From owner-freebsd-net@FreeBSD.ORG Tue Jan 27 06:04:40 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D021B1065675 for ; Tue, 27 Jan 2009 06:04:40 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.10]) by mx1.freebsd.org (Postfix) with ESMTP id 635648FC18 for ; Tue, 27 Jan 2009 06:04:40 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-066-034-230.pools.arcor-ip.net [88.66.34.230]) by mrelayeu.kundenserver.de (node=mrelayeu0) with ESMTP (Nemesis) id 0MKwh2-1LRh3u2Gtt-0002r4; Tue, 27 Jan 2009 07:04:39 +0100 Received: (qmail 6565 invoked from network); 27 Jan 2009 06:04:36 -0000 Received: from fbsd8.laiers.local (192.168.4.200) by router.laiers.local with SMTP; 27 Jan 2009 06:04:36 -0000 From: Max Laier Organization: FreeBSD To: freebsd-net@freebsd.org Date: Tue, 27 Jan 2009 07:04:35 +0100 User-Agent: KMail/1.10.4 (FreeBSD/8.0-CURRENT; KDE/4.1.4; i386; ; ) References: <20090127051809.GA21017@fireburns.net> In-Reply-To: <20090127051809.GA21017@fireburns.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200901270704.36034.max@love2party.net> X-Provags-ID: V01U2FsdGVkX19UsGxLSl3ymE/DoWhzQzGew9RKr9xJi0vqd8h JWOfF1cHR6k9thBg2aDpglyw7SKmncYPXRIID7vKVcEYqNlqMB c2AlFiLF/kZR3z4a0BCkQ== Cc: jmaps-fbsdnet@fireburns.net Subject: Re: Multiple ISP routing by port X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jan 2009 06:04:41 -0000 On Tuesday 27 January 2009 06:18:09 jmaps-fbsdnet@fireburns.net wrote: > I've read through what I could find in this list and also in the top 50 > results on google... I can't find anything that'll actually make this work. > > My DSL ISP is too far away to give me anything faster than 1.5mbps down. In > despiration I signed up for comcast to use for bulk traffic. > > Thus, I want to route critical traffic (22, 25, 53, (maybe) 80, 443) > through the DSL provider and the rest through cable. > > I really feel like this should be possible with PF with something like: > > nat on $dsl_if from ($int_if:network) to any port $dslports -> ($dsl_if) > nat on $cbl_if from ($int_if:network) to any -> ($cbl_if) > > or > > pass in quick on $int_if route-to { ($dsl_if $dsl_gw) } proto { tcp udp } > from ($int_if:network) to any port $dslports > > Neither (or both) seem to do it. All traffic ends up getting routed through > whichever ISP i have set as the default route. Take a look at: http://www.openbsd.org/faq/pf/pools.html#outgoing You are probably missing the following part of the setup: | To ensure that packets with a source address belonging to $ext_if1 are | always routed to $ext_gw1 (and similarly for $ext_if2 and $ext_gw2), the | following two lines should be included in the ruleset: | | pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 \ | to any | pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 \ | to any This obviously has to be adapted for you specific setup - but in general this works as expected. > Now, I hear i can go over to linux and just configure both default routes > at the same time (trivial with iproute2). But I'd rather avoid that if at > all possible. > > Is there some trick I'm missing? Does quagga (bgpd) allow for this kind of > routing scheme? -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News