Getting routes to stick through reboot
-
I have a server that needs a static route set up, I haven't figure out anyway to add this to the routing table in the pfsense GUI. I do it at the shell by doing:
route add -net xxx.xxx.xxx.xxx/32 -iface em1
route add default xxx.xxx.xxx.xxx(The IP addresses are the same in both of these commands).
I'm not a networking guru but I believe the reason these commands are needed is because my gateway is actually on a different subnet from the WAN IP that PFSense is running on (OVH Configuration and it has to be done that way). Without these commands, pfsense cannot see the internet, and cannot be accessed from the internet.
The problem is, if I reboot the box for any reason, the routes are lost. After they are set up they show up in the Status -> Routes list, where the first one has the destination being the IP and the Gateway shows as the MAC address of the em1 interface. I tried duplicating this in the System -> Routes section but it will not allow me to put a MAC address for the gateway there.
How can I get these routes to stick through a reboot? I don't really plan on rebooting it much but I'm just concerned about unexpected power loss or reboot for any other reason effecting it.
-
System: Routing: Static Routes
-
Thanks, but as I said, I tried that and am unable to duplicate the routes as they show when I add them by the command. The System -> Routing will not let me add a route that has a gateway of the NICs MAC address.
Is there something else I should add there instead? I don't know enough about routes and such to know what it means when it shows me having a gateway of a mac address when doing the command at the shell.
-
The System -> Routing will not let me add a route that has a gateway of the NICs MAC address.
Uhhhh, what?
Routes are an L3 concept, which has nothing to do with the MAC address. Add the address you want in the "Gateways" section, then add the route you want in the "Routes" section.
Some more information on what you're trying to fix would help, because if you're trying to route to a /32 address as your gateway, you obviously have some unique configuration that is likely not direct from your ISP. Unless you're routing to a loopback interface, your configuration makes no sense (and even if you are, having a /32 as your gateway isn't a great idea. Bump it to at least a /30 and stick with some standards).If you're deadset on staying with this config or are just unable to change it, this may help.
-
The System -> Routing will not let me add a route that has a gateway of the NICs MAC address.
Uhhhh, what?
Routes are an L3 concept, which has nothing to do with the MAC address. Add the address you want in the "Gateways" section, then add the route you want in the "Routes" section.
Some more information on what you're trying to fix would help, because if you're trying to route to a /32 address as your gateway, you obviously have some unique configuration that is likely not direct from your ISP. Unless you're routing to a loopback interface, your configuration makes no sense (and even if you are, having a /32 as your gateway isn't a great idea. Bump it to at least a /30 and stick with some standards).If you're deadset on staying with this config or are just unable to change it, this may help.
As I said, the gateway is provided by the host (OVH), and is on a different subnet from the external IP of PFSense. I'm not really sure what "more information" I can give. All I can say is if you read those commands above that I run in the shell, when I go to Diagnostics -> Routes, the route that has the destination of the actual gateway IP, shows that route's gateway as the PFSense WAN MAC address. That is what PFSense is showing, I didn't configure it that way. If I simply try adding the IP of the gateway in a different subnet, PFSense complains about the gateway being on a different subnet. I don't know what the proper way of adding it is since this is what PFSense is showing me after I run those commands in the shell.
That link you provided is doing exactly what I've already said I did, except it does not cover how to get the route to stick through a reboot. If I reboot the routes added with the route command go away. It even says in that link:
It is not possible to create such routes using the Web interface…
Speaking directly about the way the routes have to be created on a different subnet with OVH.
That article you linked, also has a screenshot in it of the Diagnostics: Routing Tables page, that has the same thing, it has a MAC address as the Gateway for the route with a Destination of the actual gateway IP. It's the one that is mostly blacked out in the screenshot, but you can make out enough of it to tell that it is a mac address.
So, I just need to know how to make these manually added routes, stick through a reboot. Is there an initialization file or something like that, that I can simply add the commands to in order for them to auto run at boot? I'm just not familiar enough with a FreeBSD based system to know how to do this.
-
That link you provided is doing exactly what I've already said I did, except it does not cover how to get the route to stick through a reboot. If I reboot the routes added with the route command go away. It even says in that link:
It is not possible to create such routes using the Web interface…
It says that only if you don't read far enough:
It is not possible to create such routes using the Web interface then once more the shellcmd module come to rescue to setup the route at startup.
The whole section after that details how to get the routes to persist.
-
That link you provided is doing exactly what I've already said I did, except it does not cover how to get the route to stick through a reboot. If I reboot the routes added with the route command go away. It even says in that link:
It is not possible to create such routes using the Web interface…
It says that only if you don't read far enough:
It is not possible to create such routes using the Web interface then once more the shellcmd module come to rescue to setup the route at startup.
The whole section after that details how to get the routes to persist.
Ahh, I see it is referencing an actual module ShellCmd, not just meaning a Shell command as I read it. I missed it talking about that because it's a little tiny section buried between talk about DMZ and OPT lans that don't pertain to my configuration. It doesn't really go into detail on what that module does, I'm assuming it simply runs those shell cmds at pfsense startup or something.