Date: Mon, 17 Nov 2003 09:34:40 +0300 From: "Vladimir B. Grebenschikov" <vova@fbsd.ru> To: Jason Dixon <jason@dixongroup.net> Cc: freebsd-net@freebsd.org Subject: Re: Static route via address, not interface Message-ID: <1069050878.1941.7.camel@localhost> In-Reply-To: <1068831665.2775.33.camel@lappy.fuzzypenguin.net> References: <1068789760.2775.18.camel@lappy.fuzzypenguin.net> <1068813508.814.4.camel@localhost> <1068831665.2775.33.camel@lappy.fuzzypenguin.net>
next in thread | previous in thread | raw e-mail | index | archive | help
=F7 =D0=D4, 14.11.2003, =D7 20:41, Jason Dixon =D0=C9=DB=C5=D4:
> On Fri, 2003-11-14 at 07:38, Vladimir B. Grebenschikov wrote:
>=20
> > I guess - you already have 192.168.0.0/24 route entry, added by command=
:
> > ifconfig fxp0 192.168.0.53/24=20
> >=20
> > so now you need:
> > remove network route via interface:
> > route delete 192.168.0.0/24
> > add interface route (kernel should know how to reach router)=20
> > route add 192.168.0.1/32 -iface fxp0 -cloning
> > and then add network route via router
> > route add 192.168.0.0/24 192.168.0.1
>=20
> I guess I didn't make it clear enough, let me try again.
>=20
> I'm attempting to create a static route for my FreeBSD host so that
> *all* local traffic is routed across the gateway firewall, rather than
> being delivered on the local network segment, as is the default with
> LANs. If you view the routing table (below) again, you'll notice that
> traffic from the FreeBSD box (192.168.0.53) to another box on the same
> subnet (192.168.0.42) is still being delivered locally, rather than
> being routed through the gateway (192.168.0.1). This is *after* I've
> added a static route for 192.168.0.0/24 to use 192.168.0.1.
I understand you by previous message, so there is transcript of my
configuration (I have 172.22.2.0/24 segment attached with router
172.22.2.1 and my address 172.22.2.3)
Initial stage: I have directly routed subnet.
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 172.22.2.1 UGSc 0 1 fxp0
127.0.0.1 127.0.0.1 UH 1 312 lo0
172.22.2/24 link#2 UC 0 0 fxp0
172.22.2.1 00:a0:c9:04:7d:2c UHLW 11 279 fxp0 =20
1132
172.22.2.2 00:a0:c9:c7:fc:fa UHLW 1 57286 fxp0 =20
1194
172.22.2.3 127.0.0.1 UGHS 0 1 lo0
172.22.2.255 ff:ff:ff:ff:ff:ff UHLWb 2 163 fxp0
Now I am removing routing of subnet directly via interface:
# route delete 172.22.2.0/24
delete net 172.22.2.0
# netstat -rn=20
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 172.22.2.1 UGSc 1 1 fxp0
127.0.0.1 127.0.0.1 UH 1 312 lo0
172.22.2.3 127.0.0.1 UGHS 0 1 lo0
Now I am adding routing for router address only (kernel need to know how
to reach router)
# route add 172.22.2.1/32 -iface fxp0 -cloning
add net 172.22.2.1: gateway fxp0
# ping -c1 172.22.2.1
PING 172.22.2.1 (172.22.2.1): 56 data bytes
64 bytes from 172.22.2.1: icmp_seq=3D0 ttl=3D64 time=3D0.462 ms
--- 172.22.2.1 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev =3D 0.462/0.462/0.462/0.000 ms
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 172.22.2.1 UGSc 1 1 fxp0
127.0.0.1 127.0.0.1 UH 1 312 lo0
172.22.2.1 00:a0:c9:04:7d:2c UHLW 0 1 fxp0 =20
1196 =3D>
172.22.2.1/32 link#2 UCS 0 0 fxp0
172.22.2.3 127.0.0.1 UGHS 0 1 lo0
So, there is only route for router and myself in routing table.
No I'll add route for all 172.22.2 network:
add net 172.22.2.0: gateway 172.22.2.1
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 172.22.2.1 UGSc 1 1 fxp0
127.0.0.1 127.0.0.1 UH 1 312 lo0
172.22.2/24 172.22.2.1 UGSc 0 0 fxp0
172.22.2.1 00:a0:c9:04:7d:2c UHLW 1 1 fxp0 =20
1184 =3D>
172.22.2.1/32 link#2 UCS 0 0 fxp0
172.22.2.3 127.0.0.1 UGHS 0 1 lo0
Look 172.22.2.0/24 via 172.22.2.1, let's check it:
# ping -c1 172.22.2.2
PING 172.22.2.2 (172.22.2.2): 56 data bytes
36 bytes from dev (172.22.2.1): Redirect Host(New addr: 172.22.2.2)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 c802 0 0000 40 01 5675 172.22.2.3 172.22.2.2=20
> router complains here about possible direct way, by this can be
switched of by sysctl on router
64 bytes from 172.22.2.2: icmp_seq=3D0 ttl=3D64 time=3D0.611 ms
--- 172.22.2.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev =3D 0.611/0.611/0.611/0.000 ms
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 172.22.2.1 UGSc 1 1 fxp0
127.0.0.1 127.0.0.1 UH 1 312 lo0
172.22.2/24 172.22.2.1 UGSc 0 1 fxp0
172.22.2.1 00:a0:c9:04:7d:2c UHLW 1 2 fxp0 =20
1164 =3D>
172.22.2.1/32 link#2 UCS 0 0 fxp0
172.22.2.3 127.0.0.1 UGHS 0 1 lo0
#=20
Anyway all traffic directed through router=20
# ping -n -c1 -R 172.22.2.2
PING 172.22.2.2 (172.22.2.2): 56 data bytes
64 bytes from 172.22.2.2: icmp_seq=3D0 ttl=3D64 time=3D0.659 ms
RR: 172.22.2.1
172.22.2.2
172.22.2.3
--- 172.22.2.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev =3D 0.659/0.659/0.659/0.000 ms
#=20
--=20
Vladimir B. Grebenschikov <vova@fbsd.ru>
SWsoft Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1069050878.1941.7.camel>