Problem with new source address selection

Frank Behrens frank at
Thu Nov 27 22:53:11 PST 2008

Bjoern A. Zeeb <bzeeb-lists at> wrote on 27 Nov 2008 16:47:
> > Now I want to tunnel between my and a foreign
> > So I assigned to lo2 and created
> > a static route.
> So if you don't mind to go out with a source address of
> instead of .254, what about this hack. What happens if you change the
> route to
>  	route change -net
> (assuming the .2 is not on your local machine).

That works for the router, but for incoming packets on the internal 
interface (from -net the machine will send an ICMP 
redirect to new router Of course that is a black hole. 
When I use the route to own interface address 
(route change -net it works, but also 
for every incoming packet an ICMP redirect is sent. So that solution 
is a workaround for short time only.

Does anybody have a better solution for source address selection? Am 
I the only one with an IPSEC tunnel?

Frank Behrens, Osterwieck, Germany
PGP-key 0x5B7C47ED on public servers available.

More information about the freebsd-net mailing list