From owner-freebsd-net@FreeBSD.ORG Sun May 11 09:42:13 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5C285106566C for ; Sun, 11 May 2008 09:42:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outU.internet-mail-service.net (outu.internet-mail-service.net [216.240.47.244]) by mx1.freebsd.org (Postfix) with ESMTP id 42D8A8FC1A for ; Sun, 11 May 2008 09:42:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Sun, 11 May 2008 15:55:21 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 8178E2D600D; Sun, 11 May 2008 02:42:12 -0700 (PDT) Message-ID: <4826BF74.3030204@elischer.org> Date: Sun, 11 May 2008 02:42:12 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Igor Sysoev References: <48134DDE.9010306@elischer.org> <20080429084032.GW71371@stlux503.dsto.defence.gov.au> <48175793.30606@elischer.org> <48175B91.1010202@gtcomm.net> <481766A2.7040809@elischer.org> <48176C65.4080600@gtcomm.net> <481772C7.8090300@elischer.org> <20080511092046.GC79358@rambler-co.ru> In-Reply-To: <20080511092046.GC79358@rambler-co.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: Multiple routing tables in action... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2008 09:42:13 -0000 Igor Sysoev wrote: > On Tue, Apr 29, 2008 at 12:11:03PM -0700, Julian Elischer wrote: > >>> Then you can export RIB entries , say >>> you have 5 BGP peers and you want to export 2 or 3 or all of them into >>> the 'main' routing instance you can set up a policy to add those learned >>> routes into the main instance and v-v. >>> Linux behaves a little bit differently as you have to make an 'ip rule' >>> entry for it but it doesn't use the firewall. >> for now this code asks you to use a firewall to classify incoming >> packets.. >> >> e.g. >> 100 setfib 2 ip from any to any in recv em0 > > Is is possible to extend ifconfig to classify incoming packets ? > > You could assign a default fib for all packets received by an interface and that is on my list of things to look at doing later. In the meantime you can use ipfw and pf to assign fibs to incoming packets depending on the receive interface.