From owner-freebsd-isp Fri Nov 9 12:57:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail2.mediadesign.nl (md2.mediadesign.nl [212.19.205.67]) by hub.freebsd.org (Postfix) with SMTP id 5E49637B416 for ; Fri, 9 Nov 2001 12:57:13 -0800 (PST) Received: (qmail 23904 invoked by uid 1002); 9 Nov 2001 20:30:26 -0000 From: "Alson van der Meulen" Date: Fri, 9 Nov 2001 21:30:26 +0100 To: freebsd-isp@freebsd.org Subject: Re: Router questions Message-ID: <20011109213026.E22946@md2.mediadesign.nl> Mail-Followup-To: freebsd-isp@freebsd.org References: <200111091622.fA9GMr114063@smtp1.amigo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200111091622.fA9GMr114063@smtp1.amigo.net> User-Agent: Mutt/1.3.22i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Nov 09, 2001 at 09:20:12AM -0700, Randy Smith wrote: > Hi all, > > I have a couple of FreeBSD router questions. > 1) Is there a utility that configures routed and ipfw using Cisco's command > set? I couldn't find one in the ports collection so I thought I'd ask here. For a cisco-style routed, look at zebra, /usr/ports/net/zebra > > 2) I have a FreeBSD 4.4-R machine that want to configure as a router to do > traffic shaping and transparent proxy. I think I have the router setup as per > the documentation but I cannot ping across the box. > > Here's my setup: > {net} <---> [gw1] <---> [fbsd] <---> [gw2] <---> {Lan} > * gw1 has address 192.168.69.49/255.255.255.252 > * fbsd has addresses fxp0=192.168.69.50/255.255.255.252 and > fxp1=192.168.69.53/255.255.255.252 > * gw2 has address 192.168.69.54/255.255.255.252 > (The gw* devices have other addresses on other interfaces that are on other > networks that do not enter into this discussion.) > > fbsd can ping gw1 and out to the net and gw2 and into the lan. > The problem is that gw2 can't ping gw1 and vis versa but the can each ping > the fbsd interface on their network. i.e. gw2 can ping fbsd:fxp1 and gw1 can > ping fbsd:fxp0. > > In /etc/rc.conf I have: > gateway_enable="YES" > router_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" # For testing > defaultrouter="192.168.69.49" > ifconfig_fxp0="inet 192.168.1.50 netmask 255.255.255.252" > ifconfig_fxp1="inet 192.168.1.53 netmask 255.255.255.252" err, wasn't it 192.168.69.50 instead of 192.168.1.50? > > gateway_enable sets the sysctl variable net.inet.ip.forwarding which should > turn on ip forwarding between interfaces. For simplicity, I have no static > routes defined. (As an aside is there any better documentation on static > routes than what's in route(8)?) > > What did I miss that is preventing me from getting across the fbsd router? Are the routes on gw[12] correct? something like route add 192.168.1.48/30 192.168.1.50 for gw1 (or 192.168.59.*) HTH, Alson -- ,-------------------------------------------. > Name: Alson van der Meulen < > Personal: alson@flutnet.org < > School: alson@gymnasiumleiden.nl < `-------------------------------------------' Oops! (said in a quiet, almost surprised voice) --------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message