From owner-freebsd-net@FreeBSD.ORG Mon Dec 8 10:53:16 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C8A216A4CE for ; Mon, 8 Dec 2003 10:53:16 -0800 (PST) Received: from mx01.bos.ma.towardex.com (a65-124-16-8.svc.towardex.com [65.124.16.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 56A5243FF2 for ; Mon, 8 Dec 2003 10:53:15 -0800 (PST) (envelope-from haesu@mx01.bos.ma.towardex.com) Received: by mx01.bos.ma.towardex.com (TowardEX ESMTP 3.0p11_DAKN, from userid 1001) id 8B3262F898; Mon, 8 Dec 2003 13:53:20 -0500 (EST) Date: Mon, 8 Dec 2003 13:53:20 -0500 From: haesu@towardex.com To: freebsd-net@freebsd.org Message-ID: <20031208185320.GA45737@scylla.towardex.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: Sourcing ICMP reply to a different ip address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Dec 2003 18:53:16 -0000 Hi, Is there anyway to source the ICMP reply (i.e. ttl-exceeded for traceroute) on a FreeBSD box acting as router to an IP address different than the one bound on the interface, in which the destination route is pointed at? For example: Let say we have an asymmetric routing situation here... A client host is 1.2.3.4, and the FreeBSD box has fxp0 with 2.2.2.2, and fxp1 with 3.3.3.3, Client runs traceroute to a host routed by the FreeBSD router. The packet arrives on FreeBSD router's FXP0 interface. But the route for 1.2.3.4 (client) on router's routing table points out to FXP1. Here in this case, the icmp ttl-exceeded message from the FreeBSD router will be sourced from 3.3.3.3, which is the main ip address of FXP1 (hence, the interface where route for 1.2.3.4(the client) is bound to) I'm looking to make it so that if a packet arrives on FXP0, I'd like the FreeBSD box to respond icmp ttl-exceeded OUT via FXP0, with source address of FXP0's IP. So in other words, I'd like to have icmp replies go out via the interface the packet originally hit the box, instead of via the interface that holds the route for the source of the packet. This type of implementation is done on some vendors (including Cisco) and sometimes can be helpful troubleshooting asym. routing situations.. Any suggestions would be appreciated. Thanks ` -- James Jun (formerly Haesu) Network Operations TowardEX Technologies, Inc. Consulting, colocation, web hosting, network design and implementation http://www.towardex.com | james@towardex.com Cell: (978)394-2867 | Office: (978)263-3399 Ext. 170 Fax: (978)263-0033 | AIM: GigabitEthernet0 NOC: http://www.twdx.net | POC: HAESU-ARIN, HDJ1-6BONE