Nick Barnes wrote:
At 2008-02-18 21:36:18+0000, Bill Moran writes:
In response to Nick Barnes <[EMAIL PROTECTED]>:
I have a multi-home host: more than one IP address. The addresses are
in separate subnets but run over the same ethernet segment (this is a
temporary situation while I switch an office network over from one
network provider to another).
I want packets from address A1 to be sent via gateway G1, but packets
from address A2 to be sent via gateway G2.
How do I do this? Can I just have more than one default route? I'm
remote from the machine in question, so I don't want to tinker with
the default route until I'm sure of the answer.
You can't have multiple default routes. The fact that you want to is
an indicator of incorrect network design, although it could be an
artifact of the interim setup while you migrate things around.
I would suggest you ask yourself (and possibly the list) _why_ you think
multiple default routes is necessary ... what is it that you're hoping
to accomplish. I'm guessing your looking for some sort of redundancy,
in which case something like CARP or RIP is liable to be the correct
solution.
I agree that this is probably my inexperience showing.
I have an office network which is switching leased line, from provider
P1 to provider P2. I have a /25 from P1 and a (different) /24 from
P2. I am doing the migration a few machines at a time: move a little,
test a little, etc. I am dual-homing each host for a short period
while I am switching it over. The dual-homing works just fine, over a
shared ethernet segment, except for the fact that I can only have one
default route.
This means that I am sending packets from an address given to me by P2
to P1's router (my existing default route). As an experimental
matter, today, this does in fact work - these packets are getting to
their destinations, via P1 - but it looks a heck of a lot like
spoofing and I am half-expecting the wrath of P1 to descend on me.
Either that or for them to silently stop routing the packets.
I would rather send packets from the P2 subnet addresses to the P2
router, while the packets from the P1 subnet addresses keep going to
the P1 router.
Apparently I can do this with some IPFW cunning, but that seems like
overkill for what seems like it ought to be a common problem.
If I were in the office, I would gird my loins for a single hard
session on all the consoles, to do all the config changes at once,
abandoning the P1 addresses. As it is, doing it remotely, I'm being a
little more tentative.
Unless you actually want all your machines to be remotely
accessible from the outside, you should probably just turn on
NAT on the new ISP interface, turn off the old one, and be
done with it.
Then your internal addresses are of no interest at all.
You could move the one or two machines that need to be remotely
accessible to the new addresses and leave the others as they are, or
move them over at your leasure over the next year or so.
(or move them to rfc1918 addresss and save yourself the cost of the
/24)
Nick B
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
