Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 22 Apr 2003 19:25:20 +0800 (MYT)
From:      Dinesh Nair <dinesh@alphaque.com>
To:        freebsd-questions@freebsd.org
Subject:   routing q on dual homed freebsd 
Message-ID:  <20030422191706.O37825-100000@prophet.alphaque.com>
next in thread | raw e-mail | index | archive | help 

hey,

i've got a freebsd box with 2 NICs, net diagram below:

             ISP_1       ISP_2
               |           |
               |           |
             ROUTER_1    ROUTER_2
         (IP_ADDR_1)    (IP_ADDR_2)
               |           |
               |           |
               |           |
               +- FREEBSD -+
     (IP_ADDR_3)           (IP_ADDR_4)


now, all the ip addresses shown are public ip addresses. the default
gateway of the freebsd box is IP_ADDR_1. no routing daemon is being run,
all static routes (only default so far).

what i want is for all packets arriving into the freebsd box on IP_ADDR_3
to go out the same interface, and all packets arriving on IP_ADDR_4 to go
out that interface. what's happenning is that because default route is to
ROUTER_1 (IP_ADDR_1), all packets incoming on IP_ADDR_4 is also going out
to ROUTER_1 (IP_ADDR_1) (with a source ip of IP_ADDR_4). now when ISP_1's
routers see this, they drop the packets coz it's not setup to be a proper
border router.

i've managed to get this to work with a single ipfw rule
fwd IP_ADDR_2 ip from IP_ADDR_4 to any
and it seems to work. is this the recommended way of doing it, or is there
another way of doing it ? note there are other ipfw rules in place with a
default policy to deny. the other rules allow web, ssh and name service.

i can't exchange routing info with either ISP as both of them don't allow
it. the freebsd box is not a gateway for anything else, it just runs a few
web sites on different ip addresses, some aliased on one interface and
some on the other.

so, am i doing it right ?

Regards,                           /\_/\   "All dogs go to heaven."
dinesh@alphaque.com                (0 0)    http://www.alphaque.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |
+=========================================================================+

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030422191706.O37825-100000>