From owner-freebsd-net@FreeBSD.ORG Tue Feb 12 18:18:37 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 90C32444 for ; Tue, 12 Feb 2013 18:18:37 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) by mx1.freebsd.org (Postfix) with ESMTP id 204078A3 for ; Tue, 12 Feb 2013 18:18:36 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1U5KRN-0002pg-Et for freebsd-net@freebsd.org; Tue, 12 Feb 2013 19:18:49 +0100 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 12 Feb 2013 19:18:49 +0100 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 12 Feb 2013 19:18:49 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Ivan Voras Subject: Re: Problems with two interfaces on the same subnet? Date: Tue, 12 Feb 2013 19:18:17 +0100 Lines: 45 Message-ID: References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigBB25EC775143822EB582ED2A" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:14.0) Gecko/20120812 Thunderbird/14.0 In-Reply-To: X-Enigmail-Version: 1.4.3 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2013 18:18:37 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBB25EC775143822EB582ED2A Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 12/02/2013 19:10, Eggert, Lars wrote: > Hi, >=20 > On Feb 12, 2013, at 9:50, Ivan Voras wrote: >>> You can make this work with ipfw rules (and I guess also setfib, alth= ough I have not tried that.) >> >> The concept of FIBs looks clean and applicable but setfib works on new= ly >> started process, and I would need to do something like apply it to >> packets coming from an interface. >=20 > Assuming your default route is via igb2, you can do something like this= : >=20 > ipfw add fwd ip4 from = to not out >=20 > (From memory, no guarantees.) Ok, but both the clients and the server are on the same VLAN and use private, non-routable IP addresses so there is no "upstream router"...? --------------enigBB25EC775143822EB582ED2A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlEah2kACgkQ/QjVBj3/HSxHpACglErHyl42DNAiu5JuGue/6BEh OGgAn09a8XNGvB3dmH2v6KIhc2DMR2zp =DVT2 -----END PGP SIGNATURE----- --------------enigBB25EC775143822EB582ED2A--