From owner-freebsd-questions@FreeBSD.ORG Mon Dec 22 12:07:02 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DCAB1065670 for ; Mon, 22 Dec 2008 12:07:02 +0000 (UTC) (envelope-from geoff@apro.com.au) Received: from mail.ricksure.com.au (mail.ricksure.com.au [203.98.89.150]) by mx1.freebsd.org (Postfix) with ESMTP id 7F3AB8FC18 for ; Mon, 22 Dec 2008 12:07:01 +0000 (UTC) (envelope-from geoff@apro.com.au) Received: from dsl-202-173-129-2.nsw.westnet.com.au [202.173.129.2] by mail.ricksure.com.au with SMTP; Mon, 22 Dec 2008 23:06:49 +1100 From: Geoff Roberts Organization: Australian Projects To: freebsd-questions@freebsd.org Date: Mon, 22 Dec 2008 23:06:45 +1100 User-Agent: KMail/1.9.10 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200812222306.45986.geoff@apro.com.au> X-Declude-Sender: geoff@apro.com.au [202.173.129.2] X-Declude-Spoolname: 50218359.eml X-Declude-RefID: X-Declude-Note: Scanned by Declude 4.3.64 "http://www.declude.com/x-note.htm" X-Declude-Scan: Outgoing Score [0] at 23:06:50 on 22 Dec 2008 X-Declude-Tests: Whitelisted X-Country-Chain: X-Declude-Code: 0 X-Declude-Recipcount: 1 Organization: Declude, Inc. X-Helo: bsd7desktop.home.wollongong X-RevDNS: Subject: How can I link two separate internal networks to two separate external networks X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: geoff@apro.com.au List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Dec 2008 12:07:02 -0000 Hi, I have a FreeBSD 7.0 box with pf. I have two internal networks (intnet0 and intnet1) and two internal networks (extnet0 and extnet1). extnet0 and extnet1 are two different gateways to the internet. I only have one physical internal (int0) and one physical external (ext0) interface. Traffic from intnet0 needs to go out on extnet0 Traffic from intnet1 needs to go out on extnet1 (consider this a default route for any traffic not going out on extnet0). What are some suggested ways of doing this? Assume addresses are (these are made up, but hopefully help paint the picture): intnet0 - 192.168.50.0/24 extnet0 - 10.10.10.8/30 - extnet0 address 10.10.10.8.10 - default route 10.10.10.9 - broadcast 10.10.10.11 intnet1 - 192.168.60.0/24 extnet1 - 10.10.10.12/30 - extnet1 address 10.10.10.14 - default route 10.10.10.13 - broadcast 10.10.10.15 So far I have created vlans via a switch on each interface to "multiplex" the connections: vlan10 - 192.168.50.0/24 and vlan20 - 192.168.60.0/24 come in on a single cable to int0. vlan50 - 10.10.10.8/30 and vlan60 - 10.10.10.12/30 come in on a single cable to ext0. However, since I have the defaultroute set for 10.10.10.13 all traffic from intnet0 is going out on vlan60 whereas i want it to go out on vlan50. Am I going about this the wrong way? Thanks, Geoff