From muir@news.idiom.com  Sat Apr 25 13:34:38 1998
Received: from news.idiom.com (news.idiom.com [140.174.82.35])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA12206
          for <FreeBSD-gnats-submit@freebsd.org>; Sat, 25 Apr 1998 13:34:37 -0700 (PDT)
          (envelope-from muir@news.idiom.com)
Received: (from muir@localhost)
	by news.idiom.com (8.8.8/8.8.5) id NAA14642;
	Sat, 25 Apr 1998 13:34:37 -0700 (PDT)
Message-Id: <199804252034.NAA14642@news.idiom.com>
Date: Sat, 25 Apr 1998 13:34:37 -0700 (PDT)
From: muir@idiom.com
Reply-To: muir@idiom.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: NFS ignores interface when sending packets
X-Send-Pr-Version: 3.2

>Number:         6412
>Category:       kern
>Synopsis:       NFS sends packets from the wrong interface
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    peter
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Apr 25 13:40:01 PDT 1998
>Closed-Date:    Sat Dec 11 23:53:01 PST 1999
>Last-Modified:  Sat Dec 11 23:54:40 PST 1999
>Originator:     David Muir Sharnoff
>Release:        FreeBSD 2.2.6-STABLE i386
>Organization:
Idiom
>Environment:

	FreeBSD 2.2.6-STABLE on a system with many interfaces.  The lowest
	numbered interface (fxp0) leads to the outside world.  NFS traffic
	must be restricted to the internal network.

>Description:

	Routing table:

	# netstat -rn | grep 140.174.82
	140.174.82/27      209.157.69.22      UGc         2     1333      eth1
	140.174.82.32/27   209.157.69.22      UGc         3       69      eth1
	140.174.82.66      209.157.69.22      UGH         0        0      eth1
	140.174.82.82      209.157.69.22      UGH         0        0      eth1
	140.174.82.113     209.157.69.22      UGH         1      209      eth1
	140.174.82.128/26  209.157.69.22      UGc         0        0      eth1
	140.174.82.192/26  209.157.69.22      UGc         0        0      eth1

	Firewall:

	# ipfw -a list | head -1
	00900         47       6560 allow log udp from any to 140.174.82.4 2049

	Kernel log:

	Apr 25 13:20:05 another /kernel: ipfw: 900 Accept UDP 209.157.69.21:1022 140.174.82.4:2049 out via fxp0

	Note the interface it went out.

	Now it gets stranger:

	Interfaces:

	# ifconfig fxp0

	fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
		inet 209.66.121.17 netmask 0xffffffc0 broadcast 209.66.121.63
		inet 209.66.121.65 netmask 0xffffffc0 broadcast 209.66.121.127
		inet 209.66.121.18 netmask 0xffffffc0 broadcast 209.66.121.63
		inet 209.66.121.19 netmask 0xffffffc0 broadcast 209.66.121.63
		inet 209.66.121.69 netmask 0xffffffc0 broadcast 209.66.121.127
		ether 00:a0:c9:45:b0:7d 
		media: autoselect

	# ifconfig eth1
	eth1: flags=51<UP,POINTOPOINT,RUNNING> mtu 1500
		inet 209.157.69.21 --> 209.157.69.22 netmask 0xfffffffc 

	I would like to add that the packets sent from fxp0 seem to be
	sent to the default route:

	# netstat -rn | grep default 
	default            209.66.121.1       UGSc      236  8967144      fxp0

	This is a slightly more complete example of a nearly identical
	problem I reported earlier.

>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->peter 
Responsible-Changed-By: phk 
Responsible-Changed-When: Sat Apr 25 23:02:24 PDT 1998 
Responsible-Changed-Why:  
over to Mr. NFS 
State-Changed-From-To: open->closed 
State-Changed-By: dillon 
State-Changed-When: Sat Dec 11 23:53:01 PST 1999 
State-Changed-Why:  
FreeBSD-current (4.x) has solved this problem by allowing nfsd's to be bound  
to specific IP addresses.  The change has not been backported, however.  You 
can also get around the problem by using a TCP mount.  TCP mounts only work 
well under 3.x and 4.x, not 2.2.x. 
>Unformatted:
