From owner-freebsd-net  Sat Mar 17 11:54: 5 2001
Delivered-To: freebsd-net@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id C843737B719
	for <freebsd-net@FreeBSD.ORG>; Sat, 17 Mar 2001 11:54:01 -0800 (PST)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f2HJsOl17677;
	Sat, 17 Mar 2001 13:54:28 -0600 (CST)
	(envelope-from nick@rogness.net)
Date: Sat, 17 Mar 2001 13:54:24 -0600 (CST)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: same interface Route Cache
In-Reply-To: <200103171937.OAA75388@khavrinen.lcs.mit.edu>
Message-ID: <Pine.BSF.4.21.0103171345040.16998-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, 17 Mar 2001, Garrett Wollman wrote:

> <<On Sat, 17 Mar 2001 10:28:25 -0600 (CST), Nick Rogness <nick@rogness.net> said:
> 
> > 	Packet 1 comes in through ISP #2 network.  It comes into your
> > 	internal network to machine 1.  Machine 1 replies to the
> > 	packet...but where does it go?  It will exit through interface 
> > 	to ISP #1 because of the default gateway.  It came in ISP #2 and
> > 	left out ISP #1.  There is your problem.
> 
> That's the way Internet routing is supposed to work.  If your routing
> table says a packet supposed to go one way, and it really needs to go
> another way, that's *user error* -- if you misconfigure your routing,
> FreeBSD will do what you ask it to; it can't read your mind!

	Yes, that is correct.  That is how routing is suppose to
	happen.  However, there should be a workaround available to do
	this...without setting up a routing peer with your
	upstreams.  Unless you are an ISP, you can't just ask your DSL
	provider to give you this option.  Most upstreams will filter your
	traffic so you can't have different source network addresses
	coming from your machine to their networks, only the
	IP's that they assign to you.  SPoofing anyone?


	I am trying to proactively find a solution to this.  Whether it is
	doable or not is another thing.  Actually, I know it is doable
	because I'm doing it as we speak using 3 natd's, but it is ugly.

	After all, this seems to be a common setup with FreeBSD.  If you
	want to BGP peer with someone, buy a Cisco.

Nick Rogness <nick@rogness.net>
- Keep on routing in a Free World...  
  "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message