Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Jan 2004 18:06:15 +0100
From:      Antoine Jacoutot <ajacoutot@lphp.org>
To:        freebsd-ipfw@freebsd.org
Subject:   source routing and dynamic @ip
Message-ID:  <1074186375.4006c887150e1@webmail.lphp.org>

next in thread | raw e-mail | index | archive | help
Hi :)

Allright, so, I've been trying to build a routing setup for some weeks now, 
and after looking everywhere and asking for help, I still cannot find the 
answer.
Here is what I want to do: source routing to 2 internet connections. 
Basically, I want net1 to go on the Internet using gateway connection1 and 
net2 to go on the internet using gateway connection2.
You have to know that both internet connections have dynamic IPs and I need 
NAT on both.
So far, these are my not working config files (defaut gateway is 
ip1/connection1).
em0 = inside interface
tun0 = pppoe DSL connection1 (default route)
tun1 = pppoe DSL connection2

--> /etc/ipfw.conf

#!/bin/sh
fwcmd="/sbin/ipfw -q"
ip1=`/sbin/ifconfig tun0 | /usr/bin/awk '/inet / { print $2 }'`
ip2=`/sbin/ifconfig tun1 | /usr/bin/awk '/inet / { print $2 }'`
lan1=192.168.0.0/24
lan2=192.168.1.0/24
${fwcmd} -f flush
${fwcmd} add 100 fwd $ip2 all from $lan2 to any out recv em0 xmit tun0
${fwcmd} add 200 divert 8669 all from $lan2 to any via tun1
${fwcmd} add 300 divert 8668 all from any to any via tun0
${fwcmd} add 400 allow all from any to any

--> /etc/natd_tun0.conf

interface tun0
port 8668
log_denied yes
log_facility security
use_sockets yes
same_ports yes
unregistered_only yes
punch_fw 10000:10000
dynamic yes

--> /etc/natd_tun1.conf

interface tun1
port 8669
log_denied yes
log_facility security
use_sockets yes
same_ports yes
unregistered_only yes
punch_fw 10000:10000
dynamic yes

I am really really looking for help here. If you know how to make such a setup 
working, I would appreciate a hand.
Thanks in advance.
Regards,

Antoine 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1074186375.4006c887150e1>