On Sat, 17 Mar 2001, Wes Peters wrote:
[Wes, if you get this, for some reason I can't send to your
domain.]
You are not understanding what I am trying to say. Once again I'll try to
clarify.
> > For dual-homed hosts, this is a problem because your packet gets
> > sent out the default gateway, which may or may not get filtered
> > upstream. This is usually solved by running a routing deamon but
> > most upstreams won't allow you to do that anyway (cable,dsl,etc).
>
> If you have a dual-homed host that is simply routing an internal LAN to
> the external network, you don't need anything other than a default route.
> If it's not bound for the internal network, it goes to the external
> network, by definition.
>
Actually, that is not what "dual-homed" in the internet
world means. Dual homed is having 2 *public* Internet
connections. That's ISP lingo.
> I completely fail to see that you have actually stated a problem yet.
>
> What exactly is the problem you think you're trying to solve here?
>
Consider the following. I have to restate this every damn couple
of weeks to get it through. Here is the problem:
ISP#1 ISP#2
| |
| |
--- xl0 FreeBSD xl1 -----
xl2
|
|
Internal network
|
|
Machine 1
Packet 1 comes in through ISP #2 network. It comes into your
internal network to machine 1. Machine 1 replies to the
packet...but where does it go? It will exit through interface
to ISP #1 because of the default gateway. It came in ISP #2 and
left out ISP #1. There is your problem.
What if you are running nat in this case....your hosed.
You can check out route-cache at Cisco's online site. It may help
to clarify as to why you would want to do this.
If you check the -net mailing list this problem re-occurs over and
over and over and over and over. To which there is a work around
that's a bit messy.
Nick Rogness <[EMAIL PROTECTED]>
- Keep on routing in a Free World...
"FreeBSD: The Power to Serve!"
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
