hello,
On Fri, Jan 22, 2021 at 05:32:47PM +1000, David Gwynne wrote:
> I tried this diff, and it broke the ability to use dynamic addresses.
> ie, the following rules should work:
>
> pass in on gre52 inet proto icmp route-to (gre49:peer)
> pass in on vmx0 inet proto icmp route-to (gre:peer)
I see, I did not know those should work.
>
> however, other forms of dynamic interface addresses should fail. or do
> we want to support route-to if0:broadcast too?
I can't think of any valid reason why 'ifp0:broadcast' should work. this
seems to be poor hack to work around some awkward glitch. I would prefer
to disable this option now. We can always add it later, when we will
understand the true purpose.
thanks and
regards
sashan
