Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Nov 2007 22:18:38 -0800
From:      Julian Elischer <julian@elischer.org>
To:        Brian Hawk <brian@tnetus.com>
Cc:        freebsd-net@freebsd.org, Dima Dorfman <dd@freebsd.org>
Subject:   Re: Interface address sourced packets go thru default gateway on another interface
Message-ID:  <473D363E.20305@elischer.org>
In-Reply-To: <473D3258.9040203@tnetus.com>
References:  <473C5593.4080407@tnetus.com>	<20071116001429.GE1499@beaver.trit.net> <473D3258.9040203@tnetus.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Brian Hawk wrote:
> Dima Dorfman wrote:
>> I don't think it ever worked the way you described. The source IP
>> address doesn't usually affect how replies will be routed on the way
>> out.
>>   
> Then what would be the reason to bind a connection to a specific source 
> address? We do
> ping -S A.B.C.D x.y.z.t
> to make ping send packets to x.y.z.t over A.B.C.D's interface (and 
> source address) or
> telnet -s A.B.C.D x.y.z.t

no
binding does not affect the interface the packet goes out.
in  affects the address that return packets will be sent to 
but that's about all.

> 
> I believe binding an IP's source address to an interface address 
> (instead of INADDR_ANY) is to make packets go out from *that* interface, 
> not the default gw.
>> You can fix this with policy routing rules. Here's an example with PF:
>>
>> : pass out quick route-to ($other_if $other_gw) from ($other_if)
>>
>>   
> I really am an ipfilter fan. It's greate that pf support this. But I 
> think ipfilter doesn't yet. At least not the version I'm using (v3.4.35).

ipfw can do it with 
fwd {next hop} ip from ${other_if} to ${where-ever}

you can even do 
fwd tablearg ip from ${src} to  table(x) to implement a second routing table
for packets from ${src}


> 
> -Brian
> 
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?473D363E.20305>