How do I set the source address on a multi-homed host?
Alin-Adrian Anton
aanton at spintech.ro
Sun Feb 13 17:47:26 GMT 2005
Daniela wrote:
> On Saturday 12 February 2005 16:06, Volker Kindermann wrote:
>
>>Hi Daniela,
>>
>>
>>>Yes, this happens when I connect from my machine (which functions as a
>>>router with NAT to allow the other LAN machines connect to the internet)
>>>to another LAN machine. When the router establishes a connection to
>>>another point in the intranet, the source address used is my official IP,
>>>and not 10.0.0.1, which is the intranet IP of the router.
>>
>>please post the output of the following commands:
>>
>>ifconfig -a
>
>
> [Showing only relevant entries. My official IP is replaced with x.x.x.x]
> rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> inet6 fe80::202:44ff:fe66:bf4%rl0 prefixlen 64 scopeid 0x1
> inet x.x.x.x netmask 0xffffff00 broadcast x.x.x.255
> ether 00:02:44:66:0b:f4
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> inet6 fe80::20a:cdff:fe00:c076%rl1 prefixlen 64 scopeid 0x2
> inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
> ether 00:0a:cd:00:c0:76
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
>
>
I really don't see why you use A-class netmask. It's very probable that
a C-class netmask would suffice:
rl1 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
Also, the routes for rl1 which is the internal interface don't look normal.
You should have only one rl1 entry, like this:
10.0.0.0 link#2 UC 0 0 rl1
And not:
> 10 link#2 UC 2 0 rl1
> 10.0.0.3 00:0d:61:17:fc:30 UHLW 1 444 rl1 903
> 10.255.255.255 ff:ff:ff:ff:ff:ff UHLWb 0 2453 rl1
See? Why special route for 10.0.0.3?
Besides that, I hope your nat and firewall configs are not mangled too.
Try these changes first, and see if things get normal.
PS: there is *no way* for the behaviour you explained to happen under
normal circumstances, unless you *explicitly*, intentionally or by
mistake have configured the gateway to do so.
Regards,
--
Alin-Adrian Anton
GPG keyID 0x183087BA (B129 E8F4 7B34 15A9 0785 2F7C 5823 ABA0 1830 87BA)
gpg --keyserver pgp.mit.edu --recv-keys 0x183087BA
"It is dangerous to be right when the government is wrong." - Voltaire
More information about the freebsd-questions
mailing list