Policy-based routing for packets originating from local machine ('reinject' packets back into kernel?)

Milan Obuch freebsd-net at dino.sk
Sun Jul 22 15:44:18 UTC 2007

On Sunday 22 July 2007, m_wlist at weirdwire.ru wrote:
> Hello.
> At the moment I'm trying to get that working with netgraph's ngeth
> interfaces. But they seem to behave in some really weird way.
> Details:
> # ifconfig ngeth0 netmask

Netmask looks weird to me. Something like this is really 
unusual. What does ifconfig ngeth0 show?

> # ngctl connect ngeth0: ngeth1: lower upper
> # ngctl connect ngeth1: ngeth0: lower upper
> ('tcpdump -ni ngeth0' on other terminal for great justice)
> # ping
> (here after some delay I get 'host is down' messages with no output from
> tcpdump).
> # ping
> (broadcast address, gives nothing from ping, and 'blal blah >
> ICMP echo request, blah' from tcpdump)
> (here i change tcpdump from ngeth0 to ngeth1)
> # ping and # ping
> give 'host is down' from ping and nothing from tcpdump
> # ping
> (LOL WUT!) still gives 'host is down' from ping, but tcpdump -ni ngeth1
> gives 'arp who-has tell'!
> That raises two questins:
> 1) Wtf is going on?
> 2) How to make ngeth just send ip packet, avoiding that arp stuff (or is
> there any other virtual interface devices available that do that)?

I can't comment on these question, but my recommendation would be to choose 
more usual mask - if it's not a typo, this could cause various interesting 


This address is used only for mailing list response.
Do not send any personal messages to it, use milan in
address instead.

More information about the freebsd-net mailing list