From owner-freebsd-net@FreeBSD.ORG Wed Jan 28 14:31:29 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 69DDD1065675 for ; Wed, 28 Jan 2009 14:31:29 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from ns2.bafirst.com (72-12-2-19.static.networktel.net [72.12.2.19]) by mx1.freebsd.org (Postfix) with ESMTP id 32F638FC1F for ; Wed, 28 Jan 2009 14:31:29 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from HOME.encontacto.net ([189.190.14.174]) by ns2.bafirst.com with esmtp; Wed, 28 Jan 2009 08:21:25 -0600 id 000D5186.498069E5.00008E12 Received: from localhost (localhost [127.0.0.1]) (uid 80) by HOME.encontacto.net with local; Wed, 28 Jan 2009 08:21:23 -0600 id 0004AC26.498069E3.00009864 Received: from local69.local.net.mx (local69.local.net.mx [192.168.1.69]) by econet.encontacto.net (Horde Framework) with HTTP; Wed, 28 Jan 2009 08:21:23 -0600 Message-ID: <20090128082123.16165k6k6s2ftlgc@econet.encontacto.net> Date: Wed, 28 Jan 2009 08:21:23 -0600 From: eculp To: freebsd-net@freebsd.org References: <20090127051809.GA21017@fireburns.net> <200901270704.36034.max@love2party.net> In-Reply-To: <200901270704.36034.max@love2party.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (5.0-cvs) X-Remote-Browser: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.0.5) Gecko/2009012311 Firefox/3.0.4, Ant.com Toolbar 1.2 X-IMP-Server: 189.190.14.174 X-Originating-IP: 192.168.1.69 X-Originating-User: eculp@encontacto.net Subject: Re: Multiple ISP routing by port X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jan 2009 14:31:30 -0000 Quoting Max Laier : > On Tuesday 27 January 2009 06:18:09 jmaps-fbsdnet@fireburns.net wrote: >> I've read through what I could find in this list and also in the top 50 >> results on google... I can't find anything that'll actually make this wor= k. >> >> My DSL ISP is too far away to give me anything faster than 1.5mbps down. = In >> despiration I signed up for comcast to use for bulk traffic. >> >> Thus, I want to route critical traffic (22, 25, 53, (maybe) 80, 443) >> through the DSL provider and the rest through cable. >> >> I really feel like this should be possible with PF with something like: >> >> nat on $dsl_if from ($int_if:network) to any port $dslports -> ($dsl_if) >> nat on $cbl_if from ($int_if:network) to any -> ($cbl_if) >> >> or >> >> pass in quick on $int_if route-to { ($dsl_if $dsl_gw) } proto { tcp udp } >> from ($int_if:network) to any port $dslports >> >> Neither (or both) seem to do it. All traffic ends up getting routed throu= gh >> whichever ISP i have set as the default route. > > Take a look at: http://www.openbsd.org/faq/pf/pools.html#outgoing > I was aware of the round robin load balancing but I, as the poster, am =20 interested in what is referred to "critical traffic" through one ISP =20 and all other through a second. How would that be accomplished with =20 pf and or with Julian's fib's ? Thanks, ed > You are probably missing the following part of the setup: > | To ensure that packets with a source address belonging to $ext_if1 are > | always routed to $ext_gw1 (and similarly for $ext_if2 and $ext_gw2), the > | following two lines should be included in the ruleset: > | > | pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 \ > | to any > | pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 \ > | to any > > This obviously has to be adapted for you specific setup - but in general t= his > works as expected. > >> Now, I hear i can go over to linux and just configure both default routes >> at the same time (trivial with iproute2). But I'd rather avoid that if at >> all possible. >> >> Is there some trick I'm missing? Does quagga (bgpd) allow for this kind o= f >> routing scheme? > > -- > /"\ Best regards, | mlaier@freebsd.org > \ / Max Laier | ICQ #67774661 > X http://pf4freebsd.love2party.net/ | mlaier@EFnet > / \ ASCII Ribbon Campaign | Against HTML Mail and News > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >