ip route + routing ip from one block to another

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

i saw a strange configuration the other day :



router 1.2.3.1 ----------- 1.2.3.6 eth0  FW  eth1 10.1.1.1 --- LAN
                 network					network here:
                 here :						10.1.1.0/24
                 1.2.3.1/29


until here, nothing strange, juste a FW which nat the lan workstations.
(with ipchains, nothing fancy :                 
ipchains -A forward -i eth0 -s 10.1.1.0/24 -j MASQ)


Now,

on the firewall, 
I do :    

ip route add nat 1.2.3.2 via 10.1.1.10
ip rule add from 10.1.1.10 nat 1.2.3.2

and it does what is expected !
ie 10.1.1.10 appears as 1.2.3.2,
everything allowed, ping, services...

ifconfig on the firewall is normal, there is no aliases of 1.2.3.2...
i don't know how the router knows about it. 
i expected the router  ask for a arp.
arp -a does not show 1.2.3.2.

i sniffed the arp traffic, but i only get router and fw arp traffic,
no mention of 1.2.3.2.

when i tcpdump, it is as if  1.2.3.2 was normaly routed to the lan...
i don't understand how this could be, since the 1.2.3.1/29
is supposed to be between the fw and the router, not behind the fw.

when i traceroute, i can traceroute to 1.2.3.2, as if it was 
behind/after 1.2.3.1.

can anyone explain how this works ?

is there a local route propagated to the router ?
(if so, how ? what protocol ? what tools to debug/view it ?)

thanks

-- 
xavier renaut


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux