Hi Volker, There is no routing deamon working on this gateway. But I started a tcpdump that listening to port 521. I'll inform you about captured packets.
Regards, Ozkan KIRIK Mersin University @ Turkey On Sun, Aug 29, 2010 at 10:09 PM, <vol...@vwsoft.com> wrote: > On 08/29/10 19:50, Özkan KIRIK wrote: >> >> Hi, >> >> I am using FreeBSD 7.3 STABLE-201004. IPFW + In kernel NAT and if_vlan >> used mostly. >> System has 3 em interfaces. Scenario is classical, LAN DMZ WAN. >> >> Sometimes default router changes unexpectedly. I inspected logs if >> someone logged in or changed route. I found nothing. >> This problem repeats at least 1 times per day. I wrote a shell script >> which monitors the default router. >> I saw that sometimes netstat -rn shows that default router is changed >> as 10.3.1.64 or 10.5.3.189 etc. which are client IP addresses but >> routing still routes to right router 212.X.Y.Z . >> After a while, routing really fails. >> I use em nics for all. >> At the weekends (when most clients are now working) i dont have any >> problems. I'll correct the type above: At the weekends (when most clients are noT working) i dont have any problems. >> I think some network packets affects the defaultrouter. >> I tried to block packets belongs to the IP addresses which shown as >> default router (10.3.1.64, 10.5.3.189 etc.. ). Then the problem is >> solved. >> >> I wonder how the default router can be changed with packets that came >> from network? >> How can i prevent this without writing firewall rules? >> Or which packets should I drop? >> >> Any ideas? > > Özkan, > > just one: Do you see RIP (521/tcp, 521/udp) traffic? > > Volker > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
