13.1-p2 host with 2 internet links em0 - main link (defroute) IP1 fxp0 - backup link IP2 --> GW2 forward outgoing backup link traffic to backup GW2 # ipfw show 00040 268 20183 fwd GW2.GW2.GW2.GW2 ip from IP2.IP2.IP2.IP2 to any out via em0 00050 10695 2271177 allow ip from any to any Ping external host from IP2 source address # ping -S IP2.IP2.IP2.IP2 93.180.xxx.xxx PING 93.180.xxx.xxx (93.180.xxx.xxx) from IP2.IP2.IP2.IP2: 56 data bytes ^C 62 packets transmitted, 0 packets received, 100.0% packet loss All traffic flow via default routing interface # tcpdump -ni em0 host 93.180.xxx.xxx tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes 02:17:49.323610 IP IP2.IP2.IP2.IP2 > 93.180.xxx.xxx: ICMP echo request, id 2079, seq 8, length 64 02:17:50.324601 IP IP2.IP2.IP2.IP2 > 93.180.xxx.xxx: ICMP echo request, id 2079, seq 9, length 64 PS: Secont test If I ping host from external IP to IP2 icmp packet return from main link
Hi I encounter the same issue after upgrading from 12.3 to 13.0-p11 or 13.1-p2. Outgoing packets go through default route instead of IP specified by fwd rule. Thanks
Hi I have the same problem. IPFW FWD rule stopped working after update from 12 to 13.1. And I thought I was the only one with this problem. Perhaps this is a bug in FreeBSD 13.1
13.1-p5 the same problem - ipfw fwd stop working patch from bug #256828 helped to resolve issue
(just for information to save other people digging) As bug 256828 says, this was fixed in 17c9c2049004038ed6f2dc23a64cb9f74411ec52 in stable/13 (2022-04-18). However, checking `git merge-base stable/13 releng/13.1` shows 8824cbace389c440394bb9ea6c127d0f8f85538b (2022-03-09) as the branch point, so it landed in stable/13 too late to automatically be in 13.1, and it wasn't merged over to the releng branch (e.g, check the sys/netinet/ip_output.c log in releng/13.1; there weren't any chances since 2022-02). So going purely by that, it's not expected to be fixed in 13.1, but will be in 13.2.
Hi I confirm that it's working again for me in 13.2-RELEASE. Thanks
Fixed in 13.2-RELEASE.
Fixed in 13.2-RELEASE *** This bug has been marked as a duplicate of bug 256828 ***