From nobody Sun Dec 05 21:51:04 2021 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8575D18CA893 for ; Sun, 5 Dec 2021 21:51:09 +0000 (UTC) (envelope-from bz@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J6gHK2MyNz3hS0; Sun, 5 Dec 2021 21:51:09 +0000 (UTC) (envelope-from bz@freebsd.org) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:13b:39f::9f:25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.sbone.de", Issuer "SBone.DE" (not verified)) (Authenticated sender: bz/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 172A84D8A; Sun, 5 Dec 2021 21:51:09 +0000 (UTC) (envelope-from bz@freebsd.org) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id D1E138D4A215; Sun, 5 Dec 2021 21:51:07 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 3CA0FE707E1; Sun, 5 Dec 2021 21:51:07 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id LgNqBRXJgXbS; Sun, 5 Dec 2021 21:51:05 +0000 (UTC) Received: from nv.sbone.de (nv.sbone.de [IPv6:fde9:577b:c1a9:31::2013:138]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id A41DFE707E0; Sun, 5 Dec 2021 21:51:05 +0000 (UTC) Date: Sun, 5 Dec 2021 21:51:04 +0000 (UTC) From: "Bjoern A. Zeeb" To: Lutz Donnerhacke cc: John Hay , Kurt Jaeger , freebsd-net Subject: Re: why multi-hop icmp redirects to 0.0.0.0 on 13.0 ? In-Reply-To: <20211205205333.GC8367@belenus.iks-jena.de> Message-ID: References: <20211205205333.GC8367@belenus.iks-jena.de> X-OpenPGP-Key-Id: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638741069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=uLNfs4X/3wypWmfsngtzHy9H84OlcUE4d49BBmMlXbw=; b=U2u98nWbUVAS8aW/+mzw7zuseHdwcTRE1wKjh5Z4WHlEmzU8YFM67uwU1rQ3htR1PxHMWN r1h2iyd6EXfvjQ3hkobUOBiLKsGbDEirIQb7jmY5SVxLCBT9n0fciz0SXoUuG1cSv1SAi1 yCE6nns5dKvCJOqC0ncwRHJIp38ComtazBhcA/4L5dxgJaLg/GOuKdqtG8/pEhXvBvvsLB X1CX2R1/Krmbo7U66P+pRpz9ZqBfhxZ4FEjkICFsY5V5OdOK5g9gWUdIgn2GiajZyxsAfO THWsbqGanYI5zthAGOzB/7NqFpdnSPa2Yp8JVJysErCzR1aVKBB9WjPuWo/cZg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638741069; a=rsa-sha256; cv=none; b=m/OU5kswRboFymCsfALYxVTNhPvcRnqGlYOEZovutMziZCfxQ6eZgmIgYUL36XgP5T7oiD efs65t3kIpxDX+U+k3D0UMWbN8NZBBp6XDnbRCMHfvN+iP21dqcJVJQRmeuGPk+yclRF4/ 9wIwpQBk0NIEyIuqKtMWBpC3UrYGe0VSmYnbLN84+Bm7xQSsZEe331a1SmGWpvwW4zp1C8 adFYXPZDGLNlf1BesuF/aK70QN2oi0jxyiv1yizUHH2M+bxHJlGjEiPp7w1ANc7MCH+/xL IU+sFEU1Kq9Tg9VbjQTG7vj/XryTXib2CixJNtKMFPR3A0AuUnihfBWD16/yAw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On Sun, 5 Dec 2021, Lutz Donnerhacke wrote: > On Sun, Dec 05, 2021 at 08:20:08PM +0200, John Hay wrote: >> Something I have observed is that if you use FreeBSD 13 as a router with 2 >> subnets on the same interface, it will generate redirects when hosts send >> packets to the other subnet via the FreeBSD router. I think it is wrong. > > No, it's correct. > >> The host does not have a more direct way to get to the other subnet. > > The other host can arp for an address in a non-connected network on the > interface because it's the same L2 domain. Hence the ICMP redirect is send > out to provide the shortcut (skipping the router). That has always be a very Linux-y approach; FreeBSD should not ARP for any subnet it is not connected to (at least it didn't use to). I think you could add a host route in the past and then it would but with the current IPv4 I couldn't even say from quickly looking what it would do. >> RFC792 >> on page 13 does not talk about interfaces, but networks, "If G2 and the >> host identified by the internet source address of the datagram are on the >> same network...". > > "network" == "layer 2 domain". No, no in this context; it talks about about the "internet source address of a datagram" and hence network == Layer 3 as that is where internet addresses belong. No one would phrase it anymore like this these days but in those days ... /bz -- Bjoern A. Zeeb r15:7