Is Port Based Routing Possible?

Drew Tomlinson drew at mykitchentable.net
Fri Oct 17 17:42:03 PDT 2003 

Is there a way to route traffic based on port?  Basically, I want to have
all traffic on port 8080 use the rl0 interface for its gateway and all other
traffic use dc0.  Here is a diagram of my network.

         Internet
             |
         Public IP
             |
       ADSL Modem/Router
        192.168.10.1
             |
            dc0
        192.168.10.2
             |
         FBSD 4.8 --------- rl0
             |         192.168.100.2
            dc1              |
             |         192.168.100.1
        192.168.1.2    Neighbor's AP
             |               |
        Internal LAN     Public IP
             |               |
        192.168.1.3       Internet
        Media Server

I'm trying to serve a small video stream via my neighbor's faster Internet
connection and keep all of my other traffic on my Internet connection.  I'm
trying to get the traffic to flow like this:

1.    Media players connect to the public IP on the neighbor's AP (Linksys)
on port 8080.

2.    Neighbor's AP does NAT and forwards traffic on port 8080 to rl0
(192.168.100.2).  I would like to forward to the media server at 192.168.1.3
but the Linksys won't allow me to set NAT to forward to a different subnet.

3.    The rl0 interface on my FBSD box is running NAT as well.  I did this
because a simple "ipfw fwd" rule left the destination address as
192.168.100.2 and so my server at 192.168.1.3 ignored the packets as it was
not the destination.  natd with a 'redirect' switch and the corresponding
'divert' rule changes the destination address to 192.168.1.3.

4.    The server receives the syn packet and sends a syn/ack to establish a
connection.  I want to have this packet return on the same path.  However
the default gateway for the media server is 192.168.1.2.  Then because the
default gateway for the FBSD box is 192.168.10.1 (my Internet connection),
the packet goes out 192.168.10.2 and out through my own ISP.  Thus the
connection never gets established.

I can get traffic to flow the way I want by adding a static route on the
FBSD box.  For example, if a media player at 1.2.3.4 initiates a connection
from the Internet and do "route add -host 1.2.3.4 192.168.100.1" then the
connection flows.  However this is not practical in normal everyday usage
when I don't know what IPs will connect.

Is what I want possible and if so, what should I read to learn more?

Thanks,

Drew

More information about the freebsd-questions mailing list