From owner-FreeBSD-users-jp@jp.FreeBSD.org Fri Aug 16 02:06:48 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g7FH6mS17891;
	Fri, 16 Aug 2002 02:06:48 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from musuka.com (zaq3dcdac2d.zaq.ne.jp [61.205.172.45])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g7FH6k317886
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Fri, 16 Aug 2002 02:06:47 +0900 (JST)
	(envelope-from dialsow@musuka.com)
Received: from localhost (dns.musuka.com [61.205.172.45])
	by musuka.com (Postfix) with ESMTP id 61AEC2110F
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Fri, 16 Aug 2002 02:06:45 +0900 (JST)
Message-Id: <20020816.020645.74744228.dialsow@musuka.com>
To: FreeBSD-users-jp@jp.FreeBSD.org
From: Sowyo Matsumura <dialsow@musuka.com>
X-Mailer: Mew version 2.1 on Emacs 21.2 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Fri, 16 Aug 2002 02:06:45 +0900
X-Sequence: FreeBSD-users-jp 70235
Subject: [FreeBSD-users-jp 70235] ipfw =?ISO-2022-JP?B?GyRCJHI7SBsoQg==?=
 =?ISO-2022-JP?B?GyRCJEMkRhsoQg==?= MultiHome static routing
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: dialsow@musuka.com
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020815

$B>>B<$H$$$&$b$N$G$9!#(B

FreeBSD 4.6-Release $B>e$G%^%k%A%[!<%`$J4D6-$r9=C[$7$h$&$H;W$C$F$$$^$9$,!"(B
$B%Q%1%C%H$N%k!<%F%#%s%0$,>e<j$/$$$-$^$;$s!#(B

$B%M%C%H%o!<%/9=@.$O0J2<$N?^$N$h$&$K$J$C$F$$$^$9!#(B
ISP1$B$H(BISP2$B$ON>J}$H$b(BDHCP$B$GF0E*(BIP$B%"%I%l%9$r<hF@$9$kJ}<0$G$9!#(B

$B"((B 10.20.30.XX $B$d(B11.22.33.XX$B$O2M6u$N(BIP$B%"%I%l%9$G$9!#<B:]$O%0%m!<%P%k(BIP$B%"%I%l%9$G$9!#(B
                                                    
       | ISP1 |      | ISP2 |                     
       ~~~~|~~~      ~~~~|~~~ (10.20.30.254) 
  (11.22.33.1)           |                          
           +---+     +---+                          
               |     |                              
(sis1:         |     |(sis0: 10.20.30.15/23)
  11.22.33.45/22)    |                           
           |~~~|~~~~~~~~~~|                         
           |   +-+        |[FreeBSD 4.6]           
           |     |<NAT>   |                      
           ~~~~~~|~~~~~~~~~                        
                 |(xl0: 192.168.1.1/16)           
                 |                                  

FreeBSD4.6$B%^%7%s$G$O(B $B?t<oN`$N%G!<%b%s$rN)$A>e$2$F$*$j$^$9$,2s@~$NIO<e$5$+$i(B
$B30It$+$i$N%5!<%P%G!<%b%s$X$N%"%/%;%9$O(BISP2$B$rMxMQ$7$F9T$*$&$H;W$$!"(BISP2$B$K$h$k(B
$B2s@~A}6/$r9T$$$^$7$?!#$?$@$7!"(BISP1$B$r;HMQ$7$F$N%m!<%+%k%M%C%H$+$i(BNAT$B$r;HMQ$7$F(B
$B%$%s%?!<%M%C%H@\B3$r0];}$7$?$$$H$$$&$3$H$b$"$j!"$3$N$h$&$J%^%k%A%[!<%`$J(B
$B4D6-$r:n$k$K;j$C$?$o$1$G$9!#(B
$B%^%k%A%[!<%`$,<BMQ>e$I$&$?$i$3$&$?$i$C$F$$$&i%C_$O$$$$$H$7$F$H$j$"$($:9=C[$7$?$$$C$F$3$H$G(B
$B4hD%$j$^$7$?!#(B

