Date: Mon, 4 Mar 2002 00:42:21 -0800 (PST) From: John Kozubik <john@kozubik.com> To: Mike D <d01f1n@yahoo.com> Cc: questions@FreeBSD.ORG Subject: Re: multiple defaultrouter Message-ID: <Pine.BSF.4.21.0203040027430.87686-100000@www> In-Reply-To: <20020304001952.PLTC8848.mta02-svc.ntlworld.com@there>
next in thread | previous in thread | raw e-mail | index | archive | help
Multiple gateways are indeed possible - support for them is mandated by RFC. However, it has been reported that simply adding more default routes with the standard `route` commands will not be successful. Something along the lines of: route: writing to routing socket: File exists add net 0.0.0.0: gateway 192.168.1.1: File exists One simple solution to your problem can be had with `ipfw`, support for which you will need to add to your kernel. options IPFIREWALL and IPDIVERT. You may wish to add other options like IPFIREWALL_VERBOSE, etc. `ipfw` rulesets like this: ## Allow traffic to flow normally ipfw add allow ip from 192.168.0.0/24 to 192.168.0.0/24 ## Forward other traffic to router 1 ipfw add fwd 192.168.0.1 ip from 192.168.0.0/24 to any ## Allow traffic to flow normally ipfw add allow ip from 10.0.0.0/24 to 10.0.0.0/24 ## Forward other traffic to router 2 ipfw add fwd 10.0.0.1 ip from 10.0.0.0/24 to any First rule allows normal traffic within the subnet to do as it will. Second rule dictates that packets in subnet 192.168.0.0/24 bound to other places hit router 1. Third rule allows normal traffic within this other subnet to do as it will. Fourth rule dictates that packets in subnet 10.0.0.0/24 bound to other places will hit router 2. ----- John Kozubik - john@kozubik.com - http://www.kozubik.com On Mon, 4 Mar 2002, Mike D wrote: > I have a machine that sits in the dmz and needs to be use 2 firewalls as > gateways as possible, otherwise one firewall does not not know what to do > with traffic intended for the other one. > > Basically, how do i specify 2 "defaultrouter"s for 1 machine? > > Thanks in advance, > > Mike > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0203040027430.87686-100000>