Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Route to a second gateway

    Routing and Multi WAN
    3
    3
    2471
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Slasher last edited by

      Hello,

      I'm actually testing PFsense to replace IPcop and it seems to be great but a have a problem…

      My network os actually like this :

      • 1 IPcop gateway (that I would like to replace by PFsense) (192.168.2.253)

      • 1 Debian gateway (192.168.2.254)

      • The gateway of the users is the IPcop machine (192.168.2.253)

      • Users are on the network 192.168.2.0/24

      • There is one route on IPcop that redirect to the Debian gateway (192.168.2.254) packets sended to my second network (192.168.1.0/24)

      Actually, it works fine and if I use traceroute on a machine from my network (192.168.2.0/24) to a machine from my second network (192.168.2.0/24) I've got something like this :

      1 * 192.168.2.253
      2 * 192.168.2.254
      3 * ..........
      4 * 192.168.1.10

      After that, a route is automaticaly added on the machine I used to do the traceroute (I can see it with "route print" command) and if I use se same command a second time I've got this :

      1 * 192.168.2.254
      2 * ..........
      3 * 192.168.1.10

      My problem is the fact that with PFsense the route is not added automaticaly on the client machine and the packets must pass throught 192.168.2.253 each time. This is not good because the connection between my two networks become slow.

      Is someone know how to correct this ? This problem is the last point for me to resolve before replacing IPcop by PFsense.

      Thank you.

      1 Reply Last reply Reply Quote 0
      • C
        cmb last edited by

        The route comes from ICMP redirect. To enable sending of ICMP redirects:

        Go to Diagnostics -> Edit File

        Load /etc/sysctl.conf

        Find the net.inet.ip.redirect=0 line and change the 0 to 1, so the line reads:
        net.inet.ip.redirect=1

        Save the file and reboot.

        1 Reply Last reply Reply Quote 0
        • B
          Briantist last edited by

          @cmb:

          The route comes from ICMP redirect. To enable sending of ICMP redirects:

          Go to Diagnostics -> Edit File

          Load /etc/sysctl.conf

          Find the net.inet.ip.redirect=0 line and change the 0 to 1, so the line reads:
          net.inet.ip.redirect=1

          Save the file and reboot.

          I'm not sure if this is the right place for this, but could you post some more information about ICMP redirects, and where you would or would not want to use them? It seems really interesting to me. I never knew this was possible. There was a time a while ago where I wanted to do exactly this but now I can't remember why. Thanks!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post