gif interface uses IPv4 address before it is assigned to "real"
interface. Is it ok?
Lev Serebryakov
lev at FreeBSD.org
Sat Apr 30 10:44:51 UTC 2011
Hello, Freebsd-net.
It seems, gif, configured with "tunnel my-IPv4 other-IPv4" starts to
send IPv4 packages BEFORE "my-IPv4" is assigned to any interface in
system.
I have system, which connected to IPv4-internet via PPPoE with mpd5.
Also, it is connected to IPv6-internet with tunnel from Hurricane
Electric.
gif0 is configured before mpd5 starts, so, my real IPv4 address is
not present in system when gif0 is configured.
But gif0 sends packets BEFORE mpd5 start into physical interface,
which connects me with ISP. It has 10/8 address, and NAT on it to
allow to communicate with ISP's local network. NAT and firewall is
stateful, so NAT "from my-IPv4 to 10/8" works and remember this state.
After that, all incoming packets from tunnel are de-NATed to 10/8
address, which is complete madness :)
Why gif0 uses address which is not configured on any underlying interface
yet?
Is here any way to reset state of only ONE stateful ipfw rule from
command line, which could be work-around for me?
--
// Black Lion AKA Lev Serebryakov <lev at FreeBSD.org>
More information about the freebsd-net
mailing list