From owner-freebsd-questions Thu Oct 19 1:48:45 2000 Delivered-To: freebsd-questions@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 10C9037B4CF for ; Thu, 19 Oct 2000 01:48:36 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.0/8.11.0) id e9J8lTq04100; Thu, 19 Oct 2000 11:47:30 +0300 (EEST) (envelope-from ru) Date: Thu, 19 Oct 2000 11:47:29 +0300 From: Ruslan Ermilov To: Maciek Musial Cc: freebsd-questions@FreeBSD.ORG Subject: Re: changing the source address for packets Message-ID: <20001019114729.D98924@sunbay.com> Mail-Followup-To: Maciek Musial , freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from erryk@petex1.petex.bielsko.pl on Thu, Oct 19, 2000 at 09:29:47AM +0200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 19, 2000 at 09:29:47AM +0200, Maciek Musial wrote: > Hello > > I've got the following problem: > I have freeBSD server (4.0R) connected to CISCO 1700. The router is > connected to two nets (let's call'em net1 & net2). I want to change > the source address for packets going out from the server, depending of > the destination address (default, every packet is going throught net1 > , but packets with destination > address from net2 are going throuth net2 with changed source address > for one from class in net2). The router himself organize routing to > bouth classes, so the change of source address will do so called > "dynamic routing" > > I know, there is a command in linux, whitch make this, > ip route add via src > > is something like this in FreeBSD ? > > Thanks for all sugestions or any informations > Not sure whether the following is what you need, but... 1. Assume the primary interface has two IP addresses assigned to it: # ifconfig rl0 inet rl0: flags=8843 mtu 1500 inet 194.220.45.115 netmask 0xffffffc0 broadcast 194.220.45.127 inet 194.220.45.100 netmask 0xffffffff broadcast 194.220.45.100 2. The routing table looks like this: # netstat -rn -finet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 194.220.45.65 UGSc 4 0 rl0 127.0.0.1 127.0.0.1 UH 0 10 lo0 194.220.45.64/26 link#1 UC 0 0 rl0 => 194.220.45.65 0:d0:b7:16:9c:c6 UHLW 6 62529 rl0 964 194.220.45.100/32 link#1 UC 0 0 rl0 => 3. Add the static route to the interesting destination: # route add -host 1.2.3.4 194.220.45.65 add host 1.2.3.4: gateway 194.220.45.65 4. Let's look how it is represented internally (non-relevant part of output is trimmed): # route -vn get -host 1.2.3.4 [...] locks: inits: sockaddrs: 1.2.3.4 194.220.45.65 rl0:0.c0.df.3.2d.79 194.220.45.115 5. This means that the packets to 1.2.3.4 will go from the 194.220.45.115: # tcpdump -nt host 1.2.3.4 tcpdump: listening on rl0 194.220.45.115 > 1.2.3.4: icmp: echo request ^C 8 packets received by filter 0 packets dropped by kernel 6. Now we change the IFA address above from 194.220.45.115 to 194.220.45.100: # route change -host 1.2.3.4 -ifa 194.220.45.100 change host 1.2.3.4 7. Now let's look again on the route: # route -vn get -host 1.2.3.4 [...] locks: inits: sockaddrs: 1.2.3.4 194.220.45.65 rl0:0.c0.df.3.2d.79 194.220.45.100 8. We are done, packets to 1.2.3.4 should go from the 194.220.45.100 address. Let's go and prove it with tcpdump(1): # tcpdump -nt host 1.2.3.4 tcpdump: listening on rl0 194.220.45.100 > 1.2.3.4: icmp: echo request ^C 18 packets received by filter 0 packets dropped by kernel -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message