Re: Static route via address, not interface

Vladimir B. Grebenschikov Mon, 17 Nov 2003 00:07:02 -0800

В пт, 14.11.2003, в 20:41, Jason Dixon пишет:
> On Fri, 2003-11-14 at 07:38, Vladimir B. Grebenschikov wrote:
> 
> > I guess - you already have 192.168.0.0/24 route entry, added by command:
> > ifconfig fxp0 192.168.0.53/24 
> > 
> > so now you need:
> > remove network route via interface:
> > route delete 192.168.0.0/24
> > add interface route (kernel should know how to reach router) 
> > route add 192.168.0.1/32 -iface fxp0 -cloning
> > and then add network route via router
> > route add 192.168.0.0/24 192.168.0.1
> 
> I guess I didn't make it clear enough, let me try again.
> 
> I'm attempting to create a static route for my FreeBSD host so that
> *all* local traffic is routed across the gateway firewall, rather than
> being delivered on the local network segment, as is the default with
> LANs.  If you view the routing table (below) again, you'll notice that
> traffic from the FreeBSD box (192.168.0.53) to another box on the same
> subnet (192.168.0.42) is still being delivered locally, rather than
> being routed through the gateway (192.168.0.1).  This is *after* I've
> added a static route for 192.168.0.0/24 to use 192.168.0.1.


I understand you by previous message, so there is transcript of my
configuration (I have 172.22.2.0/24 segment attached with router
172.22.2.1 and my address 172.22.2.3)

Initial stage: I have directly routed subnet.

# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            172.22.2.1         UGSc        0        1   fxp0
127.0.0.1          127.0.0.1          UH          1      312    lo0
172.22.2/24        link#2             UC          0        0   fxp0
172.22.2.1         00:a0:c9:04:7d:2c  UHLW       11      279   fxp0  
1132
172.22.2.2         00:a0:c9:c7:fc:fa  UHLW        1    57286   fxp0  
1194
172.22.2.3         127.0.0.1          UGHS        0        1    lo0
172.22.2.255       ff:ff:ff:ff:ff:ff  UHLWb       2      163   fxp0

Now I am removing routing of subnet directly via interface:

# route delete 172.22.2.0/24
delete net 172.22.2.0
# netstat -rn 
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            172.22.2.1         UGSc        1        1   fxp0
127.0.0.1          127.0.0.1          UH          1      312    lo0
172.22.2.3         127.0.0.1          UGHS        0        1    lo0

Now I am adding routing for router address only (kernel need to know how
to reach router)

# route add 172.22.2.1/32 -iface fxp0 -cloning
add net 172.22.2.1: gateway fxp0
# ping -c1 172.22.2.1
PING 172.22.2.1 (172.22.2.1): 56 data bytes
64 bytes from 172.22.2.1: icmp_seq=0 ttl=64 time=0.462 ms

--- 172.22.2.1 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.462/0.462/0.462/0.000 ms


# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            172.22.2.1         UGSc        1        1   fxp0
127.0.0.1          127.0.0.1          UH          1      312    lo0
172.22.2.1         00:a0:c9:04:7d:2c  UHLW        0        1   fxp0  
1196 =>
172.22.2.1/32      link#2             UCS         0        0   fxp0
172.22.2.3         127.0.0.1          UGHS        0        1    lo0


So, there is only route for router and myself in routing table.
No I'll add route for all 172.22.2 network:

add net 172.22.2.0: gateway 172.22.2.1
# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            172.22.2.1         UGSc        1        1   fxp0
127.0.0.1          127.0.0.1          UH          1      312    lo0
172.22.2/24        172.22.2.1         UGSc        0        0   fxp0
172.22.2.1         00:a0:c9:04:7d:2c  UHLW        1        1   fxp0  
1184 =>
172.22.2.1/32      link#2             UCS         0        0   fxp0
172.22.2.3         127.0.0.1          UGHS        0        1    lo0


Look 172.22.2.0/24 via 172.22.2.1, let's check it:

# ping -c1 172.22.2.2
PING 172.22.2.2 (172.22.2.2): 56 data bytes
36 bytes from dev (172.22.2.1): Redirect Host(New addr: 172.22.2.2)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 c802   0 0000  40  01 5675 172.22.2.3  172.22.2.2 

> router complains here about possible direct way, by this can be
switched of by sysctl on router

64 bytes from 172.22.2.2: icmp_seq=0 ttl=64 time=0.611 ms

--- 172.22.2.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.611/0.611/0.611/0.000 ms
# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            172.22.2.1         UGSc        1        1   fxp0
127.0.0.1          127.0.0.1          UH          1      312    lo0
172.22.2/24        172.22.2.1         UGSc        0        1   fxp0
172.22.2.1         00:a0:c9:04:7d:2c  UHLW        1        2   fxp0  
1164 =>
172.22.2.1/32      link#2             UCS         0        0   fxp0
172.22.2.3         127.0.0.1          UGHS        0        1    lo0
# 

Anyway all traffic directed through router 

# ping -n -c1 -R 172.22.2.2
PING 172.22.2.2 (172.22.2.2): 56 data bytes
64 bytes from 172.22.2.2: icmp_seq=0 ttl=64 time=0.659 ms
RR:     172.22.2.1
        172.22.2.2
        172.22.2.3

--- 172.22.2.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.659/0.659/0.659/0.000 ms
# 


-- 
Vladimir B. Grebenschikov <[EMAIL PROTECTED]>
SWsoft Inc.
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Static route via address, not interface

Reply via email to