Advertising Default Route RIP
-
Hey Guys,
Need help with routing traffic over private WAN links and back out to a public facing link using RIP to advertise routes to sites.
Scenario is as follows:
Site A has an internet facing link (IP 59.xx.xx.xx/30 GW 59.xx.xx.yy/30) and a WAN link (IP 172.22.0.14/30 & GW 172.22.0.13/30)
Site B is only connected to the WAN link (IP 172.22.0.6/30 GW 172.22.0.5/30)
I cannot get any internet bound traffic to route from Site B to Site A via the WAN link and then out through to the internet.
From Site B I can ping the internet facing gateway 59.xx.xx.xx and if I do a manual outbound NAT entry I can ping the providers upstream gateway 59.xx.xx.yy as well.
I can also reach the LAN on both ends without issue.I have RIP in place and it is advertising routes but from what I can see I need Site A to advertise its default route correctly to Site B
I've tried manually changing the default route on Site B to be the WAN IP of Site A, Internet IP and LAN IP all without success.I have a rule that allows traffic coming in on Site A's WAN Link to pass through to the internet facing gateway and can see this working in Syslogs.
Completely out of ideas now and I've been hunting down google for hours now and have read the BSD article on routed so many times now my eyes are falling out.
If someone could give me some direction or any help it would be much appreciated.
Thanks
-
I'm starting to believe that the routed daemon in pfSense has some stripped functionality.
Even if I use these examples
root@localhost: routed -g
~ routed -F 0/0,1
Adding fake_default=1 to /etc/gatewaysNo default route is sent out.
If I try to do something like adding this to /etc/gateways
net 0.0.0.0 gateway 172.22.0.14 metric 1 activeI get a bad net message saying I can't have that as the default route which is confusing as I can find a few people that have used something like that as an example or in lab scenarios.
Seriously how hard can it be to get a default route to go out correctly? This is easily implemented most all other mainstream firewalls such as Juniper or Cisco firewalls.
For example Cisco has the 'default-originate' option in it's RIP settings as well on most IOS UI's - same goes for Juniper.