From nobody@FreeBSD.org  Tue Jan 13 09:26:30 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C8568106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 13 Jan 2009 09:26:30 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id B773E8FC16
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 13 Jan 2009 09:26:30 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n0D9QUVE035875
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 13 Jan 2009 09:26:30 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id n0D9QUtW035874;
	Tue, 13 Jan 2009 09:26:30 GMT
	(envelope-from nobody)
Message-Id: <200901130926.n0D9QUtW035874@www.freebsd.org>
Date: Tue, 13 Jan 2009 09:26:30 GMT
From: Eugen Konkov <kes-kes@yandex.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: BUG or FEATURE
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         130493
>Category:       misc
>Synopsis:       BUG or FEATURE
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    gavin
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 13 09:30:00 UTC 2009
>Closed-Date:    Fri Jan 16 09:25:40 UTC 2009
>Last-Modified:  Fri Jan 16 09:25:40 UTC 2009
>Originator:     Eugen Konkov
>Release:        
>Organization:
ISP Konkov
>Environment:
FreeBSD kes.net.ua 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Sat Jan  3 01:15:39 EET 2009     kes@kes.net.ua:/usr/obj/usr/src/sys/KES_KERN_v7  i386

>Description:
I have two routing tables, three LAN: one internal, two external.
I have connected VIA VPN to server through internal LAN.
if in firewall I add:
setfib 1 all from internal.lan.ip to any

The packet inside VPN tunnel is marked to have fib 1 and will leave router acording routing table 2 (fib 1)

If client IP is 10.0.0.2 and router IP is 10.0.0.1 and LAN interface is rl2
If VPN interface on router is ng0 and framed IP for VPN client is 192.168.0.2 

it seems that 
setfib 1 all from internal.lan.ip to any in recv rl2
is equivalent to
setfib 1 all from 192.168.0.2 to any in recv ng0

Is this feature or bug that packet inside tunnel is also marked to have same fib as tunnel/transport packet has?

>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: gavin 
State-Changed-When: Fri Jan 16 09:23:06 UTC 2009 
State-Changed-Why:  
To submitter:  I don't know if this is a bug or a feature - and 
the PR database is not the place to ask.  I'd recommend you email 
your question to freebsd-net@freebsd.org with a better subject line 
and see what they think.  If it is in fact a bug, please open 
another PR. 


Responsible-Changed-From-To: freebsd-bugs->gavin 
Responsible-Changed-By: gavin 
Responsible-Changed-When: Fri Jan 16 09:23:06 UTC 2009 
Responsible-Changed-Why:  
Track 

http://www.freebsd.org/cgi/query-pr.cgi?pr=130493 
>Unformatted:
