Date: Wed, 24 Sep 2014 10:35:32 -0400 From: Michael MacLeod <mikemacleod@gmail.com> To: "Nagle, Edwin (James)" <Edwin.Nagle@austinenergy.com>, freebsd-pf@freebsd.org Subject: Re: FW: Source based routing Message-ID: <CAM-FeoHjV6BqWQ_eME8x2o4CL7fxUs%2BX7Zenn5y7NbJhPJmnwA@mail.gmail.com> In-Reply-To: <27DBC528FBF8094FA7247CC9A0A5C85F02A6B3CA@AE-PEXCH02.aenetad.net> References: <27DBC528FBF8094FA7247CC9A0A5C85F02A6B3CA@AE-PEXCH02.aenetad.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello James, It's still a little unclear to me how you want traffic to flow in this environment (in particular how the user traffic is arriving on the box), but it'll probably be easier if you can have each class of user using a different subnet. Regardless, it appears that you've set the default route of each FIB to be the address of the interface you want each FIB to use, which isn't going to work - your default gateway generally isn't yourself. It appears that all of your traffic should be using the same default gateway, and you're only interested in ensuring the egress interface/IP of the traffic. You *may* not even need multiple FIBs, but instead just multiple instances of SSHD set to listen to specific addresses (emphasis on may - you might instead need separate FIB, though each one would still have the same default gateway set). Regards, Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM-FeoHjV6BqWQ_eME8x2o4CL7fxUs%2BX7Zenn5y7NbJhPJmnwA>