Re: dual gateways

Sun, 31 May 2009 15:45:51 -0700 

Tim Judd wrote:




On Sun, May 31, 2009 at 3:55 PM, Nikos Vassiliadis <nvass9...@gmx.com 
<mailto:nvass9...@gmx.com>> wrote:


    Tim Judd wrote:

        I know it is not typical, but here's my setup.

        I have a private IP scope (/24 block) split up.  2 /25's

        I have a box that has dual NICs.  One is on the low /25 and one
        is on the
        high /25.  The high /25 is only used for jails and his gateway is a
        soekris/alix board that will function.  I can't find out how to
        get the high
        /25 to assign an additional gateway that's directed toward the
        soekris/alix
        SBC.


        Any tips or advice on how I can setup the high netblock to get
        it to route
        successfully to the SBC?


    Something like:
    [internet-IP router 10.0.0.1/25]
                                |
                                |
    [10.0.0.129/25 FreeBSD 10.0.0.2/25]
       |
       |
    [10.0.0.130/25 router internet-IP]

    Is this your setup?
    OK, I am confused:) Could you please explain?




internet
  router1 (192.168.0.1/25)

    (192.168.0.2/25) router2 (192.168.0.129/25) 
      [192.168.0.5/25] Box with problems [192.168.0.130]



All my jails on this box is on the top half, and i want the jails to go 
through the 192.168.0.129/25 gateway (which in 
turn goes through 0.1, but it's a matter of separating off hostile 
computers in my lab that i work on ppls computers with.



Does this help?


Yes, you want to use 192.168.0.2 as your default route and
192.168.0.129 as the default route for traffic originating
from the jails 192.168.0.130/25. You can use a firewall to
do such things, all three "FreeBSD" firewalls have this ca-
pability. ipfw has the fwd action and pf has the route-to
option to change the next hop to whatever the administrator
desires. Check the manual of your favorite firewall.

There is an other option, setfib. You could compile a kernel
with multiple routing tables support and start the jails in
the second routing table which would have 192.168.0.129 as
the default router.

HTH, Nikos
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"






















					Reply via email to