Date: Tue, 23 Jul 2002 12:24:08 -0700 From: rick norman <rick.norman@lmco.com> To: freebsd-ipfw@FreeBSD.ORG Subject: Re: IPFW Problem with Aliases on single Interface Message-ID: <3D3DAD58.BD3DF3B2@lmco.com> References: <20020723185403.24782.qmail@web13102.mail.yahoo.com> <3D3DA7F0.30607@tenebras.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Sierchio wrote: > Netmetrica corp wrote: > > I'm running BSD4.5 with one ethernet interface. that > > interface has multiple IP aliases. I would like to > > give each IP address a seperate ingress and egress > > rule. or in other words I want different subnets to > > be treated separately if those subnets are aliases > > on the same physical interface. > > However, the IPFW takes a shortcut and it seems to > > just use the the single outgoing interface instead of > > the multiple IP address that are assigned to that > > interface. Is there a reason that this feature is not > > supported other than speed? > > It's not ipfw, but IP that does this. This is the case on > every platform, in every implementation I know. All outbound > traffic will go out the primary interface on the same net, > even if they are separate physical interfaces. There > is a way to do what you intend with a combination of ipfw and natd, > and it gets fairly hairy. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message I think there is a limitation in ipfw that prohibits writing rules for next hop outbound aliased subnets. In 4.5 there seems to be a limitation that won't allow pkts being routed out on different subnets to be treated separately if those subnets are aliases on the same physical interface. I would like to see a solution to this problem also. -- "In the Big Rock Candy Mountains the jails are made of tin, And you can walk right out again as soon as you are in There ain't no short-handled shovels, no axes, saws or picks, I'm a-goin' to stay where you sleep all day Where they hung the jerk that invented work In the Big Rock Candy Mountains" wk: 408 742 1619 rick.norman@lmco.com hm: 650 726 0677 rnorman@ikaika.com cell: 650 303 3877 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D3DAD58.BD3DF3B2>