On 2022-02-08, Mike Fischer <fischer+o...@lavielle.com> wrote: > Hi! > > I have PF rules redirecting packets to an IP on one interface (rdomain 1) to > the IP of another interface (rdomain 0): > > pass in log on rdomain 1 inet proto tcp to $ipv4b port 80 rdr-to $ipv4a port > 8080 rtable 0 > pass in log on rdomain 1 inet6 proto tcp to $ipv6b port 80 rdr-to $ipv6a port > 8080 rtable 0 > > These rules work for IPv4 but initially not for IPv6. (That problem is now > solved.) I was trying to figure out why and started using tcpdump(8). > > em0 has the IPs: ipv4a and ipv6a. > em1 is in rdomain 1 and has the IPs: ipv4b and ipv6b. > Both are connected to the same LAN. > > httpd(8) is configured to listen on ipv4a:80, ipv6a:80 with one (virtual) > server and on ipv4a:8080, ipv6a:8080 with another, each serving a very simple > index.html file that shows which server is responding. > > To debug I started: > # tcpdump -n -e -ttt -l -i em0 'port 80 or 8080‘ > > # tcpdump -n -e -ttt -l -i em1 'port 80 or 8080‘ > > (Both in separate terminal windows at the same time.) > > Now from a second machine I access the web server: > $ curl --url 'http://<ipv4a>‘ > Works fine, I see traffic in the tcpdump(8) for em0. > > $ curl --url 'http://<ipv4b>‘ > Works fine, I see traffic in the tcpdump(8) for em1 but not for em0. > > $ curl --url 'http://[<ipv6a>]‘ > Works fine, I see traffic in the tcpdump(8) for em0. > > $ curl --url 'http://[<ipv6b>]‘ > Timeout! I see traffic in the tcpdump(8) for em1 but not for em0. > This was the one I was ultimately trying to debug but as the trace on the > IPv4 version doesn’t work as expected I was momentarily at a loss. > I have since solved the actual problem by setting: > # sysctl net.inet6.ip6.forwarding=1 > But I still don’t see the redirected traffic in the tcpdump(8) for em0. > > > I don’t understand the second and fourth results. Why does the tcpdump(8) for > em0 not show the redirected packets? > > I am likely missing something obvious here. How can I capture the redirected > packets?
The redirection to an address on the local machine is just internal to the machine; those would only show a second time in tcpdump if they were being sent to another machine. Normally if you have two addresses on the same lan you'd configure them as aliases on the one interface, this seems a bit of a non-standard config. -- Please keep replies on the mailing list.
