Date: Mon, 28 Apr 2014 18:11:08 +0800 From: Julian Elischer <julian@freebsd.org> To: Andrea Venturoli <ml@netfence.it>, freebsd-net@freebsd.org Subject: Re: Server with multiple public IP Message-ID: <535E293C.5050705@freebsd.org> In-Reply-To: <535E231A.1050800@netfence.it> References: <535E1842.20905@netfence.it> <535E1C66.6090004@talk2dom.com> <CAPS9%2BSuGbQgZ0yM5HSy8KhPRF_-7ixuMf26DHJ27XqoJWPZX1A@mail.gmail.com> <535E231A.1050800@netfence.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/28/14, 5:44 PM, Andrea Venturoli wrote: > On 04/28/14 11:18, Andreas Nilsson wrote: > >> You could put all the services which are on 2.0.0.2 in a separate >> fib and >> there have another default-route. > > Thanks, but unfortunately I can't, since some services must be able > to answer on both addresses. the answer is to use the ipfw setfib rule for incoming packets on the second interface. setfib 1 ip from any to any in recv em0 In new freebsd kernels you can do this with ifconfig em0 fib 1 (I think that's the syntax) without involving ipfw. then the session will inherit that fib. Outgoing packets from that session will use fib 1 while other outgoing packets will use fib0. > > Maybe I could use socket in one fib to proxy to the other, but that > would probably make a mess in the logs when I have to identify who > connects to what and from where. > > bye & Thanks > av. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?535E293C.5050705>