Date: Tue, 14 May 2002 15:22:29 -0700 From: "Crist J. Clark" <crist.clark@attbi.com> To: rick norman <rick.norman@lmco.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ipfw and aliases Message-ID: <20020514152229.B57077@blossom.cjclark.org> In-Reply-To: <3CE17755.12735706@lmco.com>; from rick.norman@lmco.com on Tue, May 14, 2002 at 01:45:10PM -0700 References: <3CDB2CED.DCC3092F@lmco.com> <20020511134633.A2824@blossom.cjclark.org> <3CE1599C.42071126@lmco.com> <20020514131100.A57077@blossom.cjclark.org> <3CE17755.12735706@lmco.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 14, 2002 at 01:45:10PM -0700, rick norman wrote:
> I'm probably giving too little detail. Basically I'm configuring bsd 4.5
> as an intermediate node router in a fairly complex topology. The different
> aliases on an interface allow me to take different paths through this topology
> based on the subnets. What I want to do is apply different characteristics
> to multiple data streams based on the subnet they take leaving my router.
> The pkt only has src and des ip which says nothing about the path the routing
> protocols have picked.
What information are the routing protocols using besides the
destination IP?
> The rules that I see available in the ipfw would catch
> all the aliases leaving on an interface with no differentiation.
Because there is no difference. The only information available on a
packet being forwarded are the interface it came in on, the interface
it is going out of, the next hop, and of course the data in the packet
itself (the source and destination IPs). I'm not sure what other
information you are trying to tap into.
> It seems that
> another key word, similar to the 'via' qualifier would allow me to individually
> grab the outbound aliases. The needed info is available in the routing table
> in the form of the next hop router, I just don't see a way to grab a pkt based
> on the next hop address or the outbound subnet.
Examining the next hop address on outgoing packets is not a big deal.
It would be straight forward to add it to ipfw(8). But I'm still not
sure what it has to do with local alias addresses.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020514152229.B57077>