$B$^$:(B dhclient $B$G(BIP$B%"%I%l%9$r$b$i$$$K9T$-$^$9$,!"(B /etc/dhclient.conf $BFb$K$F(B interface $B$N;XDj$r(B
sis0 sis1 $B$H$7$?$i!"(B 

# dhclient 

$B$H$$$&%3%^%s%I$G5/F0$5$;$k$@$1$G(Bsis0 sis1 $B$K(BIP$B%"%I%l%9<hF@$NMW5a$rEj$2$F$/$l$^$9!#$G!"(BIP$B%"%I%l%9$OL5;v$K(B
$B<hF@$G$-$^$9!#(B

$B2a5n(BML$B$r8!:w$7$?$H$3$mF1$8$h$&$J;vNc$,Ej9F$5$l$F$$$^$7$?!#(B

http://home.jp.freebsd.org/cgi-bin/showmail/FreeBSD-users-jp/66357
http://home.jp.freebsd.org/cgi-bin/showmail/FreeBSD-users-jp/66362

$B$H$j$"$($:$O(B ipfw $B$N%Q%1%C%H$N%U%)!<%o!<%I$N@k8@$r;H$C$F2DG=$@$H$$$&$3$H$J$N$G!"(B
$BAaB.(Bipfw$B$G$=$N@k8@$rIU$12C$($^$7$?!#(B

(# ipfw [number] add fwd [ISP2 router] all from [IPaddr from ISP2] to not [IPaddr from ISP1] out)
# ipfw 00202 add fwd 10.20.30.254 all from 10.20.30.15/23 to not 11.22.33.45/22 out

$B@_Dj8e!!3F<o%3%^%s%I$G@_Dj$r3NG'(B

# ipfw show
00050 29927 11161995 divert 8668 ip from any to any via sis1
00100 16540  1624616 allow ip from any to any via lo0
00202   192    62976 fwd 10.20.30.254 ip from 10.20.30.0/23 to not 11.22.33.0/22 out
   $B!&(B
   $B!&(B
   $B!&(B

# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            11.22.33.1       UGSc       72   202386   sis1
11.22.33/22        link#3             UC          1        0   sis1
11.22.33.1         00:07:84:64:50:8a  UHLW       71     2580   sis1   1111
11.22.33.45        127.0.0.1          UGHS        8    42678    lo0
127.0.0.1          127.0.0.1          UH          4    18166    lo0
192.168.0/16       link#1             UC          6        0    xl0
192.168.1.1        00:04:75:aa:f8:83  UHLW        2     1952    lo0
192.168.1.2        00:40:26:70:f5:14  UHLW        1       80    xl0    246
192.168.1.4        00:04:75:aa:f7:f6  UHLW        7   192404    xl0    746
192.168.255.255    ff:ff:ff:ff:ff:ff  UHLWb       2      188    xl0
10.20.30/23        link#2             UC          1        0   sis0
10.20.30.15        127.0.0.1          UGHS        0       14    lo0
10.20.30.254       link#2             UHLW        1     6796   sis0


# arp -an
? (11.22.33.1) at 00:07:84:64:50:8a on sis1 [ethernet]
? (192.168.1.1) at 00:04:75:aa:f8:83 on xl0 permanent [ethernet]
? (192.168.1.2) at 00:40:26:70:f5:14 on xl0 [ethernet]
? (192.168.1.4) at 00:04:75:aa:f7:f6 on xl0 [ethernet]
? (192.168.255.255) at ff:ff:ff:ff:ff:ff on xl0 permanent [ethernet]
? (10.20.30.254) at (incomplete) on sis0 [ethernet]

