Date: Wed, 25 Apr 2007 10:42:14 +0200 From: "Odd-Jarle Kristoffersen" <gamuso@gmail.com> To: freebsd-pf@freebsd.org Subject: Multiple WAN with DHCP and routing Message-ID: <b851d24f0704250142g3edfc968pea51b1c7de3a7af0@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've searched around a bit but couldn't find anything about just this topic. Most articles I've read deals with WAN interfaces having static IP and known routes which makes it not so hard to setup. Here's what I'm trying to accomplish. FreeBSD 6.2 box with 3 network interfaces. WAN1 fxp0 (IP provided by DHCP from DSL provider) WAN2 xl0 (IP provided by DHCP from DSL provider) LAN sis0 (192.168.50.0 / 24) WAN1 is a high-speed symmetrical connection and WAN2 is a slower asymmetrical connection. I've earlier used ipfilter and ipnat as a firewall with just one WAN and one LAN interface. But I have discovered that converting to pf is probably a must to get this new scenario working. And as I understand it pf does what ipf/ipnat does anyways - and more, so I won't mind the change. I have two groups of machines on the LAN segment. IPs from 192.168.50.10through 30 are suppsed to use the WAN1 connection all the time. These provide some webservices that should be reached from the WAN1 interface. Computers in the range 192.168.50.100 to 120 should use the WAN2 connection. None of these will need to be reached from the outside. Of course it'd be nice if the computers in this second range could reach the computers in the first range without being routed over the external network. I guess a couple of static routes should fix that, if at all needed. This is only a concern if I have to create two networks on the LAN interface (ie. 192.168.50.1/27 and 192.168.50.96/27 as an alias on the interface). First of all, is it all possible to perform routing based upon which LAN adress the traffic is coming from? And will it work when the WAN interfaces are dynamically assigned? If not, can a simple fall-over solution be implemented at all? If WAN1 goes down, that all traffic is automatically routed to WAN2? And then back to WAN1 when it comes back up... I've found out how to configure dhclient using /etc/dhclient.conf so that it don't overwrite the /etc/resolv.conf file, but am at loss when it comes to configurating pf and the routing. I've discovered if I leave "request routers" on just one interface in the /etc/dhclient.conf file this will become the default gateway for the FreeBSD box. If no such request is stated at all, there's no default gateway. Also how will all this work when the WAN DHCP-leases change? Maybe I'm trying something impossible, but then again who knows... Thanks for any input on the subject! O.J. Kristoffersen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b851d24f0704250142g3edfc968pea51b1c7de3a7af0>