Multiple routing tables (setfib) trouble

Julian Elischer julian at elischer.org
Tue Sep 23 07:42:32 UTC 2008 

Igor R wrote:
> Hello!
> 
> I'm using  FreeBSD 7.0-STABLE  (Jul 25) and I have two Internet
> connections. Both are ethernet based, but one requires PPTP (2) while
> another is direct with external IP address.
> Trouble is that provider (1) of connection with external address is
> limiting number of outgoing TCP connections (this was reason I got
> another provider). So now my setup is
> 1) On boot I have default route to provider (1)
> 2) After MPD (PPTP) is up I replace default route with route to provider (2)
> 3) I use "route-to" and "reply-to" in /etc/pf.rules to route incoming
> SSH and HTTP and outgoing HTTP via provider (1), also I use these
> rules to provide routing to internal network of this provider
> 4) All other traffic (BitTorrent :-) ) is going via provider (2) via
> ng0 (PPTP) interface
> All works fine, but ... Provider with PPTP is less reliable and when
> PPTP connection fails I have trouble connecting to my SSH server
> (because DNS stops working)
> 
> So, after FreeBSD got multiple routing tables I tried this:
> 
> 1)  On boot I have default route to provider (1)
> 2)  After MPD (PPTP) is up I do
> 2a) setfib 1 route add default PPTP_DEFAULT_GATEWAY
> 2b) setfib 1 /usr/local/etc/rc.d/tranmission restart
> 
> And here  are problems:
> 1) All outgoing traffic with fib==1 goes through provider (2) as
> expected, answers are received
> 2) BUT ... incoming traffic looks strange: answers are sent through
> default gateway with fib==0
> 
> I made simple test:
> 
> setfib 1 netcat -l 8000
>   and then from outside:
> telnet my_ip 8000
>   I see (with tcpdump) incoming packets on ng0 (PPTP) inteface, but no
> answers. If I start tcpdump on other provider interface I see packets
> with answers. But if I try
> setfib 1 traceroute some_host
> then routing works via correct gateway
> 
> So, is it possible to have bittorrent daemon with FIB=1 :-)?

can you sendme teh output of:
setfib -0 netstat -rn
setfib -1 netstat -rn


> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"

More information about the freebsd-net mailing list