Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Sep 2020 18:54:00 +0200
From:      Abelenda Diego <diego.abelenda@gmail.com>
To:        kaycee gb <kisscoolandthegangbang@hotmail.fr>
Cc:        freebsd-net@freebsd.org
Subject:   Re: IP "routing" issue
Message-ID:  <20200910185400.593a8ce2@debian>
In-Reply-To: <VE1PR03MB5629FC5FAB3212A0987F7F4CA0260@VE1PR03MB5629.eurprd03.prod.outlook.com>
References:  <20200909164254.5e7e3891@debian> <VE1PR03MB5629FC5FAB3212A0987F7F4CA0260@VE1PR03MB5629.eurprd03.prod.outlook.com>

next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/rSIssGkG0.YGV=Q1AVVY660
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hello,

Thank you for pointing route "-iface" however I can't seem to manage what I
want.

When I use:
"route add -host $IP_NOT_IN_SUBNET -iface bce0"

I get "netstat -rn" to say someting like:

Internet:
Destination        Gateway               Flags     Netif Expire
default            $UPSTREAM_GW          UGS        bce0
10.0.0.1           link#7                UHS         lo0
$IP_NO_IN_SUBNET   $MAC_ADDRESS_OF_BCE0  UHS        bce0


Which seem somehow appropriate, so I try to ping $IP_NOT_IN_SUBNET and I ge=
t:

root@opnsense2:~ # ping $IP_NOT_IN_SUBNET
PING $IP_NOT_IN_SUBNET ($IP_NOT_IN_SUBNET): 56 data bytes
36 bytes from $UPSTREAM_GW: Redirect Host(New addr: $PUBLIC_IP_OF_BCE0).

Which doesn't seem appropriate at all wrt the routing table...

Did I use "route add" wrong?

Also I want to keep the setup simple, going through private IPs on the publ=
ic VLAN of the datacenter might get me in trouble with them, and using othe=
r VLANs for that will be a pain.

Best regards,
Diego Abelenda


On Wed, 9 Sep 2020 17:35:45 +0200
kaycee gb <kisscoolandthegangbang@hotmail.fr> wrote:

> Le Wed, 9 Sep 2020 16:42:54 +0200,
> Abelenda Diego <diego.abelenda@gmail.com> a =C3=A9crit :
>=20
> > Hello,
> >=20
> > I've got a FreeBSD installation in a DataCenter that provided me with a
> > single address IPv4 with an upstream gateway (cidr is fine the upstream
> > gateway works everything is nice and running). I use this machine for
> > Masquerading an private infrastructure.
> >=20
> > Now I need other machines with public IPv4 and when I requested the
> > additional IPv4 to the DataCenter, they gave me a bunch of /32 addresses
> > saying that my previous IPv4 MUST be configured as next-hop on their si=
de.
> > From my understanding in FreeBSD the route command is unable to perform=
 this
> > kind of configuration where you tell that the IPv4 /32 is available wit=
hout
> > next-hop (no via) on a specific link. I know the linux "ip route add $I=
P dev
> > $LINK" configures this, but I cannot seem to map this knowledge to Free=
BSD.
> >=20
> > Is it possible to perform this very special setup with any command on
> > FreeBSD? If yes what is that command?
> >=20
> > Best regards,
> > Diego Abelenda =20
>=20
> Hi,
>=20
> Do the other machines have a private address ? Is it a problem if they ha=
ve
> one ?=20
> If it is possible, you can route via this private address on your FreeBSD
> installation to the new one and assign a public/32 to the last.
>=20
> Alternatively to doing routing like above, if you have a firewall enabled=
 on
> the first machine, you can do address forwarding between the first and the
> new one.=20
>=20
> And last, maybe with something like -iface from "route" you can achieve w=
hat
> you want.=20
>=20
> K.
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"


--Sig_/rSIssGkG0.YGV=Q1AVVY660
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEhLBEGh6nN5+aat9KomT4UAfkGfgFAl9aWigACgkQomT4UAfk
GfhHjxAAgGjAFo1KmLydR2NllqZOikChu0bG/2T7dCgg7s1Qfw2ndTVWDkGOY/Kg
kfajr4pZj7LIq2Or7Z2vmkjK1dAZLdgsoXP8p9yEFhtGkhGoLw4qRsL9YJ1UQDpR
GdjKtbDqq0xgLfKzHFnAOF2Iv7hfAhi2Rzgmtxkp4OQDmiAmFp+B/j/B5ndgaf1u
xf1i1HfmAGZRVZebt1WLChRdpQHERW2EwIOflQ4XOnDg1wxsVknd0kTobwMCkTpX
Q6SIBxk/qXIPouUS8GprHRdGJeuJYO92GCNk1Nrlztrw1v+p4+JbkCHzPQ7lleVn
1lb6z3zxrSND/jOMtL6Xg1mIIywFTcGiHbojSlPfH+UJM4IZgopXRe7HvBGlC+HR
GM5IpW7vwhd8b6jAUGZid581Z/n5n+Ni6dTXLpvgpB4XiiD52lO+he3zUVPGBZes
TJCrnKEUSyeTG8a2ilBQXkCDTFpFKOteu13zAOdw2o4lQw2cj9mYeZUCycnnNJlo
To61v66qpu39G4AfH09zMikI9FhQ5flJqFGOtXgBv+9gdlQ2LrYTwiGG8U2kycz7
eT52I7lyqbSSK0UMr1wWdU4bZKgUyrWKAyin4vcmE25m38Uypoda0L8a9lLEXadg
a5liQGA2RUsIAg03SujF0V3I8ibI4vohn3LAZ0hSP5q3MqaPgwI=
=dYqQ
-----END PGP SIGNATURE-----

--Sig_/rSIssGkG0.YGV=Q1AVVY660--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200910185400.593a8ce2>