Avoid using RFC3927 outside of the link
Eugene Grosbein
eugen at grosbein.net
Tue Dec 20 02:58:03 UTC 2016
20.12.2016 4:01, Alarig Le Lay пишет:
> On Tue Dec 20 02:34:29 2016, Eugene Grosbein wrote:
>> Well, you can always use brute force instead:
>>
>> ipfw nat 169 config reset ip 89.234.186.1 && \
>> ipfw add 60 nat 169 ip from 169.254.0.0/16 to any out xmit igb0
>>
>> That's ugly but works.
>
> I will work just by side effect: by doing this, I will send BGP packets
> from 89.234.186.1, which is an IP than the peer learned by BGP. This will
> create a recursive loop, and the session will be shut. So, no more
> traffic will transit through this interface, and this IP will not be
> displayed anymore :p
You could also use another public IP as primary address for interface in question
and an address from 169.254.0.0/16 as secondary one. BGP will still work and
kernel/ICMP will use public IP.
More information about the freebsd-net
mailing list