On Fri, 24 Oct 2003, Daniel Hartmeier wrote: >On Fri, Oct 24, 2003 at 04:07:20PM +0200, Mark Bojara wrote: > >> I want option a. It must route the packet to 192.168.0.1 exactly how it is >> without modifying any headers. on 192.168.0.1 there is NAT on it wich will >> handle translation. > >Ok, so let's look at the destination MAC addresses. > >> On 192.168.0.2 (localhost): >> x86:~# tcpdump -e -i tun1 >> tcpdump: listening on tun1 >> 16:03:31.375841 ip 84: 192.168.0.2 > apollo.is.co.za: icmp: echo request > >It seems FreeBSD tcpdump uses different parameters (-e doesn't print >ethernet addresses, obviously). Can you check your manpage and re-run >these with the option that prints the ethernet addresses (link-level >header)? > >On OpenBSD, it's > > # tcpdump -nei gem0 > 16:14:00.852256 0:10:a7:17:1a:c0 0:a:95:6d:aa:98 0800 102: 10.1.1.145 > > 10.1.1.60: icmp: echo request (DF) This works on fxp0 but on tun1 it doesnt work.. probably because its a virtual interface.. I am using vtund to open this tunnel. > >> On 192.168.0.1 (remote gateway): >> blowfish:~# tcpdump -e -i tun0 >> tcpdump: listening on tun0 >> 16:00:25.851705 ip 84: truncated-ip - 21420 bytes missing! 192.168.0.2 > >> apollo.is.co.za: icmp: echo request > >Oh, so the packets do arrive at the other gateway (the one you want >route-to to send them to, not the default gateway)? In that case the >route-to rule worked fine. Is the other gateway just dropping them >(because of truncation or invalid checksums)? Run tcpdump with options >that increase snaplen to 1600 (-s 1600) and print checksum mismatches >(-vvv), to check.
Yes it must send them to 192.168.0.1 like you said :-) looks like a invalud checksum.. blowfish:~# tcpdump -s 1600 -vvvv -i tun0 tcpdump: listening on tun0 16:37:33.073615 truncated-ip - 21420 bytes missing! 192.168.0.2 > apollo.is.co.za: icmp: echo request (ttl 64, id 18799, len 21504, bad cksum c89!) 16:37:34.081416 truncated-ip - 21420 bytes missing! 192.168.0.2 > apollo.is.co.za: icmp: echo request (ttl 64, id 62063, len 21504, bad cksum 6388!) 16:37:35.091243 truncated-ip - 21420 bytes missing! 192.168.0.2 > apollo.is.co.za: icmp: echo request (ttl 64, id 44413, len 21504, bad cksum a87a!) 16:37:36.101231 truncated-ip - 21420 bytes missing! 192.168.0.2 > apollo.is.co.za: icmp: echo request (ttl 64, id 6685, len 21504, bad cksum 3bdb!) > >Daniel > Mark
