Date: Tue, 20 Dec 2016 02:34:29 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Alarig Le Lay <alarig@swordarmor.fr> Cc: freebsd-net@freebsd.org Subject: Re: Avoid using RFC3927 outside of the link Message-ID: <58583645.3090502@grosbein.net> In-Reply-To: <20161219190506.kc32q7sz3okekup7@kaiminus> References: <20161219184617.7yph7isgtgjy4mja@kaiminus> <58582C25.7090806@grosbein.net> <20161219190506.kc32q7sz3okekup7@kaiminus>
next in thread | previous in thread | raw e-mail | index | archive | help
20.12.2016 2:05, Alarig Le Lay пишет: > On Tue Dec 20 01:51:17 2016, Eugene Grosbein wrote: >> 20.12.2016 1:46, Alarig Le Lay пишет: >> >>> Is it possible to avoid this behaviour and reply with the public IP >>> (89.234.186.1) instead? >> >> try: sysctl net.inet.icmp.reply_from_interface=1 > > If an AS choose to go to us thought this peer, packets will come in by > this interface, so our router will continue to reply with the apipa IP > for those ASes. Well, you can always use brute force instead: ipfw nat 169 config reset ip 89.234.186.1 && \ ipfw add 60 nat 169 ip from 169.254.0.0/16 to any out xmit igb0 That's ugly but works.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58583645.3090502>