From owner-freebsd-net@FreeBSD.ORG  Fri Nov 16 06:02:12 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6EAE916A417
	for <freebsd-net@freebsd.org>; Fri, 16 Nov 2007 06:02:12 +0000 (UTC)
	(envelope-from brian@tnetus.com)
Received: from k2smtpout03-01.prod.mesa1.secureserver.net
	(k2smtpout03-01.prod.mesa1.secureserver.net [64.202.189.171])
	by mx1.freebsd.org (Postfix) with SMTP id 3B44013C468
	for <freebsd-net@freebsd.org>; Fri, 16 Nov 2007 06:02:11 +0000 (UTC)
	(envelope-from brian@tnetus.com)
Received: (qmail 4586 invoked from network); 16 Nov 2007 06:02:03 -0000
Received: from unknown (HELO tnetus.com) (68.178.207.93)
	by k2smtpout03-01.prod.mesa1.secureserver.net (64.202.189.171) with
	SMTP; 16 Nov 2007 06:02:03 -0000
Received: from [10.1.1.134] ([85.97.4.79]) by tnetus.com
	with hMailServer ; Fri, 16 Nov 2007 01:02:06 -0500
Message-ID: <473D3258.9040203@tnetus.com>
Date: Fri, 16 Nov 2007 08:02:00 +0200
From: Brian Hawk <brian@tnetus.com>
User-Agent: Thunderbird 2.0.0.7pre (Windows/20071019)
MIME-Version: 1.0
To: Dima Dorfman <dd@freebsd.org>
References: <473C5593.4080407@tnetus.com>
	<20071116001429.GE1499@beaver.trit.net>
In-Reply-To: <20071116001429.GE1499@beaver.trit.net>
Content-Type: text/plain; charset=ISO-8859-9; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@freebsd.org
Subject: Re: Interface address sourced packets go thru default gateway on
 another interface
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Nov 2007 06:02:12 -0000

Dima Dorfman wrote:
> I don't think it ever worked the way you described. The source IP
> address doesn't usually affect how replies will be routed on the way
> out.
>   
Then what would be the reason to bind a connection to a specific source 
address? We do
ping -S A.B.C.D x.y.z.t
to make ping send packets to x.y.z.t over A.B.C.D's interface (and 
source address) or
telnet -s A.B.C.D x.y.z.t

I believe binding an IP's source address to an interface address 
(instead of INADDR_ANY) is to make packets go out from *that* interface, 
not the default gw.
> You can fix this with policy routing rules. Here's an example with PF:
>
> : pass out quick route-to ($other_if $other_gw) from ($other_if)
>
>   
I really am an ipfilter fan. It's greate that pf support this. But I 
think ipfilter doesn't yet. At least not the version I'm using (v3.4.35).

-Brian