$B$3$3$G(B netstat -rn $B$K$*$$$F(B
10.20.30.254       link#2             UHLW        1     6796   sis0
$B$"$H!"(B arp -an $B$K$F$*$$$F(B
? (10.20.30.254) at (incomplete) on sis0 [ethernet]
$B$NI=<($,JQ$@$H;W$o$l$^$9!#(BMAC$B%"%I%l%9$,I=<($5$l$:(B(incomplete)$B$K$J$C$F$7$^$C$F$$$^$9!#(B

$B$G!"<B:]30It$+$i(B 10.20.30.15$B!!$X(Bping $B$rBG$C$F$b1~Ez$,A4$/$J$/(BTimeout$B$7$F$7$^$$$^$9!#(B
ISP2$B$+$i$N%Q%1%C%H$r=hM}$7$F30$K=P$F9T$/%Q%1%C%H$N(BNext hops$B$r(BISP2$B$N%k!<%?$K9T$/$h$&$K(B
ipfw fwd $B$N@k8@$G$G$-$F$$$k$O$:$J$s$G$9$,!"30It$+$i%"%/%;%9$G$-$^$;$s!#(B
ISP2$B$N%k!<%?(B10.20.30.254$B$N(BMAC$B%"%I%l%9$r%F!<%V%k$KEPO?$9$kJ}K!$C$F$"$k$N$G$7$g$&$+!#(B

$B$A$J$_$K(Bdefault route $B$r(BISP2$B$N%k!<%?(B10.20.30.254$B$H$7$F%k!<%?$K(Bping$B$rBG$D$H@5>o$KDL$j!"(B
ISP2$B$N(BMAC$B%"%I%l%9$b@h$[$I$N(B arp -an$B$N7k2L$KH?1G$5$l$^$9!#(B

$B$3$3$G(B ISP2$BB&$N(BNIC$B$K(BTCPDUMP$B$+$1$F$_$^$7$?!#(B
# tcpdump -i sis0
tcpdump: listening on sis0
01:57:04.620300 arp who-has 10.20.30.15 (0:40:26:a6:68:ad) tell 10.20.30.252
01:57:04.620375 arp reply 10.20.30.15 is-at 0:40:26:a6:68:ad
01:57:05.022371 0:4:28:a1:40:1b > 1:0:c:cc:cc:cc sap aa ui/C
01:57:05.022619 0:4:28:a1:40:1b > 1:0:c:0:0:0 sap aa ui/C
01:57:05.767153 arp who-has 10.20.30.252 tell 10.20.30.252
01:57:09.082111 arp who-has 10.20.30.252 tell 10.20.30.252
01:57:09.091039 arp who-has 10.20.30.251 tell 10.20.30.46
01:57:09.120800 arp reply 10.20.30.46 is-at 0:d0:59:ad:7f:b6 (0:d0:59:ad:7f:b6)
01:57:15.604784 arp who-has 10.20.30.252 tell 10.20.30.252
$B!!!!!!!!!!!!!!!!!!!!!!!!!!!&(B
$B!!!!!!!!!!!!!!!!!!!!!!!!!!!&(B
$B!!!!!!!!!!!!!!!!!!!!!!!!!!!&(B
$B!!!!!!!!!!!!!!!!!!!!!!!!!!!&(B

$B$H1J1s$KB3$/$@$1$G$9!#%F!<%V%k$N8r49$O0l@87|L?$7$F$$$k$N$K%k!<%?$,A4A38+$($F$J$$$N$+$J!&!&(B
$B$H$3$N$h$&$J>u67$G(BISP2$BB&$,%M%C%H%o!<%/$K7R$,$C$F$J$$>uBV$K$J$C$F$^$9!#$3$3$^$GFI$s$G$_$F(B
$B!!$3$3$,$*$+$7$$$s$8$c$J$$!)$_$?$$$J2U=j$,$"$j$^$7$?$i$4;XE&4j$$$^$9!#(B

--------
$B!Z"i&O&X'e&O![(B

Sowyo Matsumura <dialsow@musuka.com>
                <lufin@kitcc.org>

