Date: Tue, 14 Apr 2009 19:59:12 +0200 (CEST) From: sthaug@nethelp.no To: steve@ibctech.ca Cc: freebsd-net@freebsd.org, julian@elischer.org, pcc@gmx.net Subject: Re: Multiple default routes / Force external routing Message-ID: <20090414.195912.74700172.sthaug@nethelp.no> In-Reply-To: <49E48799.1000300@ibctech.ca> References: <20090413.220932.74699777.sthaug@nethelp.no> <49E41755.8050701@elischer.org> <49E48799.1000300@ibctech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> Perhaps the OP should rephrase his desire. > > To me, it sounds like he wants to turn the FBSD box into a VLAN > aggregator, and then "trunk" the VLANs to an external router to route > between the VLAN subnets. It's more that I'd like my FreeBSD box to be able to handle multiple routing tables completely, as seen from an L3VPN point of view (this is what Cisco calls VRF-lite, which is obviously not a full fledged MPLS L3VPN implementation): - A box can have multiple routing tables. These are logically separate. - Each interface is connected to one and only one routing table. Each routing table may have zero or more interfaces connected to it. Cisco and many other vendors call a routing table with interfaces connected to it a VRF, Virtual Router and Forwarding instance, see for instance http://en.wikipedia.org/wiki/VRF - There is no traffic between VRFs within the box (and thus, if two interfaces are in different routing tables, you can *not* get traffic between them within the box). There is no "short-circuit" between VRFs. If two interfaces are in the *same* routing table (same VRF) you can of course have traffic between them. - To go between VRFs you need to send the traffic to an external device, for instance a firewall. Thus if I have a box with the following routing tables/interfaces/ IP addresses: Table Intf IP address 1 vlan0 192.168.1.1/30 2 vlan1 192.168.2.1/30 2 vlan2 192.168.3.1/30 then I can communicate from 192.168.2.1 to 192.168.3.1 within the box, since both of these interfaces are in the same routing table. But I cannot communicate from 192.168.2.1 to 192.168.1.1 within the box, since these interfaces are in separate routing tables. To get from 192.168.2.1 to 192.168.1.1 I need to send the traffic to an external device. Steinar Haug, Nethelp consulting, sthaug@nethelp.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090414.195912.74700172.sthaug>