On Mon, Jul 28, 2003 at 10:03:53AM BST, Juan Rodriguez Hervella wrote:
> On Monday 28 July 2003 07:17, Andy Gilligan wrote:
> > Hi,
> >
> > I have three IPv6 /48 networks connected to a FreeBSD 4.8 router, and I
> > allocate /64 tunnels from each network to client machines.
> >
> > Is there any way I can specify the next-hop or outbound interface to use
> > on the router based on the source address of the client?
> >
> > I initially thought of 'ipfw fwd', but ip6fw doesn't seem to have this
> > ability.
> >
> > Any thoughts?
> >
>
> Hello Andy:
>
> I wanted to do something similar and when I realized that ip6fw didn't have
> such option, I asked for it on the Kame mailing list, but they answered me
> that they didn't see it as a feature demanded by the community so they
> didn't have any plan to implement it on the short term.
> (Anyway I think it shouldn't be hard to add such feature,
> but I'm a bit lazy :)
>
> You can ask for it on Kame mailing-list again (because I ask for it a long
> time ago and it may have been already implemented, I don't know). Also I
> think that there are implementations of something called "source base
> routing", but I don't have experience with that.
Well, I got it working eventually, after a bit of tinkering with ipf...
I must admit, I completely forgot about ipf's 'fastroute' abilities,
especially with regard to IPv6 :)
--- Summary ---
Three tunnels: (fictional ip addrs)
gif0 : 2001:111:111::/48 : gw=2001:1000::1
gif1 : 2001:222:222::/48 : gw=2001:2000::1
gif2 : 2001:333:333::/48 : gw=2001:3000::1
The default route is via gif0 (fe80::%gif0)
My ipf6.rules:
pass in on gif0 to gif1:2001:2000::1 from 2001:222:222::/48 to any
pass in on gif0 to gif2:2001:3000::1 from 2001:333:333::/48 to any
So far, I haven't noticed any WeirdStuff(tm) happening, so things look
promising - all packets leave via the right interface :)
Comments welcome if this looks like it may cause problems :)
Best regards,
-Andy
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
