Re: Next-hop based on source address (IPv6) [solved]

From: Andy Gilligan (andy_at_evo6.org)
Date: 07/28/03

  • Next message: Andy Gilligan: "Re: Next-hop based on source address (IPv6) [solved]" 
    Date: Mon, 28 Jul 2003 12:48:06 +0100
To: Juan Rodriguez Hervella <jrh@it.uc3m.es>

    On Mon, Jul 28, 2003 at 10:03:53AM BST, Juan Rodriguez Hervella wrote:
    > On Monday 28 July 2003 07:17, Andy Gilligan wrote:
    > > Hi,
    > >
    > > I have three IPv6 /48 networks connected to a FreeBSD 4.8 router, and I
    > > allocate /64 tunnels from each network to client machines.
    > >
    > > Is there any way I can specify the next-hop or outbound interface to use
    > > on the router based on the source address of the client?
    > >
    > > I initially thought of 'ipfw fwd', but ip6fw doesn't seem to have this
    > > ability.
    > >
    > > Any thoughts?
    > >
    >
    > Hello Andy:
    >
    > I wanted to do something similar and when I realized that ip6fw didn't have
    > such option, I asked for it on the Kame mailing list, but they answered me
    > that they didn't see it as a feature demanded by the community so they
    > didn't have any plan to implement it on the short term.
    > (Anyway I think it shouldn't be hard to add such feature,
    > but I'm a bit lazy :)
    >
    > You can ask for it on Kame mailing-list again (because I ask for it a long
    > time ago and it may have been already implemented, I don't know). Also I
    > think that there are implementations of something called "source base
    > routing", but I don't have experience with that.

    Well, I got it working eventually, after a bit of tinkering with ipf...

    I must admit, I completely forgot about ipf's 'fastroute' abilities,
    especially with regard to IPv6 :)

    --- Summary ---

    Three tunnels: (fictional ip addrs)

            gif0 : 2001:111:111::/48 : gw=2001:1000::1
            gif1 : 2001:222:222::/48 : gw=2001:2000::1
            gif2 : 2001:333:333::/48 : gw=2001:3000::1

    The default route is via gif0 (fe80::%gif0)

    My ipf6.rules:

            pass in on gif0 to gif1:2001:2000::1 from 2001:222:222::/48 to any
            pass in on gif0 to gif2:2001:3000::1 from 2001:333:333::/48 to any

    So far, I haven't noticed any WeirdStuff(tm) happening, so things look
    promising - all packets leave via the right interface :)

    Comments welcome if this looks like it may cause problems :)

    Best regards,
    -Andy

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Andy Gilligan: "Re: Next-hop based on source address (IPv6) [solved]"