Date: Tue, 03 Apr 2001 13:20:07 -0700 From: Matthew Reimer <mreimer@vpop.net> To: owensmk@earthlink.net, security@freebsd.org Subject: Re: Multiple Default Gateways using DIVERT Message-ID: <3ACA3077.BA9CFFCE@vpop.net> References: <lists.freebsd.security.0104021648540A.00570@mike.SOMEWHERE>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Owens wrote: > > My company has a single DSL line through which I have set up internet access > via NAT using IPF. > > We are getting a second DSL line, and I was wondering what the best way, if > any, would be to use NAT and different default gateways so as to divide up > the groups by source address across them. I would like 10.10.10.1-128 to go > through gateway 1 (say 2.2.2.1) and 10.10.10.129-254 through gateway 2 (say > 2.2.2.2). I have searched the mail archives and seen various suggestions, but > none seemed to address this specifically. > > I know this can't be done with IPF, so I am asking if this is something that > could be done with IPFW. From what I can tell, it might using divert, but I > am not all that clear on divert's use in varying gateways. This might be a start, though I'm not sure how NAT should fit in. You'll need the IPFIREWALL and IPFIREWALL_FORWARD kernel options. ipfw add 1000 fwd 2.2.2.1 ip from 10.10.10.0/25 to any ipfw add 2000 fwd 2.2.2.2 ip from 10.10.10.128/25 to any Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ACA3077.BA9CFFCE>