forwarding with ttl=1

Stephen L Martin freebsd at
Thu Feb 5 10:01:47 PST 2004


When posting please wrap your lines...they are easier to read and some
MUA's don't deal well with them...including mine :) Thanks.

This situation is kind of funny, I've never heard of an ISP doing this. I
belive what you want to do is, if you are using IpFilter, use the
fastroute keyword. You can find more about it at the link[1] posted below.
Just do a search on the page for fastroute.

There are probably options for the alternate packet filters (ipfw, pf)
also. Just read the howto corresponding to the packet filters name and you
should find out some more information.



> Hi All
> I am newbie with configuring networks under FreeBSD . I have small network
> with gateway running on FreeBSD 5.2 Release .My ISP offers me pppoe
> service for connecting to Internet . I didn't have problems with
> configuring ppp with pppoe . I used nat option wchich works fine for
> masquerading the local network from the world . The problem is that the
> ISP's gateway returns every time packets with ttl=1 which makes further
> forwarding impossible . My gateway returns icmp error mesage "time
> exceeded" and discards packets . I want to know if I made some mistake
> with configuring nat service or if not what is the solution of the problem
> ? Is there any service that can increment ttl and process the packet ? I
> tried to avoid the checking of ttl in the ip_forward() function in
> ip_input.c and skipping the decrement of ttl and everything works fine but
> i think that this is very ugly kernel hack . Probably there is an easy and
> elegant solution . Any ideas ?
> please excuse my English

More information about the freebsd-questions mailing list