redirect to tunnel

[Nick Kostyria <nick%i11.co@localhost>]

Hello.

I have tunnel (tun0) from FreeBSD (192.168.11.1) to NetBSD (192.168.11.112).
I want to redirect 8081 port in tunnel, but I have difficulties on NetBSD side.


For test I use UDP.
I see incommoding package from R.R.R.R to NetBSD on tun0:

netbsd# tcpdump -i tun0 -n 'port 8081'
04:30:48.824409 IP R.R.R.R.57012 > 192.168.11.112.8081: UDP, length 6

But the response is sent to external interface (hvn0).

netbsd# tcpdump -i hvn0 -n 'port 8081'
04:31:02.777012 IP 192.168.0.112.8081 > R.R.R.R.51648: UDP, length 3

Please tell, how send the response to tunnel.


netbsd# netstat -rn | grep 192.168.11.1
192.168.11/24      192.168.11.1       UGS         -        -      -  tun0
192.168.11.1       192.168.11.112     UH          -        -      -  tun0
192.168.11.112     tun0               UHl         -        -      -  lo0


Second question.
Why does the UDP response go from 192.168.0.112 (external interface), 
but TCP response go from 192.168.11.112 (tunnel IP) and both via hvn0?


The TCP response:
netbsd# tcpdump -i hvn0 -n 'port 8081'
04:44:36.895427 IP 192.168.11.112.8081 > R.R.R.R.33032: Flags [S.], seq 2012987995, ack 4087324423, win 32768, options [mss 1460,nop,wscale 3,sackOK,TS val 1 ecr 2714864791], length 0


Regards.


P.S.
I forward to tunnel by ipfw nat on FreeBSD:

ipfw nat 1 config if vmx0 same_ports reset redirect_port udp 192.168.11.112:8081 8081 redirect_port tcp 192.168.11.112:8081 8081
ipfw add nat 1 ip from any to me 8081 in via vmx0
ipfw add nat 1 ip from any 8081 to any