Hello all, total newcomer to FreeBSD, though some experience with its younger cousin, you know, the one with the penguin.
Anyhow, I want to set my FreeBSD box up to be a gateway / firewall; I am still in the phase of organizing network &c; and for some arcane that to me is not understandable I lose route definitions with every reboot. In fact, when I ping or ping6 google.com i get "no route" warnings, 100% packet loss. But after adding manually route definitions things go back to working order. Within my rc.conf file i have configured:
defaultrouter="192.168.0.1" as my ipv4 default route and
ipv6_defaultrouter="2001:818:d9d9:ba00::1" as my default ipv6 route.
apart from the necessary, static addresses for IPv4 and IPv6 for igb0 (WAN interface). I want the igb1 interface to serve up IPv4 and IPv6 addresses over an IPv4 /16 and the ba01 subnet for my ISP assigned, /56 subnet, with further delegation to prefixes ba02 to ba05.
Am I doing things correctly here, or am I missing something obvious?
Re: my /etc/rc.conf reads as follows=
TIA.
Anyhow, I want to set my FreeBSD box up to be a gateway / firewall; I am still in the phase of organizing network &c; and for some arcane that to me is not understandable I lose route definitions with every reboot. In fact, when I ping or ping6 google.com i get "no route" warnings, 100% packet loss. But after adding manually route definitions things go back to working order. Within my rc.conf file i have configured:
defaultrouter="192.168.0.1" as my ipv4 default route and
ipv6_defaultrouter="2001:818:d9d9:ba00::1" as my default ipv6 route.
apart from the necessary, static addresses for IPv4 and IPv6 for igb0 (WAN interface). I want the igb1 interface to serve up IPv4 and IPv6 addresses over an IPv4 /16 and the ba01 subnet for my ISP assigned, /56 subnet, with further delegation to prefixes ba02 to ba05.
Am I doing things correctly here, or am I missing something obvious?
Re: my /etc/rc.conf reads as follows=
Code:
hostname="[my host name]"
gateway_enable="YES"
IPv6_gateway="YES"
ipv6_ipv4mapping="YES"
rtadvd_enable="YES"
rtadvd_interfaces="igb1"
rtsold_enable="YES"
ifconfig_igb0="inet 192.168.0.254/24"
ifconfig_igb0_ipv6="inet6 2001:818:d9d9:ba00::2 prefixlen 64"
defaultrouter="192.168.0.1"
ipv6_defaultrouter="2001:818:d9d9:ba00::1"
ifconfig_igb1="inet 172.16.0.1/16"
ifconfig_igb1_ipv6="inet6 2001:818:d9d9:ba01::1 prefixlen 64"
local_unbound_enable="YES"
sshd_enable="YES"
ndproxy_enable="YES" #I know I enable my ISP's broken IPv6 config with this but let's face it it's more likely that an ISP changes their IPv6 design than the Everest moves
moused_enable="YES"
powerd_enable="YES"
ndproxy_uplink_interface="igb0"
ndproxy_downlink_mac_address="[mac address for igb1]"
ndproxy_uplink_ipv6_addresses="2001:818:d9d9:ba00::2"
dumpdev="AUTO"
Last edited by a moderator: