Interface address sourced packets go thru default gateway on
another interface
Brian Hawk
brian at tnetus.com
Thu Nov 15 22:02:12 PST 2007
Dima Dorfman wrote:
> I don't think it ever worked the way you described. The source IP
> address doesn't usually affect how replies will be routed on the way
> out.
>
Then what would be the reason to bind a connection to a specific source
address? We do
ping -S A.B.C.D x.y.z.t
to make ping send packets to x.y.z.t over A.B.C.D's interface (and
source address) or
telnet -s A.B.C.D x.y.z.t
I believe binding an IP's source address to an interface address
(instead of INADDR_ANY) is to make packets go out from *that* interface,
not the default gw.
> You can fix this with policy routing rules. Here's an example with PF:
>
> : pass out quick route-to ($other_if $other_gw) from ($other_if)
>
>
I really am an ipfilter fan. It's greate that pf support this. But I
think ipfilter doesn't yet. At least not the version I'm using (v3.4.35).
-Brian
More information about the freebsd-net
mailing list