Gateway problem

[Chuck Swiger]

On Oct 20, 2006, at 3:22 PM, Brian Hawk wrote:
>> No, you are wrong. Packet will be forwarded to default gateway  
>> through the interface which is on same network with it. You need  
>> some kind of policy routing. I'm not very familiar with ipf but  
>> with pf you can do:
>>
> Unfortunately it doesn't go thru the interface which has Src IP  
> address same as with it. But goes thru the default gateway. But  
> since the Src IP address in the IP packet is 212.64.212.180, all  
> TCP replies come from the right interface (xl1) which makes sense  
> because the devices on the internet wouldn't make the same mistake.
>> pass out on $ext_if0 route-to ($ext_if1 $ext_gw1) inet from  
>> $ext_if1 to any
>> pass out on $ext_if1 route-to ($ext_if0 $ext_gw0) inet from  
>> $ext_if0 to any
>>   or with ipfw you can use "fwd" rule action.
>>
> a "fwd" cannot solve my problem because it likes to forward packets  
> to a certain IP addr or an IP:port, which is not what I want. I  
> just need to forward (or rather route) them thru an "interface".  
> Again, I still think this is what FreeBSD should really be doing  
> for packets which have interface's IP  as Src IP addr in the IP  
> header.

The source address of a packet is irrelevant to normal routing; only  
the destination matters.

Unless you set up a routing daemon which implements other policies,  
the FreeBSD TCP/IP stack uses only the destination address to do a  
lookup in the kernel's routing table, using the most precise matching  
route, or the default route if one is present and no other route is  
available.

-- 
-Chuck