DaemonForums  

Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 13th April 2010
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,051
Thanked 118 Times in 93 Posts
Post HOWTO: multiple default routes

Thanks to phoenix help I was able to setup multiple default routes, or a default route per network/interface to be precise, in Debian/Linux it is as simple as that:

/etc/network/interfaces
Code:
iface eth0 inet static
    address 10.0.0.1
    netmask 255.255.255.0
    gateway 10.0.0.254

iface eth1 inet static
    address 20.0.0.1
    netmask 255.255.255.0
    gateway 20.0.0.254
That would be example topology (but more then 2 interfaces is also possible).
Code:
 NETWORK0                      NETWORK1
         \                            /
          \                          /
           \                        /
            \                      /
             \                    /
          ROUTER0             ROUTER1
          10.0.0.254          20.0.0.254
              \                  /
        +------\----------------/------+
        |       \              /       |
        |       em0          em1       |
        |    10.0.0.1     20.0.0.1     |
        |                              |
        |         FREEBSD BOX          |
        |                              |
        +------------------------------+
Now, You can not use the 'casual' defaultrouter="X" cause it will be only for one network.

We will have to use setfib(1) to create two (or more) separete routing tables per network/interface.

Add these lines to /boot/loader.conf file:
Code:
ipfw_load="YES"
net.fibs=16
It will unfortunately require kernel recompile, but its not as that hard:
Code:
# cd /usr/src/sys/$( uname -m )/conf
# cp GENERIC /root/ROUTES
# ln -s /root/ROUTES
# echo "options ROUTETABLES=16" >> ROUTES
# cd /usr/src
# make NO_MODULES=1 kernel KERNCONF=ROUTES KODIR=/boot/routes
# mv /boot/routes/kernel /boot/kernel/kernel
# reboot
We can of course set 2 instead of 16, but You will at least have to recompile Your kernel again and reboot which is not very handy ...

Nest set your networks/interfaces as usual in /etc/rc.conf file:
Code:
ifconfig_em0="inet 10.0.0.1/24"
ifconfig_em1="inet 20.0.0.1/24"
# check /etc/rc.local for default routes

All the rest configuration resides in /etc/rc.local file:
Code:
# define default routes
setfib 0 route delete default
setfib 0 route add    default 10.0.0.254
setfib 1 route delete default
setfib 1 route add    default 20.0.0.254

# assing route tables to interfaces
ipfw -f flush
ipfw add allow    ip from any to any via lo0
ipfw add setfib 1 ip from any to any via em0
ipfw add setfib 0 ip from any to any via em1
ipfw add allow    ip from any to any
These would be handy for restarting:
Code:
# /etc/rc.d/netif restart
# /etc/rc.d/local restart
... and thats all folks.
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
  #2   (View Single Post)  
Old 14th April 2010
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 699
Thanked 90 Times in 81 Posts
Default

Just a quick note, if doing this on a router with a single internal interface.

Traffic originating on the local network will go out the default route of FIB 0.

Only traffic coming in on the second public interface will go out the same interface.

IOW, the setup above is really only useful for incoming traffic, to make sure that it goes back out the correct interface.

However, a few more IPFW rules can be added to classify traffic on the internal NIC.

It all depends on what you want to accomplish.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #3   (View Single Post)  
Old 14th April 2010
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,051
Thanked 118 Times in 93 Posts
Default

Quote:
Originally Posted by phoenix View Post
IOW, the setup above is really only useful for incoming traffic, to make sure that it goes back out the correct interface.
Yes, its mainly for that purpose, to assign proper gateways to networks/interfaces (which is a lot more easier @ Debian in /etc/network/interfaces)

We may even use FIB# 1 and 2 for these networks, and use FIB# 0 with other NIC as a default interface, posibilities are of course big, but I wanted to point posibility of having a gateway per network.
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
change default font of the X rex FreeBSD General 2 26th October 2008 05:54 PM
apache 2.2.8 , is it on chroot by default? superslot OpenBSD Security 9 30th June 2008 11:56 AM
is default security applied? BFlatMinor OpenBSD Security 7 21st June 2008 03:36 PM
cvs-supfile default prefix maxrussell FreeBSD General 2 24th May 2008 10:49 AM
Default installation and Xenocara... maurobottone OpenBSD Installation and Upgrading 2 20th May 2008 10:12 PM


All times are GMT. The time now is 07:34 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick