Date: Mon, 28 Jul 2003 12:48:06 +0100 From: Andy Gilligan <andy@evo6.org> To: Juan Rodriguez Hervella <jrh@it.uc3m.es> Cc: net@freebsd.org Subject: Re: Next-hop based on source address (IPv6) [solved] Message-ID: <20030728114806.GA41123@vega.evo6.net> In-Reply-To: <200307281103.55077.jrh@it.uc3m.es> References: <002701c354c7$96366c40$0202000a@vx> <200307281103.55077.jrh@it.uc3m.es>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 28, 2003 at 10:03:53AM BST, Juan Rodriguez Hervella wrote: > On Monday 28 July 2003 07:17, Andy Gilligan wrote: > > Hi, > > > > I have three IPv6 /48 networks connected to a FreeBSD 4.8 router, and I > > allocate /64 tunnels from each network to client machines. > > > > Is there any way I can specify the next-hop or outbound interface to use > > on the router based on the source address of the client? > > > > I initially thought of 'ipfw fwd', but ip6fw doesn't seem to have this > > ability. > > > > Any thoughts? > > > > Hello Andy: > > I wanted to do something similar and when I realized that ip6fw didn't have > such option, I asked for it on the Kame mailing list, but they answered me > that they didn't see it as a feature demanded by the community so they > didn't have any plan to implement it on the short term. > (Anyway I think it shouldn't be hard to add such feature, > but I'm a bit lazy :) > > You can ask for it on Kame mailing-list again (because I ask for it a long > time ago and it may have been already implemented, I don't know). Also I > think that there are implementations of something called "source base > routing", but I don't have experience with that. Well, I got it working eventually, after a bit of tinkering with ipf... I must admit, I completely forgot about ipf's 'fastroute' abilities, especially with regard to IPv6 :) --- Summary --- Three tunnels: (fictional ip addrs) gif0 : 2001:111:111::/48 : gw=2001:1000::1 gif1 : 2001:222:222::/48 : gw=2001:2000::1 gif2 : 2001:333:333::/48 : gw=2001:3000::1 The default route is via gif0 (fe80::%gif0) My ipf6.rules: pass in on gif0 to gif1:2001:2000::1 from 2001:222:222::/48 to any pass in on gif0 to gif2:2001:3000::1 from 2001:333:333::/48 to any So far, I haven't noticed any WeirdStuff(tm) happening, so things look promising - all packets leave via the right interface :) Comments welcome if this looks like it may cause problems :) Best regards, -Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030728114806.GA41123>