Re: Advanced routing option

tonix (Antonio Nati) wrote:
Tom Judge ha scritto:
tonix (Antonio Nati) wrote:
Tom Judge ha scritto:
tonix (Antonio Nati) wrote:
I'm using FreeBSD and Monowall in the most of my servers.

One limit I'm facing on both is the lack of an advanced routing feature.

Would be too complicated to modify "route" sources (and probably kernel tables) implementing a FROM parameter in ADD command?

route add 0.0.0.0/0 210.10.10.1
route add FROM 200.1.1.0/24 0.0.0.0/0 210.10.10.10
route add FROM 200.1.2.0/24 0.0.0.0/0 210.10.11.11

A FROM option would improve a lot routing capabilities and handling of multiple WAN connections.

Any comment?

Tonino


If you wish to do this type of policy routing you need to use one of the firewalls as it can't be done in the routing table. PF can do this easily with its route-to option.

I feel it is more a routing feature than a fw feature. I don't see extending routing tables (and relative routing checking) so complicated.

Tonino

It is not that it is not complicated. It is that it is _NOT_ _POSSIBLE_ to do this with the FreeBSD routing sub system. You _MUST_ do this with a firewall on FreeBSD.
Not possible with the ACTUAL routing subsystem, or not possible to change the code to enhance the subsystem? I'm speaking about modifying the code, if necessary.

Tonino


Not possible with the current implementation, I don't know about how feasible it is to add the support you want either. You may want to ask on net@ to see if anyone there is actively working on this.

However if you are looking for a quick solution you should go the firewall route.

Tom

_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • RE: Fax routing
    ... I understand you could not route your ... Open Server Management ... E-mail incoming routing method" ...
    (microsoft.public.windows.server.sbs)
  • Routing in the network :-)
    ... Itojun and I had played off and on ... routing information. ... So AT&T gives me the default route to IP-A1 ... up to FreeBSD.net and AT&T's network went down.. ...
    (freebsd-arch)
  • Re: Routing in the network :-)
    ... Itojun and I had played off and on ... routing information. ... So AT&T gives me the default route to IP-A1 ... up to FreeBSD.net and AT&T's network went down.. ...
    (freebsd-arch)
  • Re: Second ISP
    ... make sure that the second ISP router does not have a better default ... All of this can be done with show ip route ... Does this require a routing ... but I would recommend a routing protocol. ...
    (comp.dcom.sys.cisco)
  • Re: OT - Quagga/CARP
    ... when an alternate route for the same prefix is in the kernel route table. ... The problem is that quagga just does a stupid RTM_DELETE/RTM_ADD combo to ... limitation in the kernel routing tables or something, ... My understanding is that restarting en ospfd daemon is bad. ...
    (freebsd-net)