> I over-simplified the problem - I'm not talking about 4 hosts on pure > Ethernet here, I'm really talking about hundreds to thousands with > some portions running over radio. The rules change dynamically and > pretty frequently (like potentially on the order of seconds) - I have > a routing daemon that knows how the rules are changing and I need to > get this into a routing table. > > Subnetting on this scale won't work, and since some hosts will need to > participate in multiple subnets, you run into the problem of > dynamically managing subnets and aliasing the interface (easy enough > at small scale) > > We have this running on Linux, but it's my belief that we're actually > exploiting a bug or flaw in the Linux routing. The closest I've > gotten is to set add a route like this on .1: > > .1 has a netmask of 0xffffffff > > route add 192.168.1.2 -interface fxp0 > > (hope I'm remembering this right) which yields the packets getting > transmitted with but with the MAC address of .1, so .2 never > recognizes the packet. If it resolves your problem, when any traffic goes through 192.168.1.2, then swich net.link.ether.inet.proxyall=1 net.inet.ip.redirect=0 net.inet.icmp.drop_redirect=1
and use netmask /32 on other host as described As far as I understand they are mostly Windows? > ipfw is an interesting suggestion, I'll have to look at that. If all other hosts are in nets of 192.168.1.2 then you are not need ipfw to redirect trafic beetween hosts. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
