Default router changes unexpectedly
volker at vwsoft.com
volker at vwsoft.com
Sun Aug 29 19:35:05 UTC 2010
On 08/29/10 19:50, Özkan KIRIK wrote:
> Hi,
>
> I am using FreeBSD 7.3 STABLE-201004. IPFW + In kernel NAT and if_vlan
> used mostly.
> System has 3 em interfaces. Scenario is classical, LAN DMZ WAN.
>
> Sometimes default router changes unexpectedly. I inspected logs if
> someone logged in or changed route. I found nothing.
> This problem repeats at least 1 times per day. I wrote a shell script
> which monitors the default router.
> I saw that sometimes netstat -rn shows that default router is changed
> as 10.3.1.64 or 10.5.3.189 etc. which are client IP addresses but
> routing still routes to right router 212.X.Y.Z .
> After a while, routing really fails.
> I use em nics for all.
> At the weekends (when most clients are now working) i dont have any problems.
> I think some network packets affects the defaultrouter.
> I tried to block packets belongs to the IP addresses which shown as
> default router (10.3.1.64, 10.5.3.189 etc.. ). Then the problem is
> solved.
>
> I wonder how the default router can be changed with packets that came
> from network?
> How can i prevent this without writing firewall rules?
> Or which packets should I drop?
>
> Any ideas?
Özkan,
just one: Do you see RIP (521/tcp, 521/udp) traffic?
Volker
More information about the freebsd-net
mailing list