This strikes me as a noob question but in 10 years of
freebsd, I've never wrapped my brain around it and
it seems to be causing me problems this time.
I have many aliases on many servers. Some services
listening on an alias address seem to return the packets
out the alias address as shown in netstat -i in the Opkt
column. Others seem to return packets back out the first
address specified on the system. This has not bothered
me before because it seems to work and I figured I was
just confused on how netstat shows the In and Out
packet counts. I assumed that local lan traffic would be
listed on the appropriate line and anything headed
out the WAN would go to default gateway thus appear
on the line with the initial address. I've noticed it on ssh
often, connect in on a second or third IP yet the
packets show as going out through the first configured
IP in netstat.
I'm now setting up a bind server in which the third alias
is the address for incoming DNS queries. It appears
it's responding but even though the queries come in
on the third alias, they "go out" through the "primary"
address or more specifically, the packet count is
incremented in the Opkts total for the IP address first
attached to the interface via ifconfig (without an alias).
My problem appears to be that the packets really are
coming from the first IP as the source and are getting
blocked by my firewall as they should (the first address
is not supposed to be answering DNS queries).
Am I conceptualizing what I'm seeing incorrectly and
have a different config error, or is it true that some
services respond with a different source IP other than
the what they came in on if multiple aliases are
specified on a single interface and wire. In other
words, is the Opkt count on the IP irrelevant to the
addressing of the packet?
Please let me know if this should instead go to
FreeBSD-Net.
Supporting info: here is an example of the netstat,
in this example, dns is listening on 192.168.0.18, the
first interface ifconfig'd is 0.12. If I read it correctly,
it goes out the default gateway which is somehow
tied to the 0.12.
This machine is not a gateway, has no FWDs in
ipfw, and isn't running natd.
$ netstat -i
Name Mtu Network Address Ipkts Ierrs Opkts
Oerrs Coll
rl0 1500 <Link#1> 00:10:b5:76:ce:20 631 0
1 0 0
rl0 1500 192.168.252.0 192.168.252.11 0 -
0 - -
rl1 1500 <Link#2> 00:14:2a:02:bd:64 22628 0
7833 0 0
rl1 1500 192.168.0.0 192.168.0.12 11 - 7450
- -
rl1 1500 192.168.0.11 192.168.0.11 1482 - 278
- -
rl1 1500 192.168.0.18 192.168.0.18 1243 - 0
- -
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"