From owner-freebsd-net@FreeBSD.ORG Fri Nov 19 14:02:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 488ED16A4CE for ; Fri, 19 Nov 2004 14:02:41 +0000 (GMT) Received: from smtp-3.hut.fi (smtp-3.hut.fi [130.233.228.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6416B43D31 for ; Fri, 19 Nov 2004 14:02:40 +0000 (GMT) (envelope-from efagerho@kosh.hut.fi) Received: from localhost (katosiko.hut.fi [130.233.228.115]) by smtp-3.hut.fi (8.12.10/8.12.10) with ESMTP id iAJE2dM5031977 for ; Fri, 19 Nov 2004 16:02:39 +0200 Received: from smtp-3.hut.fi ([130.233.228.93]) by localhost (katosiko.hut.fi [130.233.228.115]) (amavisd-new, port 10024) with LMTP id 15275-05 for ; Fri, 19 Nov 2004 16:02:38 +0200 (EET) Received: from kosh.hut.fi (kosh.hut.fi [130.233.228.10]) by smtp-3.hut.fi (8.12.10/8.12.10) with ESMTP id iAJE2bKm031968 for ; Fri, 19 Nov 2004 16:02:37 +0200 Received: (from efagerho@localhost) by kosh.hut.fi (8.12.10/8.12.9/Submit) id iAJE2aiI312254 for freebsd-net@freebsd.org; Fri, 19 Nov 2004 16:02:36 +0200 (EET) Date: Fri, 19 Nov 2004 16:02:35 +0200 From: Edvard Fagerholm To: freebsd-net@freebsd.org Message-ID: <20041119140235.GA274917@cc.hut.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on katosiko.hut.fi X-TKK-Virus-Scanned: by amavisd-new-2.1.2-hutcc at katosiko.hut.fi Subject: Forcing packets out from both NICs on same subnet with pf X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Nov 2004 14:02:41 -0000 Hello! Could anyone try to explain what happens in the kernel when a packet is forced to the outbound queue of a NIC with pf using the route-to keyword? Specifically is IP routing touched in any way after this or is the sending of the packet only depending on ethernet/arp? I'm trying to solve the problem mentioned in my post to freebsd-questions, "Problem routing via two NICs to same subnet". To those who can't find my post on freebsd-questions, I could describe the problem as follows: My roommate and I have both connections through the same ISP. Our ISPs allocate IPs to us from the same subnet with the same gateway. I'd like to have one box route a NATed network, so that his computers would go out through his interface and mine through mine. If we only use one interface, then we only get half the bandwidth. My solution: Force my internal IPs with route-to out from my NIC, while forcing his out from his NIC. After that do nat on the outbound queues of each interface. Problem is that only one of the NICs get the routing table entry for the MAC-address of the gateway, so even though even though pf has put a packet in the outbound queue of the other interface destined to the router, the packet never leaves the firewall. I really don't care how cleanly this can be solved. After reading some kernel source yesterday, I came to the conclusion that it's only possible to store one MAC address/IP address pair. However, I know exactly which interfaces I'm working with, so I could modify the kernel so that fxp0 try to query the arp table for fxp1 and vice verca each time they try to lookup a MAC address. Is this possible to do without breaking too much? :) Any better ideas? I'm not trying to find a generic solution, only a solution that works... Thanks, Edvard