problems with ping and src-address

Hi,

If someone could verify this problem or tell me what I’m doing wrong it would be great

addresses:
0 10.0.0.1/24 10.0.0.0 10.0.0.255 ether1
1 192.168.0.1/24 192.168.0.0 192.168.0.255 ether2

routing table:
0 A S 0.0.0.0/0 reachable 10.0.0.2 1 ether1
1 ADC 10.0.0.0/24 10.0.0.1 0 ether1
2 ADC 192.168.0.0/24 192.168.0.1 0 ether2

Test:
/ping 192.168.255.5 src-address=192.168.0.1

Log entry:
00:21:52 firewall,info output output: in:(none) out:ether1, proto ICMP (type 8, code 0), 10.0.0.1->192.168.255.5, len 44

So it seems it takes the address from the interface where the default route is specified rather than the src-address I specified, which seems to be kind of strange. I would expect to get the src-address 192.168.0.1 instead of 10.0.0.1. Tried with src-address on syslog and there it did what I expected.

Ps. I’m using 3.24.

Any input would be appreciated!

can you confirm this with packet sniffer? I have seen MANY times that the log entry doesnt show correct info when using any nat or other things that might affect how its sent.

Thanks for quick answer!

Confirmed it, did a packet dump on the 10.0.0.2 device and noticed ICMP packages for 192.168.255.5 comming with src addr 10.0.0.1.

Don’t have any nat configured on the device, only some IPSEC config (that’s why I noticed it since it wouldn’t match the policy and therefor not enter the tunnel). After disabling the IPSEC stuff I still see the same problem.

I have the same problem since version 3.23 3.24. Look like /ping ignore src-address option
Try with version 3.22
I use /ping with src-address for IPSec keep alive.
The problem remain in setups without IPSec.
Tested with RB411,RB433,RB450.

RB1100AHx2, v.5.14. The same problem.
5 ip addresses on outbound interface and no reaction on src-address parameter at ping command.

If it still is the issue, maybe that’s not a bug, maybe that’s a feature?
Are there some ways to set distance on automatically created routing rules?
Does anyone know solution or workaround?