Date: Fri, 16 Nov 2007 08:02:00 +0200 From: Brian Hawk <brian@tnetus.com> To: Dima Dorfman <dd@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: Interface address sourced packets go thru default gateway on another interface Message-ID: <473D3258.9040203@tnetus.com> In-Reply-To: <20071116001429.GE1499@beaver.trit.net> References: <473C5593.4080407@tnetus.com> <20071116001429.GE1499@beaver.trit.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dima Dorfman wrote: > I don't think it ever worked the way you described. The source IP > address doesn't usually affect how replies will be routed on the way > out. > Then what would be the reason to bind a connection to a specific source address? We do ping -S A.B.C.D x.y.z.t to make ping send packets to x.y.z.t over A.B.C.D's interface (and source address) or telnet -s A.B.C.D x.y.z.t I believe binding an IP's source address to an interface address (instead of INADDR_ANY) is to make packets go out from *that* interface, not the default gw. > You can fix this with policy routing rules. Here's an example with PF: > > : pass out quick route-to ($other_if $other_gw) from ($other_if) > > I really am an ipfilter fan. It's greate that pf support this. But I think ipfilter doesn't yet. At least not the version I'm using (v3.4.35). -Brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?473D3258.9040203>