Bridged ethernet with ipnat redirect to local port - getting ICMP redirects instead

To: tech-net%netbsd.org@localhost
Subject: Bridged ethernet with ipnat redirect to local port - getting ICMP redirects instead
From: Thomas Bieg <tomsbsd%googlemail.com@localhost>
Date: Sat, 05 Jul 2014 18:00:03 +0200

Hello,

I am stuck trying to redirect HTTP requests targeted outside to a local httpd
via a bridged and ipf'ed ethernet port.

The bridge machine is running NetBSD 6.1_STABLE as of two weeks ago with a
custom kernel that's basically GENERIC + BRIDGE_IPF enabled.

- re0 is 192.168.1.1, where the httpd is listening.
- re0 is connected to a LAN with 192.168.1.2 as internet gateway (does DHCP and
  DNS).

- re1 has no ip.
- re1 is bridged to re0 with ipf enabled.
- re1 is directly connected to the machine (a "smart" TV actually) where the
  requests to be redirected are originating from (which succesfully gets its
  192.168.1.x IP from 192.168.1.2 over the bridge and can access LAN and
  internet just fine if I allow it).

- ipnat.conf has:
  rdr re1 1.2.3.4/32 port 80 -> 192.168.1.1 port 80

(IP forwarding is also enabled, but as I understand it, that shouldn't even be
necessary.)

I was expecting/hoping ipnat would silently redirect connections coming in on
re1 and intended for 1.2.3.4 to the local httpd on re0, but instead it's sending
out ICMP redirects on re1.

Shouldn't that work? Or is there something I missed?


Best regards,
Tom

Follow-Ups:
- Re: Bridged ethernet with ipnat redirect to local port - getting ICMP redirects instead
  - From: Darren Reed

Prev by Date: Re: IPv6 Stable Private Addresses RFC 7217
Next by Date: Shifting 128 bits
Previous by Thread: wm_intr may lead wm_start unexpectedly
Next by Thread: Re: Bridged ethernet with ipnat redirect to local port - getting ICMP redirects instead
Indexes:

Home | Main Index | Thread Index | Old Index