From owner-freebsd-net@FreeBSD.ORG Thu Jun 23 05:28:58 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 628BD16A41C for ; Thu, 23 Jun 2005 05:28:58 +0000 (GMT) (envelope-from ari@suutari.iki.fi) Received: from espresso2.syncrontech.com (sync-old.syncrontech.com [213.28.98.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2FD643D48 for ; Thu, 23 Jun 2005 05:28:54 +0000 (GMT) (envelope-from ari@suutari.iki.fi) Received: from guinness.syncrontech.com (guinness.syncrontech.com [62.71.8.57]) by espresso2.syncrontech.com (8.12.11/8.12.11) with ESMTP id j5N5SrQ3006108; Thu, 23 Jun 2005 08:28:53 +0300 (EEST) (envelope-from ari@suutari.iki.fi) Received: from [62.71.8.37] (coffee.syncrontech.com [62.71.8.37]) by guinness.syncrontech.com (8.12.11/8.12.11) with ESMTP id j5N5SlRm012746; Thu, 23 Jun 2005 08:28:47 +0300 (EEST) (envelope-from ari@suutari.iki.fi) Message-ID: <42BA488B.3040602@suutari.iki.fi> Date: Thu, 23 Jun 2005 08:28:43 +0300 From: Ari Suutari User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Luigi Rizzo References: <42B7B352.8040806@suutari.iki.fi> <20050621170649.B82876@xorpc.icir.org> <42B94023.3090202@suutari.iki.fi> <20050622053307.B90964@xorpc.icir.org> <42B98FA0.3030805@suutari.iki.fi> <20050622092452.A95367@xorpc.icir.org> In-Reply-To: <20050622092452.A95367@xorpc.icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2005 05:28:58 -0000 Luigi Rizzo wrote: > I really believe the "setnexthop" action is the best approach. I'll start implementing this approach today if other work permits. I think I'll also add new rule option "defaultroute" which matches if packet destination has no specific route in routing table. That would make it very easy to, for example, route general web-surfing to secondary adsl line, just say: ipfw setnexthop g2.g2.g2.g2 tcp from any to any defaultroute (well, in real life one would need probably nat here, but that could be done in similar manner) Ari S.