Date: Wed, 24 Oct 2007 13:41:58 +0200 From: "tonix (Antonio Nati)" <tonix@interazioni.it> To: Tom Judge <tom@tomjudge.com> Cc: freebsd-isp@freebsd.org Subject: Re: Advanced routing option Message-ID: <471F2F86.7070805@interazioni.it> In-Reply-To: <471F24C6.8020808@tomjudge.com> References: <471F0422.5080800@interazioni.it> <471F14E1.8050900@tomjudge.com> <471F1A3F.5070100@interazioni.it> <471F24C6.8020808@tomjudge.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tom Judge ha scritto: > tonix (Antonio Nati) wrote: >> Tom Judge ha scritto: >>> tonix (Antonio Nati) wrote: >>>> I'm using FreeBSD and Monowall in the most of my servers. >>>> >>>> One limit I'm facing on both is the lack of an advanced routing >>>> feature. >>>> >>>> Would be too complicated to modify "route" sources (and probably >>>> kernel tables) implementing a FROM parameter in ADD command? >>>> >>>> route add 0.0.0.0/0 210.10.10.1 >>>> route add FROM 200.1.1.0/24 0.0.0.0/0 210.10.10.10 >>>> route add FROM 200.1.2.0/24 0.0.0.0/0 210.10.11.11 >>>> >>>> A FROM option would improve a lot routing capabilities and handling >>>> of multiple WAN connections. >>>> >>>> Any comment? >>>> >>>> Tonino >>>> >>> >>> If you wish to do this type of policy routing you need to use one of >>> the firewalls as it can't be done in the routing table. PF can do >>> this easily with its route-to option. >>> >> I feel it is more a routing feature than a fw feature. I don't see >> extending routing tables (and relative routing checking) so complicated. >> >> Tonino > > It is not that it is not complicated. It is that it is _NOT_ > _POSSIBLE_ to do this with the FreeBSD routing sub system. You _MUST_ > do this with a firewall on FreeBSD. Not possible with the ACTUAL routing subsystem, or not possible to change the code to enhance the subsystem? I'm speaking about modifying the code, if necessary. Tonino > Tom > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > -- ------------------------------------------------------------ Inter@zioni Interazioni di Antonio Nati http://www.interazioni.it tonix@interazioni.it ------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?471F2F86.7070805>