LinuxQuestions.org - Routing and redirects

Hello guys,

the network scheme is the following:

Servers in network 10.0.0.0/24 -> 10.0.0.1 (core) -> 10.0.0.2 (router with
NAT to 1.2.3.4) -> internet

As you might have guessed I have the problem with "router with NAT".
It is Debian with kernel 3.2.0-0.bpo.4-amd64.

When I try to ping/telnet/etc. I get a problem.

Example:

Server 10.0.0.123 pings 4.2.2.4:

# ping 4.2.2.4
PING 4.2.2.4 (4.2.2.4) 56(84) bytes of data.
From 10.0.0.1: icmp_seq=3 Redirect Host(New nexthop: 10.0.0.2)
From 1.2.3.4 icmp_seq=1 Destination Host Unreachable

On 10.0.0.2 we can see in ip route cache:

10.0.0.123 from 4.2.2.4 dev eth0 src 1.2.3.4
cache ipid 0x3837 rtt 75ms rttvar 60ms cwnd 10 iif eth0.635
4.2.2.4 from 10.0.0.123 tos lowdelay via 10.0.0.2 dev eth0.635 src 10.0.0.2
cache <src-direct,redirected> ipid 0x6955 iif eth0
4.2.2.4 from 10.0.0.123 via 10.0.0.2 dev eth0.635 src 10.0.0.2
cache <src-direct> ipid 0x6955 iif eth0
4.2.2.4 via 10.0.0.2 dev eth0.635 src 1.2.3.4
cache <redirected> ipid 0x6955
local 1.2.3.4 from 4.2.2.4 dev lo src 1.2.3.4
cache <local> ipid 0xec85 iif eth0.635

After that, I can flush route cache and everything works fine. When
everything works, route cache looks like this:

4.2.2.4 via 1.2.3.1 dev eth0.635 src 1.2.3.4
cache ipid 0x6955
local 1.2.3.4 from 4.2.2.4 dev lo src 1.2.3.4
cache <local> ipid 0xecb1 iif eth0.635
10.0.0.123 from 4.2.2.4 dev eth0 src 1.2.3.4
cache ipid 0x386f rtt 75ms rttvar 60ms cwnd 10 iif eth0.635
4.2.2.4 from 10.0.0.123 via 1.2.3.1 dev eth0.635 src 10.0.0.2
cache <src-direct> ipid 0x6955 iif eth0

1) When I tell 10.0.0.123 to use 10.0.0.2 as the default gateway -
everything works like a charm, without flushing the cache
2) When I have FreeBSD server as 10.0.0.2 - everything works perfectly.
Bloody route cache.

Do you have any ideas how can I solve this issue?

--
Regards,
Sergey