From owner-freebsd-net@FreeBSD.ORG Tue Sep 23 06:22:36 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9F32106566B for ; Tue, 23 Sep 2008 06:22:36 +0000 (UTC) (envelope-from igor4ml@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.191]) by mx1.freebsd.org (Postfix) with ESMTP id 4AD388FC12 for ; Tue, 23 Sep 2008 06:22:35 +0000 (UTC) (envelope-from igor4ml@gmail.com) Received: by nf-out-0910.google.com with SMTP id h3so697424nfh.33 for ; Mon, 22 Sep 2008 23:22:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=3ZPTfKhyv4HzGXm8U8iB+rbvy/TIQoycYofuZK+QxYs=; b=Ttn5wdNOYAU6hbuN6Wxv51U4X4SoAyn733heGgujFiENZt8mQEz06hYyEmHRY4D+7k WOIVuh83Cgy8VqBD0M3771cJf6ju+6ZaYcuzBUrBbRouOsfdR6Ru1MhilB/E8vEHN2NV vwNjZrZq2UmzhFAUQbukiI4/D2sOZTiaL6pWQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=PLUPzljsMHLXk6p038jN7cuXsCxtgdpOeMzV+/Su0NbCo+pGzObccmvxNVcUtIEQ3F V74AHxckTyTSl6skJMP75Pah8KAiMdErqotE919E45d4Q6pgQ/XGznWS0vKUaUjq12cJ N5PEnq8npKd7HiKtxCmFpDsGiDxXOzLEf22Cs= Received: by 10.210.16.17 with SMTP id 17mr6135646ebp.46.1222148958169; Mon, 22 Sep 2008 22:49:18 -0700 (PDT) Received: by 10.210.30.15 with HTTP; Mon, 22 Sep 2008 22:49:18 -0700 (PDT) Message-ID: Date: Tue, 23 Sep 2008 09:49:18 +0400 From: "Igor R" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Multiple routing tables (setfib) trouble X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2008 06:22:36 -0000 Hello! I'm using FreeBSD 7.0-STABLE (Jul 25) and I have two Internet connections. Both are ethernet based, but one requires PPTP (2) while another is direct with external IP address. Trouble is that provider (1) of connection with external address is limiting number of outgoing TCP connections (this was reason I got another provider). So now my setup is 1) On boot I have default route to provider (1) 2) After MPD (PPTP) is up I replace default route with route to provider (2) 3) I use "route-to" and "reply-to" in /etc/pf.rules to route incoming SSH and HTTP and outgoing HTTP via provider (1), also I use these rules to provide routing to internal network of this provider 4) All other traffic (BitTorrent :-) ) is going via provider (2) via ng0 (PPTP) interface All works fine, but ... Provider with PPTP is less reliable and when PPTP connection fails I have trouble connecting to my SSH server (because DNS stops working) So, after FreeBSD got multiple routing tables I tried this: 1) On boot I have default route to provider (1) 2) After MPD (PPTP) is up I do 2a) setfib 1 route add default PPTP_DEFAULT_GATEWAY 2b) setfib 1 /usr/local/etc/rc.d/tranmission restart And here are problems: 1) All outgoing traffic with fib==1 goes through provider (2) as expected, answers are received 2) BUT ... incoming traffic looks strange: answers are sent through default gateway with fib==0 I made simple test: setfib 1 netcat -l 8000 and then from outside: telnet my_ip 8000 I see (with tcpdump) incoming packets on ng0 (PPTP) inteface, but no answers. If I start tcpdump on other provider interface I see packets with answers. But if I try setfib 1 traceroute some_host then routing works via correct gateway So, is it possible to have bittorrent daemon with FIB=1 :-)?