Date: Thu, 20 Sep 2012 13:25:50 -0400 From: Michael MacLeod <mikemacleod@gmail.com> To: Michael Pounov <misho@elwix.org> Cc: freebsd-net@freebsd.org Subject: Re: Multiroute question Message-ID: <CAM-FeoF5AjePpP_-yV6xh2Oea24d-EOuEoS_k4VSp6_7NYBMug@mail.gmail.com> In-Reply-To: <20120920180115.ede9a2b8.misho@elwix.org> References: <505B2555.40704@doblej.net> <20120920180115.ede9a2b8.misho@elwix.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Actually, multiple routing tables is the correct solution. I documented it here: http://www.mmacleod.ca/blog/2011/06/source-based-routing-with-freebsd-using= -multiple-routing-table/ >From the post: "... But route-to and reply-to do not trump the default routing table for traffic that originates or terminates on the router itself. They are useful only for traffic passing through the router. pf can only make routing decisions when a packet passes through an interface. It can try and set the reply-to interface to be the second WAN connection when an inbound SSH connection is made, but neither the SSH daemon nor the routing table on the host know or care about the routing preferences of pf.= " On Thu, Sep 20, 2012 at 11:01 AM, Michael Pounov <misho@elwix.org> wrote: > Hi, Juan > > Use pf like in that simple example: > > $dsl_if =3D "CardA" > $int_if =3D "CardB" > $dsl_addr =3D "_dsl_if_ip_" > $int_addr =3D "_int_if_ip_" > $dsl_gw =3D "_dsl_gw_ip_" > $int_gw =3D "_int_gw_ip_" > > set state-policy if-bound > > .... blah blah blah whatever rules ... > > pass out on $dsl_if route-to ($int_if $int_gw) from $int_if no state > pass out on $int_if route-to ($dsl_if $dsl_gw) from $dsl_if no state > > # End pf example ;) > > On Thu, 20 Sep 2012 16:16:53 +0200 > Juan Jos=E9 S=E1nchez Mesa <juanjo.listas@doblej.net> wrote: > > > Hi! > > > > (sorry for my bad english) > > > > I have a FreeBSD machine (8.2-RELEASE-p3). The machine has two ethernet > > cards, configured in this way: > > > > - Card A: internet IP address > > - Card B: intranet IP address > > > > Default route goes via card A. > > > > Now, on the intranet I have a "normal" DSL router. Then, using NAT i've > > forewarded a simple port from the DSL to the intranet IP of this machin= e. > > > > The incoming packets from the DSL comes ok to the machine (via card B), > > but the outgoing packet goes to card A, due to the default route. > > > > There is a way to configure the network so that outgoing packets goes t= o > > the card from where the incoming packets was arrived ? > > > > Or is this impossible to configure ? > > > > Thanks!!! > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > -- > Best Regards, > > Michael Pounov > ELWIX - embedded lightweight unix - > > WWW: http://www.elwix.org/ > EMail: misho@elwix.org > Skype: mpunov > XMPP: misho@aitnet.org > Phone: +359 888 737358; +359 899 737358 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM-FeoF5AjePpP_-yV6xh2Oea24d-EOuEoS_k4VSp6_7NYBMug>