Date: Tue, 09 Dec 2003 14:03:30 +0100 From: Andre Oppermann <andre@freebsd.org> To: haesu@towardex.com Cc: freebsd-net@freebsd.org Subject: Re: Sourcing ICMP reply to a different ip address Message-ID: <3FD5C822.8E3CA370@freebsd.org> References: <20031208185320.GA45737@scylla.towardex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
haesu@towardex.com wrote: > > Hi, > > Is there anyway to source the ICMP reply (i.e. ttl-exceeded for traceroute) on > a FreeBSD box acting as router to an IP address different than the one bound on > the interface, in which the destination route is pointed at? > > For example: > > Let say we have an asymmetric routing situation here... > > A client host is 1.2.3.4, and the FreeBSD box has fxp0 with 2.2.2.2, and fxp1 > with 3.3.3.3, > > Client runs traceroute to a host routed by the FreeBSD router. The packet > arrives on FreeBSD router's FXP0 interface. But the route for 1.2.3.4 (client) > on router's routing table points out to FXP1. > > Here in this case, the icmp ttl-exceeded message from the FreeBSD router will > be sourced from 3.3.3.3, which is the main ip address of FXP1 (hence, the > interface where route for 1.2.3.4(the client) is bound to) > > I'm looking to make it so that if a packet arrives on FXP0, I'd like the FreeBSD > box to respond icmp ttl-exceeded OUT via FXP0, with source address of FXP0's IP. > So in other words, I'd like to have icmp replies go out via the interface the > packet originally hit the box, instead of via the interface that holds the > route for the source of the packet. This type of implementation is done on > some vendors (including Cisco) and sometimes can be helpful troubleshooting > asym. routing situations.. Yes, this can be done. Nice feature for debugging as you say. I've got a couple of other things in the priority queue first. It'll be after christmas/new-year until I can do it. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FD5C822.8E3CA370>