From owner-freebsd-net@FreeBSD.ORG Wed Jun 4 22:28:16 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EFE7106564A for ; Wed, 4 Jun 2008 22:28:16 +0000 (UTC) (envelope-from petar@smokva.net) Received: from morrison.andev.ch (morrison.andev.ch [78.47.142.202]) by mx1.freebsd.org (Postfix) with ESMTP id C1A4B8FC22 for ; Wed, 4 Jun 2008 22:28:15 +0000 (UTC) (envelope-from petar@smokva.net) Received: from pintail.smokva.net (84-74-146-124.dclient.hispeed.ch [84.74.146.124]) by morrison.andev.ch (Postfix) with ESMTP id DC5135DB1D for ; Thu, 5 Jun 2008 00:19:34 +0200 (CEST) Date: Thu, 5 Jun 2008 00:17:38 +0200 From: Petar Bogdanovic To: freebsd-net@freebsd.org Message-ID: <20080604221738.GA6776@pintail.smokva.net> Mail-Followup-To: freebsd-net@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Subject: Re: IP-forwarding (help) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2008 22:28:16 -0000 On Wed, Jun 04, 2008 at 11:06:01PM +0200, Arno J. Klaassen wrote: > > Hello, > > this is probably a FAQ and/or I'm to tired, but I'd be pleased > if anyone can tell me what I do wrong : > > I have a box with two interfaces, one connected to my lan > (172.16. ), one to a test-box (192.168.1.1) : > > em0: flags=8843 metric 0 mtu 1500 > options=9b > ether xxx > inet 172.16.1.240 netmask 0xffffff00 broadcast 172.16.1.255 > media: Ethernet autoselect (1000baseTX ) > status: active > > em1: flags=8843 metric 0 mtu 1500 > options=9b > ether xxx > inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 > media: Ethernet autoselect (1000baseTX ) > status: active > > > I enable ip.forwarding : > > # sysctl net.inet.ip.forwarding > net.inet.ip.forwarding: 1 > > > And this is my routing table : > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 172.16.1.254 UGS 0 20 em0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 172.16.1.0/24 link#3 UC 0 0 em0 > 172.16.1.6 xxxxxxxxxxxxxxxxx UHLW 1 87 em0 1194 > 172.16.1.230 xxxxxxxxxxxxxxxxx UHLW 1 286 em0 572 > 172.16.1.240 xxxxxxxxxxxxxxxxx UHLW 1 0 lo0 > 172.16.1.254 xxxxxxxxxxxxxxxxx UHLW 2 0 em0 487 > 192.168.1.0/24 link#4 UC 0 0 em1 > 192.168.1.1 xxxxxxxxxxxxxxxxx UHLW 1 2 em1 616 > 192.168.1.254 xxxxxxxxxxxxxxxxx UHLW 1 0 lo0 > > For this I added to rc.conf : > > static_routes="test lan" > route_test="-net 192.168.1.0/24 192.168.1.254" > route_lan="-net 172.16.1.0/24 172.16.1.240" I'm pretty sure that you don't need these three lines. Turning net.inet.ip.forwarding on should be enough. Petar