From owner-freebsd-current@FreeBSD.ORG Tue Mar 17 20:07:48 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7B311106566B for ; Tue, 17 Mar 2009 20:07:48 +0000 (UTC) (envelope-from h.schmalzbauer@OmniLAN.de) Received: from host.omnilan.net (host.omnilan.net [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 09A9C8FC0C for ; Tue, 17 Mar 2009 20:07:47 +0000 (UTC) (envelope-from h.schmalzbauer@OmniLAN.de) Received: from akima.flintsbach.schmalzbauer.de (akima.flintsbach.schmalzbauer.de [172.21.1.15]) (authenticated bits=0) by host.omnilan.net (8.13.8/8.13.8) with ESMTP id n2HK7FmV067447 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 17 Mar 2009 21:07:43 +0100 (CET) (envelope-from h.schmalzbauer@OmniLAN.de) Message-ID: <49C002F3.5010406@OmniLAN.de> Date: Tue, 17 Mar 2009 21:07:15 +0100 From: Harald Schmalzbauer Organization: OmniLAN User-Agent: Thunderbird 2.0.0.9 (X11/20080203) MIME-Version: 1.0 To: Julian Elischer References: <49BFEBAE.7090703@omnilan.de> <49BFF4CC.5050505@elischer.org> In-Reply-To: <49BFF4CC.5050505@elischer.org> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: FIB (routing table) question with jailed service X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Mar 2009 20:07:48 -0000 Julian Elischer wrote: > Harald Schmalzbauer wrote: >> Hello, >> >> I set up a second routingtable and told rc.d/jail to use the FIB1. >> Now I wonder why the SSHd in the jail isn't responding. I set the >> default router to a local address and the second default router in FIB1 >> to the ISP router, reachable via a second NIC. >> Does the FIb only work for outgoing, intiating connections? > > no, it is supposed to work for listen sockets too. > > What version of FreeBSD? I assume current because of the mailing list. > > I say "supposed to" because I have not tested it in -current for a > while, and there have been quite a few changes in that area. > I'll try check it myself later and get back to you. > (It does work correctly in Ironport's 6.x based systems where it > came from) Hello, sorry for posting stable- question to current, but I got no answer on stable@ so I reposted to current@ I'm running RELENG_7 as of last weekend. Thanks, -Harry