Re: Advanced routing option

Tom Judge ha scritto:
tonix (Antonio Nati) wrote:
Tom Judge ha scritto:
tonix (Antonio Nati) wrote:
I'm using FreeBSD and Monowall in the most of my servers.

One limit I'm facing on both is the lack of an advanced routing feature.

Would be too complicated to modify "route" sources (and probably kernel tables) implementing a FROM parameter in ADD command?

route add 0.0.0.0/0 210.10.10.1
route add FROM 200.1.1.0/24 0.0.0.0/0 210.10.10.10
route add FROM 200.1.2.0/24 0.0.0.0/0 210.10.11.11

A FROM option would improve a lot routing capabilities and handling of multiple WAN connections.

Any comment?

Tonino


If you wish to do this type of policy routing you need to use one of the firewalls as it can't be done in the routing table. PF can do this easily with its route-to option.

I feel it is more a routing feature than a fw feature. I don't see extending routing tables (and relative routing checking) so complicated.

Tonino

It is not that it is not complicated. It is that it is _NOT_ _POSSIBLE_ to do this with the FreeBSD routing sub system. You _MUST_ do this with a firewall on FreeBSD.
Not possible with the ACTUAL routing subsystem, or not possible to change the code to enhance the subsystem? I'm speaking about modifying the code, if necessary.

Tonino

Tom
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"



--
------------------------------------------------------------
Inter@zioni Interazioni di Antonio Nati http://www.interazioni.it tonix@xxxxxxxxxxxxxx ------------------------------------------------------------

_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Routing issue with VPN
    ... So how do I modify the routing ... This route causes packets which do not match any ... >of the other routes to be sent through the VPN tunnel. ...
    (microsoft.public.pocketpc)
  • Re: Advanced routing option
    ... One limit I'm facing on both is the lack of an advanced routing feature. ... Would be too complicated to modify "route" sources (and probably kernel ...
    (freebsd-isp)
  • Re: Advanced routing option
    ... Would be too complicated to modify "route" sources implementing a FROM parameter in ADD command? ... A FROM option would improve a lot routing capabilities and handling of multiple WAN connections. ... PF can do this easily with its route-to option. ...
    (freebsd-isp)
  • Programming Interface to change routing table entries
    ... I have a program running on AIX 5.2 and I need to disable the Multipath ... routing feature. ... As per my understanding, if I have 2 NICs, then due to ... Multipath routing, when the OS sends packets out, it does a round robin ...
    (comp.unix.aix)
  • Re: Advanced routing option
    ... One limit I'm facing on both is the lack of an advanced routing feature. ... Would be too complicated to modify "route" sources implementing a FROM parameter in ADD command? ... A FROM option would improve a lot routing capabilities and handling of multiple WAN connections. ...
    (freebsd-isp)