Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 20 Jun 2011 14:54:27 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        freebsd-questions@freebsd.org
Subject:   Re: Two Networks on one System
Message-ID:  <4DFF5113.5000909@infracaninophile.co.uk>
In-Reply-To: <201106201337.p5KDbaot089006@x.it.okstate.edu>
References:  <201106201337.p5KDbaot089006@x.it.okstate.edu>

next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig9660581E49EF478F84BF9AE6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 20/06/2011 14:37, Martin McCormick wrote:
> 	Following up on a question I wrote Friday June 17, a
> person from this list kindly referred me to the FreeBSD
> Handbook and the sections on configuring Ethernet interfaces. It
> has an excellent example as to how to set the default gateway
> from the command line. I tried it and it worked. Can a second
> interface such as fxp1 also be informed about the
> router on its network while we still keep the default route for fxp0?
>=20
> 	I hope to remotely ping both fxp0 and fxp1's ip
> addresses from off site and get an answer from both.
> 	So far, fxp0 is visible off of its network and fxp1 is
> only present on its subnet.
>=20
> 	It appears that you can only have one default route per
> system and I need this system to appear on both networks for a
> day or so while we move from one subnet to another.
>=20
> 	I presently have FW rules for fxp1 that should totally
> open everything:
>=20
> 00090 allow ip from any to 192.168.1.250 via fxp1
> 00091 allow ip from 192.168.1.250 to any via fxp1
>=20
> Obviously, I am still missing something.
>=20
> 	Thanks for any explanation as I think this sort of thing
> is fairly common.

Yes.  It's common in the sense that a lot of people think its something
that should work, and get confused when it doesn't prove simple to set up=
=2E

In principle, absolutely, you can set up routing to diverse upstream
locations and have it all work properly.  In practice, unless you are
familiar with internet routing protocols *or* both your upstream
gateways are actually part of the same organization and they offer
'bonded links' or some such, then you aren't going to make this work.
Certainly not as a transitional thing -- even with full blown BGP
setups, it still takes several minutes for routes to reorganise
themselves in the event of a failure somewhere.

While you can't have multiple default routes, you can certainly have
more specific routes that go via other gateways.  Usually with routing,
the choice of route is made by matching against the destination address,
but you can use other criteria.  The key words are 'policy based
routing' -- you'ld actually use a firewall (ipfw or pf) to implement
that.  [Also, usually some sort of NAT to rewrite the source address of
the packets]

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew@infracaninophile.co.uk               Kent, CT11 9PW


--------------enig9660581E49EF478F84BF9AE6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk3/URwACgkQ8Mjk52CukIyD1gCeOcpRCBiEmaIkieKZ+EIDaIld
pO4AnRDhBtHBMmS1UKYVsuqi04ArTq+M
=DzqU
-----END PGP SIGNATURE-----

--------------enig9660581E49EF478F84BF9AE6--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DFF5113.5000909>