 192.168 pings you, you can spawn two tcpdump
> instances: 'tcpdump -lvvni rl0 icmp' and 'tcpdump -lvvni rl1 icmp'
> and watch for the ICMP packets and interfaces on which they are
> coming in/going out.
>=20
> 3. Check your firewall: may be it is blocking ICMP replies to the
> 192.168/16. Or may be some external firewall blocks ping
> attempts from 192.168/16. Tcpdump should show you the overall
> picture.
> --=20
> Eygene
Thanks for reply
Just to clarify, I do not use any firewalls there currently, not even compi=
led in kernel.
Here are the results:
zenek# netstat -rnfinet
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.0.0.1 UGS 0 708337 rl0
10/24 link#1 UC 0 0 rl0
10.0.0.1 00:90:27:5d:f7:3b UHLW 2 18728 rl0 1102
10.0.0.7 00:e0:18:0d:d3:3d UHLW 1 1108731 rl0 1186
10.0.0.107 00:90:27:77:fd:98 UHLW 1 126428 rl0 685
127.0.0.1 127.0.0.1 UH 0 14 lo0
192.168/16 link#2 UC 0 0 rl1
192.168.1.23 00:02:b3:d0:bd:f0 UHLW 1 2 rl1
192.168.1.24 00:06:29:99:02:9d UHLW 1 71 rl1 730
192.168.1.44 00:90:cc:b6:18:1f UHLW 1 1 rl1 1042
192.168.1.45 00:90:cc:c4:21:25 UHLW 1 1 rl1 1199
zenek# ifconfig rl0
rl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
=09options=3D8<VLAN_MTU>
=09inet 10.0.0.71 netmask 0xffffff00 broadcast 10.0.0.255
=09ether 00:90:cc:de:5e:0c
=09media: Ethernet autoselect (100baseTX <full-duplex>)
=09status: active
zenek# ifconfig rl1
rl1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
=09options=3D8<VLAN_MTU>
=09inet 192.168.1.171 netmask 0xffff0000 broadcast 192.168.255.255
=09ether 00:02:44:51:ae:80
=09media: Ethernet autoselect (100baseTX <full-duplex>)
=09status: active
zenek# route get 192.168.1.171
route to: 192.168.1.171
destination: 192.168.0.0
mask: 255.255.0.0
interface: rl1
flags: <UP,DONE,CLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu ex=
pire
0 0 0 0 0 0 1500 -3=
663=20
zenek# route get 192.168.1.24
route to: 192.168.1.24
destination: 192.168.1.24
interface: rl1
flags: <UP,HOST,DONE,LLINFO,WASCLONED>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu ex=
pire
0 0 0 0 0 0 1500 =
671=20
I already used tcpdump, if ICMP packet goes in thru 192.168/16 on rl1 the
response goes out on 10/24 on rl0.
I did not modifies routing table by hand, I just want FreeBSD to reply on r=
l1 interface
for packets that income from rl1 interface, currently it responses thru rl0=
interface
when packet comes from rl1.
Regards
vermaden
----------------------------------------------------------------------
Wejdz do swiata wojny wampirow!
http://link.interia.pl/f1cb4
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071214102032.51D6D259A3A>