Two Interfaces on Single Host, Aren't Routing Traffic (one physical one virtual)

[BawdyAnarchist]

I am having trouble getting gateway and routed to properly route traffic between 2 interfaces on a single host.

The host has interfaces:

• igb0 inet 192.168.100.11/24 ; default_route="192.168.100.1" (my physical router)
• epair0a inet 10.0.0.1/8
• gateway and routed are enabled

The jail has virtual interface: epair0b inet 10.0.0.2/8 ; default_route="10.0.0.1"
ping 10.0.0.1 shows immediate response
ping 192.168.100.11 shows immediate response
ping 192.168.100.1 shows nothing

I don't understand how my jail can ping igb0 with no issue, but can't reach the outside world. It was my understanding that a host with 2 interfaces and routed_enable would forward packets between the two. Please advise.

 

[SirDice]

Don't enable routed(8), it's a very old dynamic routing protocol (RIP), and you don't need it. You do need to enable gateway_enable in rc.conf. Besides the routes going out, you also need to verify the return routes. I suspect your packets are correctly being routed going out but the returning packets don't know where to go. You probably need to add a static route in your router, telling it it can find 10.0.0.0/8 behind 192.168.100.11.

 

[BawdyAnarchist]

Thank

Don't enable routed(8), it's a very old dynamic routing protocol (RIP), and you don't need it. You do need to enable gateway_enable in rc.conf. Besides the routes going out, you also need to verify the return routes. I suspect your packets are correctly being routed going out but the returning packets don't know where to go. You probably need to add a static route in your router, telling it it can find 10.0.0.0/8 behind 192.168.100.11.

Thanks. Yes, I believe this was the problem as well. I finally dug up an old post here, where you advised the same. Ultimately I don't think my commercial ISP owned router allows me to do that, so I just went with NAT as the solution.