!!! First I must correct myself: Of cource my firewall has two nics! In my
original post, it seemed it only had one. This is the correct nic config:
eth0 133.20.12.67
eth0:0 133.20.12.68
eth1 192.168.71.201
> Hello!
>
> > 0:60:97:15:41:48 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 133.20.12.20 \
> > tell 133.20.12.67
> > ^^
> ...
> > It seems that the arp "source address" isn't NAT'ed. Is it supposed to
be, or isn't things
> > designed that way?
>
> BTW I see no rules to translate/masquerade this address in your setup,
> so that it is difficult to understand your question.
Hmm... isn't this the translating rule:
[root@fd_router /]# ip rule
<snip>
32025: from 192.168.71.33 lookup main map-to 133.20.12.68
<snip>
What I (also) forgot to include in my original post:
[root@fd_router /]# ip route list table local
<snip>
nat 133.20.12.68 via 192.168.71.33 scope host
<snip>
> Generally, ARP requests are sent with "source" address of the packet which
> hits wire, (provided you did not break kernel with some of patches
floating
> here). Do you see? It is translated by definition.
No, I'm afraid I lost you here... But according to Matthew G. Marsh
<mgm@paktronix.com>, the arp request was correctly send with the nic's
primary address as source address.
> Alexey Kuznetsov
Cheers,
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/