1. Home
  2. pfSense® Software
  3. Routing and Multi WAN
  4. routing: forward vs redirect

routing: forward vs redirect

  • E

    Let me preface by saying this is my first pfsense installation and configuration. i'm more used to the cisco/fortinet/mikrotik and even straight linux network/firewall.

    i'm trying to do a simple routing, based on dest network.

    it's running on a kvm virtualization, with 1 (bridged) network interface.
    since there's only 1 interface, i have to define it twice on the vm, because pfsense require WAN setup.

    i disabled wan, this unit is actually an internal router, i mainly use these routers to do routing. just within LAN.
    here's the basic setup:
    hosts that need routing: 10.10.x.x/16
    internal router (pfsense): 10.10.3.13/16
    ext gateway1: 10.10.0.1/16
    ext gateway2: 10.10.3.9/16
    ext gateway3: 10.10.24.1/16

    the job of the internal router is to route based on source and destination IP address.

    currently, if i just put static route:
    dest x.x.x.x via gateway1

    from host 10.10.x.x, ping x.x.x.x
    pfsense actually tell the host to redirect the packet to gateway1
    instead of forwarding the packet to gateway1

    can pfSense be configured to just forward the packet to gateway1 on the same LAN interface?

    0 V 1 Reply
  • V

    @esunarto said in routing: forward vs redirect:

    it's running on a kvm virtualization, with 1 (bridged) network interface.

    Why only one interface?
    The machine is virtualized, so you can assign as many interfaces as needed to it, independently from the hardware.

    0 E 1 Reply
  • johnpoz
    LAYER 8 Global Moderator

    @esunarto said in routing: forward vs redirect:

    can pfSense be configured to just forward the packet to gateway1 on the same LAN interface?

    And that would be an asymmetrical mess!!

    0 E 1 Reply
  • E

    @viragomann i did assign 2 virtual nic to the 1 interface. i meant that hardware wise, there's only 1 logical interface on the vm host.

    0
  • E

    @johnpoz You're correct, it'll be asymmetrical.
    what would be the ideal setup for this scenario? just masquerade everything into the router's IP ?
    is it possible to push routing table to linux VMs without having to configure each one individually?

    0
  • johnpoz
    LAYER 8 Global Moderator

    The ideal setup would be a transit network connecting your other router to pfsense. Simple, clean - no asymmetrical issues.

    0 E 1 Reply
  • E

    @johnpoz thanks for taking the time to suggest transit network. I've actually never heard of it before. My quick Google search only yield to definition, not practical guide. Any article you can point me to?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy