Re: 2 different routes
alex_at_ise-spb.org
Date: 10/28/04
- Next message: jpd: "Re: Kernel-PPP and PF Questions"
- Previous message: Michel Talon: "Re: Kernel-PPP and PF Questions"
- In reply to: jpd: "Re: 2 different routes"
- Next in thread: Justins local account: "Re: 2 different routes"
- Reply: Justins local account: "Re: 2 different routes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 28 Oct 2004 01:12:38 -0700
I solve this problem!!!
rc.conf
defaultrouter="213.х.х.225"
ifconfig_rl0="inet 213.х.х.226 netmask 255.255.255.240"
ifconfig_rl2="inet 193.y.y.178 netmask 255.255.255.240"
gateway_enable="YES"
router_enable="YES"
ipfw:
ipfw add fwd 193.x.x.177 ip from 193.x.x.176/28 to not 193.x.x.176/28
and it works!
freebsd is accessable by 213.х.х.226 and by 193.y.y.178
but there is a probleb - i couldn't filter traffic for subnet 193.x.x.176/28 :(
rules
ipfw add allow all from 193.x.x.176/28 to any
ipfw add allow all from any to 193.x.x.176/28 established
doesn't work after fwd rule
and if i put them before fwd rule - fwd rule doesnt' work :((
whats wrong?
jpd <read_the_sig@do.not.spam.it> wrote in message news:<1098821200.649264@entelocal.ipberlin.com>...
> On 2004-10-26, Martin <nospam@example.org> wrote:
> > alex@ise-spb.org wrote:
> >> I have 2 REAL subnets:
> >> 213.x.x.224/28 (gw = 213.x.x.225)
> >> 193.y.y.176/28 (gw = 193.y.y.177)
> >>
> >> rl0 has adress 213.x.x.226
> >> rl1 has adress 193.y.y.178
> >>
> [snip]
> >> is it possible to make it accessable by 2 ip at the time?
> >
> > You want something like:
> >
> > route add -net 193.y.y.176/28 193.y.y.177
> >
> > though I've probably got the syntax wrong. Get that working by hand, then
> > look into making it work automatically at boot-up via /etc/rc.conf .
>
> What's more important; you're trying to route a subnet you're in through
> its gateway -- that won't work the way you expect it to. The route
> for the subnet is fine, it'll be added automatically as soon as you
> do ifconfig rl1 193.y.y.178/28. (ifconfig adds that route, see the
> manpage.)
>
> What you'd need for the above setup to work for the rest of the world
> is FreeBSD keeping state and doing source-based routing. By itself its
> route table doesn't support that, AFAIK. One could try and use NAT
> or build a firewall ruleset that will toss off return packets to the
> gateway of the secondary public network for things that came in on that
> interface.
>
> Maybe someone better versed in ipf/ipfw/pf and/or natd can tell if this
> can be done. I think that at least with NAT you can do _something_, even
> if you have to hide things for your applications (and that will be a
> drawback for eg http servers). I think that otherwise OP is looking at
> hacking the routing mechanism in FreeBSD itself.
>
> This is different from two gateways on one subnet (which solaris seems
> to support in a round-robin way) in the obvious way. Note that the
> windows routing stuff does support multiple gateways on multiple subnets
> but it will toss packets to either of them indisciminately. (Very useful
> in making the users think that the network is INCREDIBLY S L O W, that
> with an effective packet loss of 50% or more, if one of the networks
> happens to be private not routed.)
- Next message: jpd: "Re: Kernel-PPP and PF Questions"
- Previous message: Michel Talon: "Re: Kernel-PPP and PF Questions"
- In reply to: jpd: "Re: 2 different routes"
- Next in thread: Justins local account: "Re: 2 different routes"
- Reply: Justins local account: "Re: 2 different routes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
