Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 4 Dec 2002 15:31:17 -0500
From:      Chuck Swiger <cswiger@mac.com>
To:        Don Bowman <don@sandvine.com>
Cc:        "'freebsd-net@freebsd.org'" <freebsd-net@FreeBSD.ORG>
Subject:   Re: SO_DONTROUTE, arp's, ipfw fwd, etc
Message-ID:  <5717ED58-07C7-11D7-A933-000A27D85A7E@mac.com>
In-Reply-To: <FE045D4D9F7AED4CBFF1B3B813C85337010230F7@mail.sandvine.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Wednesday, December 4, 2002, at 03:20  PM, Don Bowman wrote:

> What's happening is I have >1 router feeding me sessions which
> I'm transparently proxying (e.g. squid).
> Obviously I can't have a default route back to each of them.
>
> So I have something like:
>
> [Router1]---\
>              \
> [Router2]--------[BSD]
>              /
> [Router3]---/
>
> This is done with a layer-2 mac rewrite, ie the router takes the packet,
> doesn't modify the IP header, but changes the destination MAC to
> be that of the BSD machine.

You can't have more than one default route, but you certainly can have 
several static or dynamic routes to select the appropriate router to send 
responses back.  You could also look into policy-based routing or 
multihoming the connections, but I guess that depends on what you're doing.

 > I can't make the route be one of those routers,
 > and the routing tables are too complicated to install (since there
 > may be BGP on the left of them, etc, etc). Its important for
 > me the response packets go back through the same path (to avoid
 > reordering etc).

What happens if incoming traffic comes via more than one router at a 
time-- how should your system decide which path to send replies back?  
Based on the source IP?

-Chuck

        Chuck Swiger | chuck@codefab.com | All your packets are belong to 
us.
        
-------------+-------------------+-----------------------------------
        "The human race's favorite method for being in control of the facts
         is to ignore them."  -Celia Green


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5717ED58-07C7-11D7-A933-000A27D85A7E>