From owner-freebsd-isp Mon Oct 23 6: 0: 9 2000 Delivered-To: freebsd-isp@freebsd.org Received: from caladan.tdx.co.uk (unknown [195.188.177.4]) by hub.freebsd.org (Postfix) with ESMTP id D148437B479 for ; Mon, 23 Oct 2000 05:59:56 -0700 (PDT) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.10.1/8.10.1/Kp) with ESMTP id e9NAhk672000 for ; Mon, 23 Oct 2000 11:43:46 +0100 (BST) Message-ID: <39F41662.61249DF9@tdx.co.uk> Date: Mon, 23 Oct 2000 11:43:46 +0100 From: Karl Pielorz Organization: The Digital eXchange X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: isp@freebsd.org Subject: IP source-routing with ipfw fwd - Weird problem? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi All, I'm looking for any help with this one... I have: --- fxp1 fxp0 ether0 serial0, 10.0.0.1 [ FreeBSD ] 192.168.0.2 ----- 192.168.0.1 [ Cisco ] 172.16.0.1 10.0.1.1 serial1, 10.0.2.1 172.16.1.1 serial2, 172.16.2.1 ( I've swapped everything for Private Net IP's ) --- OK, on the FreeBSD box, a simple: route add default 192.168.0.1 Does the trick... However, I want to use ipfw fwd to change the exact route the traffic goes over, depending on the IP address that it came from, on our network... So, I do the following... route add 172.16.1.1 192.168.0.1 ping 172.16.1.1 64 bytes from 172.16.1.1: icmp_seq=1 ttl=248 time=1.706 ms OK, so now FreeBSD knows how to get to the 'other' serial interface on the Cisco, i.e. 172.16.1.1, so I add my IPFW rule... ipfw add 10 fwd 172.16.1.1 ip from 10.0.1.0/24 to any out fxp0 Again, this seems to work fine - as traffic from the 10.0.1.0/24 network, now leaves via the Cisco's 172.16.1.1 interface (serial1). The problem I seem to have, is that if I do: route get 192.168.0.1 I can see the 'expire' time slowly ticking down... When it reaches zero, the routing breaks ('Destination Host unreachable'). I then have to delete the route to 172.16.1.1, re-create it, ping it - and pronto, everything works again... Checking in the ARP table, shows there is an entry for 192.168.0.1, but I can't delete it, or anything (I thought the ARP might be expiring, so I wanted to create it as a 'permanent' entry)... Any thoughts, info, tips, or anything would be gratefuly received... -Karl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message