From owner-freebsd-net@FreeBSD.ORG Thu Jun 5 00:16:28 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8ABF21065671 for ; Thu, 5 Jun 2008 00:16:28 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from mail.bitblocks.com (bitblocks.com [64.142.15.60]) by mx1.freebsd.org (Postfix) with ESMTP id 6465D8FC15 for ; Thu, 5 Jun 2008 00:16:28 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (localhost.bitblocks.com [127.0.0.1]) by mail.bitblocks.com (Postfix) with ESMTP id 6481A5B46; Wed, 4 Jun 2008 17:06:22 -0700 (PDT) To: "Arno J. Klaassen" In-reply-to: Your message of "05 Jun 2008 01:33:05 +0200." Date: Wed, 04 Jun 2008 17:06:22 -0700 From: Bakul Shah Message-Id: <20080605000622.6481A5B46@mail.bitblocks.com> Cc: Petar Bogdanovic , net@freebsd.org Subject: Re: IP-forwarding (help) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2008 00:16:28 -0000 On 05 Jun 2008 01:33:05 +0200 "Arno J. Klaassen" wrote: > Petar Bogdanovic writes: > > > On Wed, Jun 04, 2008 at 11:06:01PM +0200, Arno J. Klaassen wrote: > > > > > > Hello, > > > > > > this is probably a FAQ and/or I'm to tired, but I'd be pleased > > > if anyone can tell me what I do wrong : > > > > > > I have a box with two interfaces, one connected to my lan > > > (172.16. ), one to a test-box (192.168.1.1) : > > > > > > em0: flags=8843 metric 0 mtu 15 > 00 > > > options=9b > > > ether xxx > > > inet 172.16.1.240 netmask 0xffffff00 broadcast 172.16.1.255 > > > media: Ethernet autoselect (1000baseTX ) > > > status: active > > > > > > em1: flags=8843 metric 0 mtu 15 > 00 > > > options=9b > > > ether xxx > > > inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 > > > media: Ethernet autoselect (1000baseTX ) > > > status: active > > > > > > > > > I enable ip.forwarding : > > > > > > # sysctl net.inet.ip.forwarding > > > net.inet.ip.forwarding: 1 > > > > > > > > > And this is my routing table : > > > > > > Internet: > > > Destination Gateway Flags Refs Use Netif Expi > re > > > default 172.16.1.254 UGS 0 20 em0 > > > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > > > 172.16.1.0/24 link#3 UC 0 0 em0 > > > 172.16.1.6 xxxxxxxxxxxxxxxxx UHLW 1 87 em0 11 > 94 > > > 172.16.1.230 xxxxxxxxxxxxxxxxx UHLW 1 286 em0 5 > 72 > > > 172.16.1.240 xxxxxxxxxxxxxxxxx UHLW 1 0 lo0 > > > 172.16.1.254 xxxxxxxxxxxxxxxxx UHLW 2 0 em0 4 > 87 > > > 192.168.1.0/24 link#4 UC 0 0 em1 > > > 192.168.1.1 xxxxxxxxxxxxxxxxx UHLW 1 2 em1 6 > 16 > > > 192.168.1.254 xxxxxxxxxxxxxxxxx UHLW 1 0 lo0 > > > > > > For this I added to rc.conf : > > > > > > static_routes="test lan" > > > route_test="-net 192.168.1.0/24 192.168.1.254" > > > route_lan="-net 172.16.1.0/24 172.16.1.240" > > > > I'm pretty sure that you don't need these three lines. Turning > > net.inet.ip.forwarding on should be enough. > I feel this is /me still not fully understand routing tables. This is your topology, right? test-box main-box gateway [192.168.1.1]------[192.168.1.254 172.16.1.240]-------[172.16.1.254 On the test-box set default route to 192.168.1.254. On the main-box set net.inet.ip.forwarding 1 but remove the static routes. But how would machines on the 172.16.1.0/24 net know they must send packets for 192.168.1.0/24 to 172.16.1.240? For that you need static routes on all the machines on 172.16.1.0/24 that need to read your test box.