Dan Bent <dbent@benefit-systems.com> wrote:

> $ traceroute 10.0.1.251
> traceroute to 10.0.1.251 (10.0.1.251), 64 hops max, 40 byte packets
> 1 localhost (127.0.0.1) 0.745 ms 0.618 ms 0.235 ms
> 2 localhost (127.0.0.1) 0.620 ms 0.642 ms 0.400 ms
> 3 localhost (127.0.0.1) 0.507 ms 0.735 ms 0.494 ms
> 4 localhost (127.0.0.1) 0.614 ms 0.859 ms 0.402 ms
> 5 localhost (127.0.0.1) 0.477 ms 0.947 ms 0.681 ms
> 6 localhost (127.0.0.1) 0.767 ms 1.8 ms 0.857 ms
> 7 localhost (127.0.0.1) 1.13 ms 1.142 ms 0.904 ms
> 8 localhost (127.0.0.1) 0.974 ms 1.164 ms^C

> Routing table on firewall looks like this:

> 127.0.0.0 localhost UG <--- Here is your problem
> localhost localhost UH

These route entries are saying "to get to localhost, send your packet
via localhost", ergo you have a routing loop.

You seem to have a lot of route entries. Are you using a routing
protocol, or doing this by hand.

I'm not familiar with OpenBSD, so I'm not entirely certain what that
would normally say, but I would normally expect it to say something like
the following (from my Linux box, I should get by FreeBSD box going
again)

$ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.18.0.1 0.0.0.0 UG 0 0 0 eth0

You will notice that there are NO entries mentioning the device lo, or
the anything in 127.0.0.0/8.

--
Cameron Kerr
cameron.kerr@paradise.net.nz : http://nzgeeks.org/cameron/
Empowered by Perl!