From owner-freebsd-questions  Tue Jan 21 18:35: 4 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7009D37B401
	for <freebsd-questions@freebsd.org>; Tue, 21 Jan 2003 18:35:02 -0800 (PST)
Received: from web10106.mail.yahoo.com (web10106.mail.yahoo.com [216.136.130.56])
	by mx1.FreeBSD.org (Postfix) with SMTP id F11F043F18
	for <freebsd-questions@freebsd.org>; Tue, 21 Jan 2003 18:35:01 -0800 (PST)
	(envelope-from twigles@yahoo.com)
Message-ID: <20030122023501.75590.qmail@web10106.mail.yahoo.com>
Received: from [68.5.49.41] by web10106.mail.yahoo.com via HTTP; Tue, 21 Jan 2003 18:35:01 PST
Date: Tue, 21 Jan 2003 18:35:01 -0800 (PST)
From: twig les <twigles@yahoo.com>
Subject: routing problem on 4.7 release
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hey all, I have a 4.7 release box that needs to cvsup
its ports.  The problem is that this box never sees
the outside world normally; it does IDS on an IP-less
interface and of course has a backnet interface.  So
basically I added a temporary IP address to this box,
edited my /etc/cvsupfile to use the IP address of the
cvs server (to avoid dealing with DNS), added a few
lines in IPFW and then used the route command to force
packets out the correct interface.

The problem is that packets destined for the legal
gateway (I'll call it 1.1.1.1) are still going out the
backnet interface.  So if I ping 1.1.1.1, I can sit
and watch access-list denies show up as the backnet
interface tries to ping an IP that isn't even
reachable.  The fact that these pings are getting out
tells me that IPFW isn't the problem and that the
route table is screwed up.

Please chime in if anyone has an answer, all I need to
do is add a static route temporarily.

My config looks like this below.  As you may notice, I
even tried adding a route to 1.1.1.1 out the specific
interface "route -n add 1.1.1.1/26 -interface ti0".

mas01# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs   
  Use  Netif Expire
default            10.20.0.1          UGSc        7   
   56   fxp0
10.20/25           link#1             UC          2   
    0   fxp0
10.20.0.1          00:00:0c:07:ac:60  UHLW        5   
    4   fxp0   1196
10.20.0.14         00:60:ab:03:7d:2f  UHLW        0   
    0   fxp0    938
1.1.1.1/32    00:00:00:00:00:00  ULSc        0      
12    ti0
1.1.1.1/26   link#2             UC          0        0
   ti0
127.0.0.1          127.0.0.1          UH          0   
  604    lo0
165.64.255/24      1.1.1.1       UGSc        0       
0   fxp0
208.185.175.214/32 1.1.1.1       UGSc        1       
0   fxp0


=====
-----------------------------------------------------------
Know yourself and know your enemy and you will never fear defeat.         
-----------------------------------------------------------

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message