Multiple IPv6 ISPs
Julian Elischer
julian at freebsd.org
Mon Jul 4 21:08:21 UTC 2011
On 7/4/11 5:24 AM, Paul Schenkeveld wrote:
> Hi,
>
> At one of my customers we have had 2 ISPs for a long time but now we
> have to support IPv6 too.
>
> In the IPv4 world I used ipfw for policy-based routing to separate
> traffic from the two public address ranges:
>
> ipfw add 1010 allow ip from any to MY_IP_RANGES
> ipfw add 1020 fwd ISP1_GW ip from ISP1_SUBNET to any
> ipfw add 1030 fwd ISP2_GW ip from ISP2_SUBNET to any
>
> When I try the same with IPv6, it appears that ipfw(8) does not support
> an IPv6 destination with the fwd statement, the packet matching part
> seems to work fine. This appears documented in bin/117214 (Oct 2007)
> but never solved.
>
> Before asking the list I went looking for other options, setfib came to
> mind but it appears that setfib only works on IPv4, is that correct or
> am I overlooking something?
no, setfib for IPV6 is not complete
I know that work is underway to fix that,
it may be possible to use netgraph and vnetjails to simulate it
somehow as vnet supports ipv6.
> Pf is used for firewalling and doing both filtering and policy based
> routing in pf doesn't work.
>
> Anyway, how do other people solve this? I need to run services on both
> address ranges so flipping a default gateway when pinging the next hop
> fails does not solve it for me.
>
> Soon, having IPv6 is no longer an option but rather a necessity.
>
> Regards,
>
> Paul Schenkeveld
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list