Tunnel Routing Question

[mlager]

I have a pretty simple setup... Two locations, each with a FreeBSD endpoint that have a GIF tunnel built between them:

Router A:
External: A.A.A.A
Internal: 172.16.1.1

Router B:
External: B.B.B.B
Internal: 172.16.2.1

From behind router A, I can access the 172.16.2.0/24 network, and from behind router B, I can access the 172.16.1.0/24 network.

Now for my question... If I have a device behind router A that is sitting on the 172.16.1.0/24 network, is there a way to have that devices Internet traffic go through router B? Something to the effect of a device behind router A having an IP address of 172.16.1.100 but a default gateway of 172.16.2.1? Not sure if that's possible, but I appreciate any feedback.

 

[bbzz]

Make a tunnel between router A and B. Host on 172.16.1.0 still points to 172.16.1.1 as its default gateway. It's up to router A to route over tunnel to router B and internet (via static route or dynamic protocol). Treat tunnel as just another physical interface.

 

[mlager]

That makes sense, but what would a static route on router A look like to route a specific device behind router A through router B, lets say with an IP address of 172.16.1.100 and a default gw of 172.16.1.1... Keeping in mind that I only want traffic for the client 172.16..1.100 to router through 172.16.2.1 and everything else remain the same?

 

[aragon]

Routing table lookups are performed on destination address, not source address. What you want is source routing, aka policy routing. Linux has a policy routing framework, but in FreeBSD you have to use a firewall to do it.

ipfw(4) and pf(4) can both alter the nexthop of IP packets. Have a look at fwd in ipfw(4) or route-to in pf(4).

 

[mlager]

Great thanks for the help, appreciate it!

 

[bbzz]

Keep in mind that router B needs to be told to route over GRE tunnel as well, unless you want another path.