Date: Sun, 5 Dec 2021 21:51:04 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@freebsd.org> To: Lutz Donnerhacke <lutz@donnerhacke.de> Cc: John Hay <jhay@meraka.org.za>, Kurt Jaeger <pi@freebsd.org>, freebsd-net <freebsd-net@freebsd.org> Subject: Re: why multi-hop icmp redirects to 0.0.0.0 on 13.0 ? Message-ID: <alpine.BSF.2.00.2112052148170.68830@ai.fobar.qr> In-Reply-To: <20211205205333.GC8367@belenus.iks-jena.de> References: <Yast8d1dRd7ZFWr3@fc.opsec.eu> <alpine.BSF.2.00.2112041609520.68830@ai.fobar.qr> <YauV138P1xyB53Ja@fc.opsec.eu> <alpine.BSF.2.00.2112041633090.68830@ai.fobar.qr> <YaufYWCM9YOUG5Op@fc.opsec.eu> <alpine.BSF.2.00.2112041905270.68830@ai.fobar.qr> <alpine.BSF.2.00.2112051718171.68830@ai.fobar.qr> <CAGv8uarUvftonP9LBOPmVksqTz7pFuQoUP2OJFG4BKBTex6VAw@mail.gmail.com> <20211205205333.GC8367@belenus.iks-jena.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 5 Dec 2021, Lutz Donnerhacke wrote: > On Sun, Dec 05, 2021 at 08:20:08PM +0200, John Hay wrote: >> Something I have observed is that if you use FreeBSD 13 as a router with 2 >> subnets on the same interface, it will generate redirects when hosts send >> packets to the other subnet via the FreeBSD router. I think it is wrong. > > No, it's correct. > >> The host does not have a more direct way to get to the other subnet. > > The other host can arp for an address in a non-connected network on the > interface because it's the same L2 domain. Hence the ICMP redirect is send > out to provide the shortcut (skipping the router). That has always be a very Linux-y approach; FreeBSD should not ARP for any subnet it is not connected to (at least it didn't use to). I think you could add a host route in the past and then it would but with the current IPv4 I couldn't even say from quickly looking what it would do. >> RFC792 >> on page 13 does not talk about interfaces, but networks, "If G2 and the >> host identified by the internet source address of the datagram are on the >> same network...". > > "network" == "layer 2 domain". No, no in this context; it talks about about the "internet source address of a datagram" and hence network == Layer 3 as that is where internet addresses belong. No one would phrase it anymore like this these days but in those days ... /bz -- Bjoern A. Zeeb r15:7
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.2112052148170.68830>