From owner-freebsd-questions Fri Nov 3 21:22:38 2000 Delivered-To: freebsd-questions@freebsd.org Received: from camelot.bitart.com (BITart-45.BITart.com [206.103.221.45]) by hub.freebsd.org (Postfix) with SMTP id 897D837B4CF for ; Fri, 3 Nov 2000 21:22:35 -0800 (PST) Received: (qmail 13956 invoked by uid 101); 4 Nov 2000 05:22:30 -0000 Message-ID: <20001104052230.13955.qmail@camelot.bitart.com> Content-Type: text/plain MIME-Version: 1.0 (NeXT Mail 4.2mach v148) In-Reply-To: <3.0.5.32.20001103172658.01d62920@pop.nvcom.com> X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.2p1) Received: by NeXT.Mailer (1.148) From: Gerd Knops Date: Fri, 3 Nov 2000 23:22:30 -0600 To: MKShannon Subject: Re: Multi Home Cc: freebsd-questions@FreeBSD.ORG Reply-To: gerti@BITart.com References: <3.0.5.32.20001103172658.01d62920@pop.nvcom.com> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG MKShannon wrote: > Hi all, > > Where can I find out some specific config info on the following: > > To set up a machine with 2 NICs connected to 2 seperate network > default routers. I do not want to route one to the other, I just want > to serve webpages to two different networks. How do I set a second > route for the additional card and the aliases that I will assign to > that card. > See my response to another question from earlier today (copied below), it applies to this situation as well. Gerd Simon Nielsen wrote: > Hello > > I currently have two internet connections though two different ISP's. > One is a ADSL and another is shared with the rest of my dorm. The > shared line is rather slow because many people are using it. > > I must have an IP on the shared connection since that's the only > place where I can be sure to have a non changing IP for my DNS. But > the ADSL is much faster so I would like to use that as much as > possible. > > I can give my machine an IP on each connection but I can of course > only set one default route. The default route is currently set to the > ADSL. The problem is that when a connection is made to IP on the > shared connection my computer uses the ADSL IP to respond and that > does not work. > > Is there a solution to this? I thought about maybe it is possible to > route differently when a connection is made on the shared connection > but I can't find out how to do it. > Yes, it can be done (though I have not found it documented anywhere). I really think there should be separate routing tables for each interface, but I don't know of any such feature in any Unix. However ipfw can be abused for the above task. Assuming: - ipfw is set to pass on default - your ADSL IP/network is a.a.a.a/aa - your shared IP/network is s.s.s.s/ss - your ADSL gateway is set as default route - your shared gateway is s.s.s.gw the following ipfw rules do the trick: # Pass anything that should go via normal routes # This rule is really just to speed up the bulk # of the packets add 1000 allow all from a.a.a.a to any # Pass anything to local addresses on ADSL network add 1010 allow all from any to a.a.a.a/aa # Pass anything to local addesses on shared network add 1020 allow all from any to s.s.s.s/ss # And here the trick: if the source address is the one # from the shared network, pass packets to the # gateway on the shared network add 1030 fwd s.s.s.gw all from s.s.s.s to any With the above connections will leave your system on the same route they entered it. Great for redundant mail and dns setup! If you already use ipfw you need to adapt the above rules accordingly. The important part is that packets coming from your host's shared address going to the 'outside' (and only those packets) are forwarded to the shared networks gateway. Gerd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message