Site Navigation

Date:      Tue, 27 Jan 2015 13:59:22 +0300
From:      Lev Serebryakov <lev@FreeBSD.org>
To:        net@FreeBSD.org
Subject:   ipfw, source-based routing, "forward" action and unknown GW address
Message-ID:  <54C76F8A.4070104@FreeBSD.org>

---

next in thread | raw e-mail | index | archive | help

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


 I have typical task at hands: two providers, no AS, no real IPv4
addresses in network, IPv4 NAT for both connections.

 Typical solution for this task is two NATs, "global" rule for
outgoing packets and two "forward" rules based on source address after
"nat global", am I right?

 But here is problem: "forward" rule uses "next hop IP". And one of my
providers change this IP from time to time. It assigns same IP for me
(I'm paying for "fixed IP") via DHCP, but "default router" option
could be different (looks like load-balancing).

 Is here any way to solve this "source based routing" problem without
changing rules in firewall on each DHCP lease re-acquisition?

- -- 
// Lev Serebryakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQJ8BAEBCgBmBQJUx2+KXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF
QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePCPAQAKVXGb9QmahvGNvTAwWp1gDj
AxWNnEkBQau209kkUFGma55VtLe5vjXwmjnxyC66zAec2Je44TAF1vYtr0GAevVp
nRnLznsb+mN3tqI5Y5nlqugJyBzJiJWE6p5uFHsDxmYXmyA0/kQoLUt3JjlyZfLg
JDpMUrJ6KIqwgVmq8gASVQhMzsLkreBItht20tFjEdUxcVnXISkpLfTbXJXZb0yi
SntAwsrVaMhwpuSskiz26TTersVDHppKILGaJTSCYff6Tm0tLFeHwRKneK+KqBRk
YCgCsD3gT8yPpRjqdBSawSapVpl1J2eRHSiZ+fo4DpAt3XHUkZD+HAFdWwszrD2X
fdwAnHP94scjK//mV6MZXSS7sp8iAgGmm+sTeVl9N4F43hYazSyANwXjdcNm/Sc2
kZnYrWJInJUfP+6w+jWG7YaYMhC4hdxlEyeMoh37x6roUMWCUxraqQ/HUKlPiwtV
EhEPhRnUr6ZQv2Qv5WhjjaRYnLgNUb/M//EVftOsYdmek/uScunz5KCa9IM6SR+m
T6aa6YmJ7vAI12b04muG6/niknKavbmvn1bSvzDhxax/CivPp+paJkiPlq4MvNcv
uEClqKQ28GcC3vOmx3ILjtOFXaqqBGqh7rj2EkPMSaOvw+7tVK5JaWBGy9WqQTLY
2GsVhcwZUT7xrjoa9tyX
=LJQo
-----END PGP SIGNATURE-----

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54C76F8A.4070104>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact