routing question

[. at babolo.ru]

[ Charset ISO-8859-1 unsupported, converting... ]
> Hi everyone. I'm trying to do some strange things to the routing table, and 
> I can't get them to work.
> Our ISP assigned us a /26 subnet. xxx.xxx.xx.1 is the main router, a Cisco 
> 2511. xx.xx.xx.2 is the main server, and there are a few machines. This 
> server, a FreeBSD is an access server, which allowed our Wireless customers 
> to access the internet. The BSD server has 2 NICs: one to the public 
> internet, and the other to the Access Point. We had to move from a PPTP 
> setup to a DHCP setup because PPTP keeps disconnecting the customers. With 
> PPTP, the machine did Proxy-ARP so I could give the customers public 
> addresses via PPTP.
> Now with DHCP we moved the customers to a NAT setup, and reserve public 
> addresses for special customers. The problem is, I can't route the public 
> addresses to the second NIC.
> What I did was this:
> 
> nic 1: xl0, xxx.xxx.xxx.2 netmask 255.255.255.192
> nic 2: xl1, 10.5.5.10 netmask 255.255.255.0
> nic 2: xl1, xxx.xxx.xxx.4 netmask 255.255.255.255 alias
> 
> on the main router, I added  static route of xxx.xxx.xxx.4/32 via 
> xxx.xxx.xxx.2, and it worked, I get pings from the public internet.
> so I added a machine on the private LAN and set it an IP of xxx.xxx.xxx.5/24 
> gateway xx.xxx.xx.4, and a static route on the BSD server of 
> "xxx.xxx.xxx.5/32 via xxx.xxx.xx.4", trying to route packets to .5 via .4 
> instead of .2, so packets would go via xl1 rather than xl0. But it doesn't 
> seem to work. I get TTL exceeded, even from inside the BSD server. Also on 
> the main router to the public internet i added a route to .5/32 via .4.
> 
> How can I make this work?
ifconfig xl1 xxx.xxx.xxx.63/27
sysctl net.link.ether.inet.proxyall=1

And use xxx.xxx.xxx.32/27 in internal net for the customers
with default gateway xxx.xxx.xxx.63.

Swap masks if you want more then /27 for customers:

nic 1: xl0, xxx.xxx.xxx.2/30
nic 2: xl1, xxx.xxx.xxx.63/27

and net.link.ether.inet.proxyall=1