From owner-freebsd-net  Wed Jun 26 16:51:21 2002
Delivered-To: freebsd-net@freebsd.org
Received: from tesla.foo.is (tesla.reverse-bias.org [217.151.166.96])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8C33637BF26; Wed, 26 Jun 2002 16:25:04 -0700 (PDT)
Received: from there (eniac.foo.is [192.168.1.25])
	by tesla.foo.is (Postfix) with SMTP
	id 3F6942731; Wed, 26 Jun 2002 22:18:24 +0000 (GMT)
Content-Type: text/plain;
  charset="iso-8859-1"
From: Baldur Gislason <baldur@foo.is>
To: Matt Impett <M.Impett@flarion.com>
Subject: Re: source address based routing
Date: Wed, 26 Jun 2002 22:16:42 +0000
X-Mailer: KMail [version 1.3.2]
References: <8C92E23A3E87FB479988285F9E22BE46FDE776@ftmail.lab.flarion.com>
In-Reply-To: <8C92E23A3E87FB479988285F9E22BE46FDE776@ftmail.lab.flarion.com>
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <20020626221824.3F6942731@tesla.foo.is>
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

That's simple, FreeBSD can do policy based routing with ipfw.
you need to compile a kernel with:
options         IPFIREWALL
options         IPFIREWALL_FORWARD

myself I prefer to have these too but they're not absolutely necessary:
options         IPFIREWALL_VERBOSE
options         IPFIREWALL_VERBOSE_LIMIT=100
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPDIVERT
options         DUMMYNET
options         BRIDGE

Once we have a running kernel with the proper options, sysctl net.inet.ip.sourceroute=1
and use the ipfw fwd rules to set gateways based on policies.
example:
ipfw add fwd 192.168.1.1 ip from 172.20.0.0/24 to not 172.20.0.0/24 out
makes 192.168.1.1 the next hop for any packet originating from 172.22.0.0/24 but destined outside 172.20.0.0/24

Baldur

PS: man 8 ipfw and read http://www.freebsd.org/handbook and search http://www.google.com for further clues.

On Wednesday 26 June 2002 20:30, you wrote:
> Hello,
>
> I was wondering if it is possible to do pure source address based routing
> under FreeBSD.  What I really want to do is route packets from particular
> source addresses to tunnels (gif devices) regardless of what the packet's
> destination address is.
>
> thanks,
> matt
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message