From owner-freebsd-questions  Thu Apr  4 17: 6:33 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id 243BB37B41A
	for <freebsd-questions@FreeBSD.ORG>; Thu,  4 Apr 2002 17:06:30 -0800 (PST)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id g351D7g86592;
	Thu, 4 Apr 2002 19:13:07 -0600 (CST)
	(envelope-from nick@rogness.net)
Date: Thu, 4 Apr 2002 19:13:07 -0600 (CST)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Diego Linke - GAMK <linke@calnet.com.br>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Advanced routing
In-Reply-To: <20020404101539.10b8f019.linke@calnet.com.br>
Message-ID: <Pine.BSF.4.21.0204041901510.86383-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Thu, 4 Apr 2002, Diego Linke - GAMK wrote:

> Hi All,
> 
> My objective is, the machine 192.168.0.11 out via ADSL, and other
> machines (192.168.0.X) out via link.
> 
> My interfaces address:
> xl0 - 200.200.200.5  (Link Router 200.200.200.1)
> xl1 - 192.168.0.1
> xl2 - 192.168.200.8  (ADSL Router 192.168.200.254)
> 
> Default gateway is 200.200.200.1 (link)
> 
> ipnat.conf:
> map xl2 192.168.0.11/32 -> 192.168.200.8/32
> map xl0 192.168.0.0/24 -> 200.200.200.5/32
> 
> ipf.conf:
> pass out quick on xl0 to xl2:192.168.200.254 from 192.168.0.11/32 to
> any
> 
> The problem is the machine 192.168.0.11 the conection Time out... (not
> conection to internet via ADSL).
> 
> Do you have any idea ?
> 

	I'm not sure with ipfilter but this is a snap in ipfw (using the
	fwd command).

	Nat is not the solution because it does not "change routing
	info" for packets.  It changes the source and/or destination
	within the packet.  You need some facility in ipfilter that
	changes the next-hop address so the packet gets routed out
	interface xl2 instead of the default xl0.

	This is sometimes called "policy routing". Search ipfilters site
	for something similar.


	PS.  I don't even know if IPFilter can do this.


Nick Rogness <nick@rogness.net>
 - Don't mind me...I'm just sniffing your packets


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message