Static route via address, not interface

Vladimir B. Grebenschikov vova at fbsd.ru
Fri Nov 14 04:38:14 PST 2003 

В пт, 14.11.2003, в 09:02, Jason Dixon пишет:
> Sorry if this is well-traveled territory, but I haven't found anything
> relevant in the lists, handbook or FAQ.
> 
> I have a setup on a network where 802.11b traffic from a group of
> wireless hosts is "reflected" off the internal interface of an OpenBSD
> firewall.  In order to encrypt all wireless traffic, I enforce a series
> of host tunnels from the wireless clients into the gateway.  This
> requires that *all* LAN hosts "bounce" off the firewall in order to
> ensure proper routing both ways.
> 
> For any traffic destined from one of these systems (say, my Linux
> laptop, for example) to another local host, packets traverse an IPsec
> tunnel, exit on enc0 of the firewall, and are NATted back into the wired
> segment (fxp1).  With Linux and Windows hosts, I'm able to add static
> routes to bind to the gateway IP address (192.168.0.1).
> 
> Unfortunately, it appears that FreeBSD (4.9-RELEASE) ignores my intent,
> instead assuming(?) that I wish to assign the route to the interface,
> rather than the IP.  The expected behavior is that traffic is routed
> locally, rather than across the gateway, breaking all TCP traffic.
> 
> Any ideas?  Am I overlooking something simple?  Here is the route
> command I've used and my routing table:
> 
> route add -net 192.168.0.0 192.168.0.1 -netmask 255.255.255.0
> 
> Destination        Gateway            Flags    Refs      Use  Netif Expire
> default            192.168.0.1        UGSc        2        0   fxp0
> 127.0.0.1          127.0.0.1          UH          1        0    lo0
> 192.168.0          link#1             UC          3        0   fxp0
> 192.168.0.1        00:a0:cc:e2:7e:f4  UHLW        3      808   fxp0    596
> 192.168.0.42       00:05:5d:a6:df:e3  UHLW        1       63   fxp0    992
> 192.168.0.53       127.0.0.1          UGHS        0        0    lo0

I guess - you already have 192.168.0.0/24 route entry, added by command:
ifconfig fxp0 192.168.0.53/24 

so now you need:
remove network route via interface:
route delete 192.168.0.0/24
add interface route (kernel should know how to reach router) 
route add 192.168.0.1/32 -iface fxp0 -cloning
and then add network route via router
route add 192.168.0.0/24 192.168.0.1

> Thanks in advance,

-- 
Vladimir B. Grebenschikov <vova at fbsd.ru>
SWsoft Inc.

More information about the freebsd-net mailing list