Force outgoing network interface

[pbd]

Hi!

I have a machine with two network interfaces, let's say one have ip address 10.0.0.1/24 and second 192.168.0.1/24. These two network interfaces are connected through some switches and routers, let's call it network.

Is it possible to configure FreeBSD to actually send packets from 10.0.0.1 to 192.168.0.1 through the network?

 

[SirDice]

Yes, that's possible. How depends on the application though.

For ping(8) you'd use the -S option:

ping -S 10.0.0.1 192.168.0.1

 

[SirDice]

Hmm.. Thinking this through and the above might not use the network. It will use 10.0.0.1 as a source address but your routing table will send it directly to the interface.

Should still be possible though, just can't think of something right now :e

 

[pbd]

It will use 10.0.0.1 as a source address but your routing table will send it directly to the interface.

That's exactly the problem.

 

[ecazamir]

I think that your goal is hard to reach. Your setup is similar to a NIC with multiple IP addresses assigned to it. You could do such things by using VMWare and using two virtual switches, each assigned to a physical NIC. As long as you use only FreeBSD, AFAIK, the only thing that may help is 'pf', pf's rules can bypass the kernel's routing table. Check 'route-to' option of pf. To make this work, you still need a 'next-hop address', i.e.: a router, between your networks.

Other useful feature you may be interested in is FIB, controlled by the setfib(2) utility.

 

[bbzz]

It's impossible. It's because the administrative weight (the preference) of directly connected interface is always greater than anything else (and so FreeBSD will never route out of one interface, only to reach its other interface). The only way is if you use some kind of visualization and you technically separate two interfaces from each other as belonging to the same system.

 

[gkontos]

You could but since those networks are statically connected you might end up eventually with asymmetric routing.

 

[aragon]

Why is this so elusive? Just use pf(4)'s route-to/reply-to or ipfw(4)'s fwd.

 

[bbzz]

Why is this so elusive? Just use pf(4)'s route-to/reply-to or ipfw(4)'s fwd.

Isn't that for load balancing however? I don't think this would work.

 

[Zare]

setfib(1).

Create another routing table, delete the 192.168.0.0 entry (link#n). If default gateway resides on 10.0.0.0 network, then it's done. If not, make a route.

If you want to do out of the ordinary, complex setups on one machine/multiple networks/NICs, I strongly suggest that you use jail/vimage mechanisms.