Date: Mon, 07 May 2007 17:02:56 -0700 From: Julian Elischer <julian@elischer.org> To: Kirk Davis <Kirk.Davis@epsb.ca> Cc: Freebsd-ipfw@freebsd.org Subject: Re: Policy Routing natd+ipfw Message-ID: <463FBE30.90009@elischer.org> In-Reply-To: <DB9A31C316524A4A83E54A2C0D20655702216E5A@Exchange24.EDU.epsb.ca> References: <33910a2c0705041812s2aaf0b62t785e16abc0decee6@mail.gmail.com> <463E377E.2000300@elischer.org> <DB9A31C316524A4A83E54A2C0D20655702216E5A@Exchange24.EDU.epsb.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Kirk Davis wrote: > > Julian Elischer wrote: >> in -current you can implement a routing table via FWD and tables. >> in 6.x you need to specify the next hop. and an more explicit rule. > > Is there any information floating around on how to do this in current > using the FWD rules and tables? Any pointer on where to look. man ipfw on -current basically you can implement alternate routing tables.. ipfw table 1 add 0.0.0.0/0 4.5.6.7 # default route for table 1 ipfw table 1 add 2.3.4.0/24 5.4.3.2 # but not for packets to 2.3.4.x ipfw table 2 add 0.0.0.0/0 7.6.5.4 #default route for table 2 ipfw table 2 add 2.3.4.0/24 6.5.4.3 # but differnet route for packets to 2.3.4.x ipfw add 100 allow ip from 1.2.3.0/24 to any out ipfw add 110 fwd tablearg ip from 1.2.4.0/24 to table(1) out ipfw add 120 fwd tablearg ip from 1.2.5.0/24 to table(2) out > > Right now I am using fwd rules on our BGP router (Quagga & FreeBSD > 6.2) to force one of our subnets out a particular interface and avoid > the routing table but I would prefer to do it more like a dual routing > table where I can make more routing decisions than just forcing all > packets from that subnet out the interface. I could test it on one of > our current boxes. > >> julian > > ---- Kirk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?463FBE30.90009>