Outgoing packets being sent via wrong interface

Julian Elischer julian at freebsd.org
Sat Nov 28 10:06:59 UTC 2015 

On 27/11/2015 5:13 PM, Daniel Bilik wrote:
> On Wed, 25 Nov 2015 12:20:33 +0000
> Gary Palmer <gpalmer at freebsd.org> wrote:
>
>> route -n get <unreachable IP>
> As suggested by Kevin and Ryan, I set the router to drop redirects...
>
> net.inet.icmp.drop_redirect: 1
>
> ... but it happened again today, and again affected host was 192.168.2.33.
> Routing and arp entries were correct. Output of "route -n get"...
>
>     route to: 192.168.2.33
> destination: 192.168.2.0
>         mask: 255.255.255.0
>          fib: 0
>    interface: re1
>        flags: <UP,DONE,PINNED>
>   recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
>         0         0         0         0      1500         1         0
>
> ... has not changed during the problem.
>
> Interesting was ping result...
>
> PING 192.168.2.33 (192.168.2.33): 56 data bytes
> ping: sendto: Operation not permitted
> ping: sendto: Operation not permitted
> ...
> 64 bytes from 192.168.2.33: icmp_seq=11 ttl=128 time=0.593 ms
> ping: sendto: Operation not permitted
> ...
> 64 bytes from 192.168.2.33: icmp_seq=20 ttl=128 time=0.275 ms
> 64 bytes from 192.168.2.33: icmp_seq=21 ttl=128 time=0.251 ms
> ping: sendto: Operation not permitted
> ...
> 64 bytes from 192.168.2.33: icmp_seq=40 ttl=128 time=0.245 ms
> ping: sendto: Operation not permitted
> 64 bytes from 192.168.2.33: icmp_seq=42 ttl=128 time=7.111 ms
> ping: sendto: Operation not permitted
> ...
> --- 192.168.2.33 ping statistics ---
> 46 packets transmitted, 5 packets received, 89.1% packet loss
>
> It seems _some_ packets go the right interface (re1), but most
> try to go wrong (re0) and are dropped by pf...
>
> 00:00:01.066886 rule 53..16777216/0(match): block out on re0: 82.x.y.50 > 192.168.2.33: ICMP echo request, id 58628, seq 39, length 64
> 00:00:02.017874 rule 53..16777216/0(match): block out on re0: 82.x.y.50 > 192.168.2.33: ICMP echo request, id 58628, seq 41, length 64
> 00:00:02.069634 rule 53..16777216/0(match): block out on re0: 82.x.y.50 > 192.168.2.33: ICMP echo request, id 58628, seq 43, length 64
>
> And again, refreshing default route (delete default / add default)
> resolved it...
>
> PING 192.168.2.33 (192.168.2.33): 56 data bytes
> 64 bytes from 192.168.2.33: icmp_seq=0 ttl=128 time=0.496 ms
> 64 bytes from 192.168.2.33: icmp_seq=1 ttl=128 time=0.226 ms
> 64 bytes from 192.168.2.33: icmp_seq=2 ttl=128 time=0.242 ms
> 64 bytes from 192.168.2.33: icmp_seq=3 ttl=128 time=0.226 ms

next time it happens try flushing the arp table.

>
> --
> 						Dan
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>

More information about the freebsd-net mailing list