From owner-freebsd-net Wed Oct 9 10:13:36 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F5B337B401 for ; Wed, 9 Oct 2002 10:13:34 -0700 (PDT) Received: from goof.com (pcp02305702pcs.longhl01.md.comcast.net [68.52.164.8]) by mx1.FreeBSD.org (Postfix) with SMTP id 4832C43E7B for ; Wed, 9 Oct 2002 10:13:33 -0700 (PDT) (envelope-from jlido@goof.com) Received: (qmail 77969 invoked by uid 15016); 9 Oct 2002 17:13:32 -0000 Date: Wed, 9 Oct 2002 13:13:32 -0400 From: Jon-Erik Lido To: freebsd-net@freebsd.org Subject: Routing from an Interface to an Alias Message-ID: <20021009131332.C77051@goof.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm trying to something a little bizarre with routing, so I suppose it bears some explanation. I recently purchased one of those all-in-one firewall/NAT/ethernet switch/801.11b access point boxes for my home use. 802.11b security being what it is (useless), I'm planning on setting up IPSec for my WLAN for authentication and encryption. However, I haven't gotten that far yet. I've set up two subnets behind my firewall. One is 10.10.10.0/24 and is for the wired LAN. The other is 10.0.0.0/24 and is for the wireless LAN. I've got a FreeBSD box with a single NIC ethernetted to one of the ports on the firewall's switch. I'm planning to use it as my 10.0.0.0/24 to 10.10.10.0/24 gateway. Two subnets on one segment. rc.conf (excerpt) looks like this: defaultrouter="10.10.10.254" gateway_enable="YES" firewall_enable="YES" firewall_type="open" ifconfig_ed0="inet 10.10.10.1 netmask 255.255.255.0" ifconfig_ed0_alias0="inet 10.10.10.10 netmask 255.255.255.255" ifconfig_ed0_alias1="inet 10.0.0.1 netmask 255.255.255.0" 10.10.10.10 is simply an alias I'm using since I'm running dnscache on 10.10.10.1 and tinydns on 10.10.10.10. The kernel was compiled with options IPFIREWALL options IPDIVERT With my wireless laptop set to 10.0.0.50 using the 10.0.0.1 gateway as its default route I am able to ping 10.0.0.1, 10.10.10.1, but no other hosts on or off the LAN. traceroute from the laptop reveals a hop to 10.0.0.1 and then the packets are simply lost. 10.10.10.1's routing table looks like this: Destination Gateway Flags Refs Use Netif Expire default 10.10.10.254 UGSc 16 31 ed0 10/24 link#1 UC 1 0 ed0 10.0.0.50 00:02:2d:6b:9f:ec UHLW 1 159 ed0 1180 10.10.10/24 link#1 UC 3 0 ed0 10.10.10.1 00:4f:49:0a:1e:85 UHLW 1 831 lo0 10.10.10.2 00:4f:4e:04:3b:35 UHLW 2 3415 ed0 1075 10.10.10.10 00:4f:49:0a:1e:85 UHLW 1 101 lo0 => 10.10.10.10/32 link#1 UC 1 0 ed0 10.10.10.254 00:30:f1:18:84:3c UHLW 17 25 ed0 1078 127.0.0.1 127.0.0.1 UH 0 0 lo0 Notice that the 10/24 subnet is listed, but not the 10.0.0.1 IP number. The Routing section of the FreeBSD Handbook alludes to being able to do this, so I assume it's possible. I just don't know what's wrong. Help!? -Jon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message