Date: Tue, 1 Dec 1998 13:53:02 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Nate Williams <nate@mt.sri.com> Cc: Luigi Rizzo <luigi@labinfo.iet.unipi.it>, nate@mt.sri.com (Nate Williams), hackers@FreeBSD.ORG Subject: Re: TCP bug Message-ID: <199812012153.NAA10746@apollo.backplane.com> References: <199812011811.LAA00104@mt.sri.com> <199812011619.RAA02622@labinfo.iet.unipi.it> <199812011834.LAA00343@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:> > In trying to track down why some boxes in my network can't connect to
:> > certain WWW hosts, I determined that my FreeBSD is not routing the
:> > packets for some reason. It's receiving them, and the firewall code
:> > *thinks* it's passing them on, but tcpdump doesn't see these packets go
:> > out on the wire.
:>
:> just to understand, what is the problem related to ?
:
:...
:
:Yep, no difference. It appears my router box is not passing packets
:through to the boxes on the internal ethernet. I stuck the firewall on
:that box just to see if the TCP stack was getting the incoming packets,
:...
:Nate
I've noticed that FreeBSD doesn't always bind the local side of the
connection to the outgoing interface but instead binds the local side
of the connection to some other interface.
For example, if I have two interfaces and I telnet out, FreeBSD might
not use the outgoing interface's IP address for the local address and
instead might use the other interface's IP address.
This can wreak havoc with firewalls and isolated subnets. I don't
know if FreeBSD-current has this problem, but FreeBSD-stable definitely
did.
-Matt
Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet
Communications & God knows what else.
<dillon@backplane.com> (Please include original email in any response)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812012153.NAA10746>