Date: Tue, 20 Dec 2016 09:57:44 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Alarig Le Lay <alarig@swordarmor.fr> Cc: freebsd-net@freebsd.org Subject: Re: Avoid using RFC3927 outside of the link Message-ID: <58589E28.9020900@grosbein.net> In-Reply-To: <20161219210150.mf4cwx3k33x2qbbe@kaiminus> References: <20161219184617.7yph7isgtgjy4mja@kaiminus> <58582C25.7090806@grosbein.net> <20161219190506.kc32q7sz3okekup7@kaiminus> <58583645.3090502@grosbein.net> <20161219210150.mf4cwx3k33x2qbbe@kaiminus>
next in thread | previous in thread | raw e-mail | index | archive | help
20.12.2016 4:01, Alarig Le Lay пишет: > On Tue Dec 20 02:34:29 2016, Eugene Grosbein wrote: >> Well, you can always use brute force instead: >> >> ipfw nat 169 config reset ip 89.234.186.1 && \ >> ipfw add 60 nat 169 ip from 169.254.0.0/16 to any out xmit igb0 >> >> That's ugly but works. > > I will work just by side effect: by doing this, I will send BGP packets > from 89.234.186.1, which is an IP than the peer learned by BGP. This will > create a recursive loop, and the session will be shut. So, no more > traffic will transit through this interface, and this IP will not be > displayed anymore :p You could also use another public IP as primary address for interface in question and an address from 169.254.0.0/16 as secondary one. BGP will still work and kernel/ICMP will use public IP.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58589E28.9020900>