Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 16 Jun 2007 01:27:42 +0100
From:      Joe Holden <joe@joeholden.co.uk>
To:        Boris Kochergin <spawk@acm.poly.edu>,  freebsd-net@freebsd.org,  sysadmin@rescomp.berkeley.edu
Subject:   Re: Routing outbound IP packets on multihomed box
Message-ID:  <46732E7E.908@joeholden.co.uk>
In-Reply-To: <20070615231255.GG2335@rescomp.berkeley.edu>
References:  <20070615213454.GE2335@rescomp.berkeley.edu>	<467312FF.5020506@acm.poly.edu> <20070615231255.GG2335@rescomp.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
Christopher Cowart wrote:
> On Fri, Jun 15, 2007 at 06:30:23PM -0400, Boris Kochergin wrote:
>> Christopher Cowart wrote:
>>> I have a server with two NICs:
>>>
>>> em0:        169.229.79.139/25
>>> vlan526:    169.229.126.9/24
>>>
>>> The default gateway is 169.229.79.129. The router for the 126 subnet is
>>> 169.229.126.1. 
>>>
>>> netstat -rn:
>>> | Destination        Gateway            Flags    Refs      Use  Netif 
>>> Expire
>>> | default            169.229.79.129     UGS         0   102537    em0
>>> | 127.0.0.1          127.0.0.1          UH          0      217    lo0
>>> | 169.229.79.128/25  link#1             UC          0        0    em0
>>> | 169.229.79.129     00:15:c7:b9:f4:80  UHLW        2        4    em0   
>>> 1193
>>> | 169.229.79.139     00:11:25:ab:42:70  UHLW        1      589    lo0
>>> | 169.229.126/24     link#9             UC          0        0 vlan52
>>> | 169.229.126.1      00:15:c7:b9:f4:80  UHLW        1       34 vlan52   
>>> 1200
>>> | 169.229.126.9      00:18:f8:09:d3:a5  UHLW        1        8    lo0
>>>
<snip>
>> pass out route-to (vlan256 169.229.126.1) from 169.229.126.9 to any
>>
>> This tells PF to send all packets sent from 169.229.126.9 through the 
>> vlan256 interface with a next-hop address of 169.229.126.1.
> 
> Unfortunately, I don't think we can use pf. The rest of our
> infrastructure is ipfw and we don't particularly want this to be a
> one-off. I was under the impression that my ipfw rule did exactly this,
> by sending the packets to the 126 router as their next hop.
> 
> Anyone have any ideas on whether an ipfw fwd rule can be used in a
> similar way to this pf rule?
> 
Yes, ipfw fwd will work fine, you'll need to route based on the source
ip addresses.  For exmaple:

ipfw add 1 fwd <router1> all from <link1> to any
ipfw add 2 fwd <router9> all from <link9> to any

That *should* work, been a long time since i've touched ipfw.
-- 
Joe Holden
T: (UK) 02071009593 (AU) 282442321
E: joe@joeholden.co.uk

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46732E7E.908>