Routing outbound IP packets on multihomed box
Joe Holden
joe at joeholden.co.uk
Sat Jun 16 00:47:59 UTC 2007
Christopher Cowart wrote:
> On Fri, Jun 15, 2007 at 06:30:23PM -0400, Boris Kochergin wrote:
>> Christopher Cowart wrote:
>>> I have a server with two NICs:
>>>
>>> em0: 169.229.79.139/25
>>> vlan526: 169.229.126.9/24
>>>
>>> The default gateway is 169.229.79.129. The router for the 126 subnet is
>>> 169.229.126.1.
>>>
>>> netstat -rn:
>>> | Destination Gateway Flags Refs Use Netif
>>> Expire
>>> | default 169.229.79.129 UGS 0 102537 em0
>>> | 127.0.0.1 127.0.0.1 UH 0 217 lo0
>>> | 169.229.79.128/25 link#1 UC 0 0 em0
>>> | 169.229.79.129 00:15:c7:b9:f4:80 UHLW 2 4 em0
>>> 1193
>>> | 169.229.79.139 00:11:25:ab:42:70 UHLW 1 589 lo0
>>> | 169.229.126/24 link#9 UC 0 0 vlan52
>>> | 169.229.126.1 00:15:c7:b9:f4:80 UHLW 1 34 vlan52
>>> 1200
>>> | 169.229.126.9 00:18:f8:09:d3:a5 UHLW 1 8 lo0
>>>
<snip>
>> pass out route-to (vlan256 169.229.126.1) from 169.229.126.9 to any
>>
>> This tells PF to send all packets sent from 169.229.126.9 through the
>> vlan256 interface with a next-hop address of 169.229.126.1.
>
> Unfortunately, I don't think we can use pf. The rest of our
> infrastructure is ipfw and we don't particularly want this to be a
> one-off. I was under the impression that my ipfw rule did exactly this,
> by sending the packets to the 126 router as their next hop.
>
> Anyone have any ideas on whether an ipfw fwd rule can be used in a
> similar way to this pf rule?
>
Yes, ipfw fwd will work fine, you'll need to route based on the source
ip addresses. For exmaple:
ipfw add 1 fwd <router1> all from <link1> to any
ipfw add 2 fwd <router9> all from <link9> to any
That *should* work, been a long time since i've touched ipfw.
--
Joe Holden
T: (UK) 02071009593 (AU) 282442321
E: joe at joeholden.co.uk
More information about the freebsd-net
mailing list