Tuesday, January 24, 2023

Re: OpenBSD routing - detects WAN IP links back to firewall?

Hello,

> The router treat it like an internal request because it IS an internal
> request.

Hello I am aware of this, but ISP routers, or well the one I had at
least, would send the packet to the ISP only to be returned back to the
router, instead of detecting that the packet is for the WAN IP address
of the router, like OpenBSD does.

> I don't know what you mean with "traditional router".
> Maybe you mean the plastic boxes given away from ISP's with modem, VOIP,
> WLAN and more. If such a device routes packets like you describe above
> then it is doing it's job wrong.

ISP routers doing their jobs wrong? Damn, you had faith in ISP routers,
I am shocked. In all reality though, ISP routers are not designed to be
performant or compliant with any standards, they are meant to be cheap
and "work".

>
> Maybe such behavior you described feels more like something that works
> on layer 2 ...?
> I am not sure about that layer thing - maybe someone can shed some light
> on this. There are many experienced IT professionals on this list.

Layer 2 would be mac address, which this does not relate to, as each hop
of the packet the mac address is changed until a router which has the
mac address mapped to their IP address gets the packet, then it has hit
the endpoint.

By thinking about it now, this behaviour is quite simple to be normal,
routers contain a routing table which maps every IP allocation on the
network to the mac address of the NIC, thus just using Layer 2, a router
can tell if the packet is for it or not, if it is not it is passed
backwards to the ISP. I do not know what my ISP did so badly for their
router to be hopping packets to and from the same router, but to be
honest what else do you expect from Virgin Media? (also its a very old
router cause virgin media do not bother replacing "working" routers)

> Thats expected behaviour.

Thankfully it is!

>
> This is because the packet IS for it.
> What would you do if I give you a letter which is adressed to you? Would
> you give it to another person so that this person can relay it again?
>
> Maybe I don't understand the real question.
> But please feel free to explain.
>

I am aware the packet is for it, like I said above I totally forgot
about the routing table which would easily detect whether the packet is
for the router or not.

The question was already answered by Pywy over on XMPP, so any further
responses should just be added examples/explanations on why this occurs,
not telling me how stupid I am for forgetting how the router maps
physics to virtual addresses (MAC <-> IP).

Thanks for the help,
--
Polarian
GPG signature: 0770E5312238C760
Website: https://polarian.dev
JID/XMPP: polarian@polarian.dev

No comments:

Post a Comment