From owner-freebsd-net Mon Mar 26 7: 2:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id D6AF437B71D; Mon, 26 Mar 2001 07:02:11 -0800 (PST) (envelope-from wes@softweyr.com) Received: from [127.0.0.1] (helo=softweyr.com ident=2a4081f52f6e3f35b6de349863266d36) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14hYVQ-0001LV-00; Mon, 26 Mar 2001 08:02:04 -0700 Message-ID: <3ABF59EC.68C80FF2@softweyr.com> Date: Mon, 26 Mar 2001 08:02:04 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Ruslan Ermilov Cc: Garrett Wollman , net@FreeBSD.ORG Subject: Re: Indirect routes with indirect gateways, bugfix References: <20010321133611.A62997@sunbay.com> <200103212116.QAA22097@khavrinen.lcs.mit.edu> <20010321133611.A62997@sunbay.com> <3AB8E7E2.36F360AA@softweyr.com> <20010322094429.B53063@sunbay.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ruslan Ermilov wrote: > > I wrote: > > > > Unless someone has a good motivation for not doing this, I am going > > to commit the attached patch that disallows indirect routes with > > indirect gateways. > > > Okay, I will rephrase this. Can you give me at least one example when > adding an indirect route with indirect gateway will work? If not, I > strongly insist on excluding this code. Certainly. You add a route to a host on your corporate backbone via a non-local router to guarantee that management accesses the accounting servers via a path that does not traverse engineering. Of course the proper way to do this is with careful control of route tables or by using VLANs, but that's not what many companies have. Large networks of routers and hubs are still commonplace, and this "hack" allows the network administrator to create dedicated routes from one subnet to another without requiring them to spread the routes across the entire installation. > On Wed, Mar 21, 2001 at 10:41:54AM -0700, Wes Peters wrote: > > This allows a crude sort of "policy routing", if that is of any value. > > I don't see what it hurts, or any reason to remove it. A misconfigured > > routing table is a system administration problem, not a code problem. > > On Wed, Mar 21, 2001 at 04:16:21PM -0500, Garrett Wollman wrote: > > < said: > > > > > The routing code (bogusly?) allows to add an indirect route with > > > also indirect gateway. This results in some nasty bugs: > > > > My sentiment is the same as Wes's. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message