From owner-freebsd-questions@FreeBSD.ORG Fri Nov 16 22:09:55 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2A0816A417 for ; Fri, 16 Nov 2007 22:09:54 +0000 (UTC) (envelope-from todor.dragnev@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.189]) by mx1.freebsd.org (Postfix) with ESMTP id 651C313C448 for ; Fri, 16 Nov 2007 22:09:54 +0000 (UTC) (envelope-from todor.dragnev@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so954978nfb for ; Fri, 16 Nov 2007 14:09:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:in-reply-to:references:mime-version:content-type:message-id:cc:content-transfer-encoding:from:subject:date:to:x-mailer; bh=R90RXHEbGGIciZpKPjQyWTUNRCfS/3rvHlDAoHnjbmo=; b=kcB3y6Xgdk17ZZ4Jl1/rQWecqWjL0nnnMR4ckxMpssgVWtot//ugtHjO2GkZojGoJ/SwPBUMoQboCaDpiQa0+1h90C3cPQF9Ryto0rpfRkhf/UXoJS2Kg613jLZLTx5+Pn8lRUJNDAjaqe+AleGqjlf7KqUadmTlqEpOaWIQGzI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:in-reply-to:references:mime-version:content-type:message-id:cc:content-transfer-encoding:from:subject:date:to:x-mailer; b=RHH1eqKZUS6MJ+vpwiQJD3HvWkDEnn6tFwEMRGXRhnBGfpKNvadg15iP79irbLsv4RCuGS+5fbqvQRNwVbghwlDXNns2g4eZ7NW7W8XjckZQtfLqpnvhuF2AH78f5suAPEKaxy1/qkniMTEADuV4OXgrp/5B8NhONhf7xE7T+UM= Received: by 10.86.25.17 with SMTP id 17mr2166253fgy.1195249514461; Fri, 16 Nov 2007 13:45:14 -0800 (PST) Received: from ?192.168.168.136? ( [84.43.140.241]) by mx.google.com with ESMTPS id e20sm3499878fga.2007.11.16.13.45.12 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 16 Nov 2007 13:45:12 -0800 (PST) In-Reply-To: <6ae50c2d0711152118h2f2a9989q2b39eba077154041@mail.gmail.com> References: <6ae50c2d0711152118h2f2a9989q2b39eba077154041@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v752.3) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Todor Dragnev Date: Fri, 16 Nov 2007 23:45:09 +0200 To: alexus X-Mailer: Apple Mail (2.752.3) Cc: freebsd-questions@freebsd.org Subject: Re: multihome network X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Nov 2007 22:09:55 -0000 Hi, you must use advanced routing, this is very easy on linux with iproute2 but freebsd is far away for now(maybe forever) and you must use pf or ipf for this situation. So, enable pf in rc.conf pf_enable="YES" Add this line to the end of pf.conf: pass out quick route-to (fxp1 $fxp1_gw) inet from $fxp1_ip to ! $fxp1_ip keep state Where $fxp1_gw must be your gateway on fxp1 interface and $fxp1_ip is your IP address on fxp1. Keep your default gateway via 192.168.1.1. With these settings you can access both 192.168.1.1 and $fxp1_ip from outside. Regards, Todor Dragnev On 16.11.2007, at 07:18, alexus wrote: > Hello, > > I have two NICs on my box, one (primary) connected to switch and have > private IP. that IP also have a static route on Cisco PIX for > accessing this box from outside. the other interface has public IP > that is connected to another switch, i configure both IPs through > /etc/rc.conf, but I can not for some reason access my box through that > public IP, no firewall rules would prevent me from doing so. here is > my output for netstat -rn > > alexus# netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 192.168.1.1 UGS 0 250 fxp0 > 127.0.0.1 127.0.0.1 UH 0 2 lo0 > 192.168.1 link#1 UC 0 0 fxp0 > 192.168.1.1 00:0d:29:09:90:61 UHLW 2 2 > fxp0 1171 > 192.168.1.250 00:16:cb:94:10:e9 UHLW 1 12 > fxp0 1169 > 216.112.241.24/29 link#2 UC 0 0 fxp1 > > Internet6: > Destination Gateway Flags > Netif Expire > ::1 ::1 > UHL lo0 > fe80::%lo0/64 fe80::1%lo0 > U lo0 > fe80::1%lo0 link#4 > UHL lo0 > ff01:4::/32 fe80::1%lo0 > UC lo0 > ff02::%lo0/32 fe80::1%lo0 > UC lo0 > alexus# > > what am I missing? > > -- > http://alexus.org/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org"