List Info

Thread: Multiple routing tables in action...
Multiple routing tables in action...
country flaguser name
United States		 2008-04-26 10:44:30 
A little progress report

 From a recently installed (6.3) machine.... (plus patches)

wsa02:julian 9] setfib -0 netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use
 Netif Expire
default            172.28.14.1        UGS         0      788
  bce1
127.0.0.1          127.0.0.1          UH          0      379
   lo0
172.28.5/24        172.28.14.1        UGS         0       10
  bce1
172.28.6.32/28     link#2             UC          0        0
   em0
172.28.6.33        00:15:2b:46:56:90  UHLW        1        0
   em0   1190
172.28.14/24       link#6             UC          0        0
  bce1
172.28.14.1        00:04:23:b5:a9:2b  UHLW        3        0
  bce1   1117
wsa02:julian 10] setfib -1 netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use
 Netif Expire
default            172.28.6.33        UGS         0        0
   em0
1.1.1/28           172.28.6.33        UGS         0        0
   em0
127.0.0.1          127.0.0.1          UH          0        1
   lo0
172.28.5/24        172.28.6.33        UGS         0        6
   em0
172.28.6.32/28     link#2             UC          0        0
   em0
172.28.6.33        00:15:2b:46:56:90  UHLW        4        6
   em0   1182
wsa02:rjulian 11]

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
user name
 2008-04-26 13:09:05 
when do we get to see those patches ? 

On Sat, Apr 26, 2008 at 6:44 PM, Julian Elischer
<julianelischer.org> wrote:
> A little progress report
>
>  From a recently installed (6.3) machine.... (plus
patches)
>
>  wsa02:julian 9] setfib -0 netstat -rn
>  Routing tables
>
>  Internet:
>  Destination        Gateway            Flags    Refs   
  Use  Netif Expire
>  default            172.28.14.1        UGS         0   
  788   bce1
>  127.0.0.1          127.0.0.1          UH          0   
  379    lo0
>  172.28.5/24        172.28.14.1        UGS         0   
   10   bce1
>  172.28.6.32/28     link#2             UC          0   
    0    em0
>  172.28.6.33        00:15:2b:46:56:90  UHLW        1   
    0    em0   1190
>  172.28.14/24       link#6             UC          0   
    0   bce1
>  172.28.14.1        00:04:23:b5:a9:2b  UHLW        3   
    0   bce1   1117
>  wsa02:julian 10] setfib -1 netstat -rn
>  Routing tables
>
>  Internet:
>  Destination        Gateway            Flags    Refs   
  Use  Netif Expire
>  default            172.28.6.33        UGS         0   
    0    em0
>  1.1.1/28           172.28.6.33        UGS         0   
    0    em0
>  127.0.0.1          127.0.0.1          UH          0   
    1    lo0
>  172.28.5/24        172.28.6.33        UGS         0   
    6    em0
>  172.28.6.32/28     link#2             UC          0   
    0    em0
>  172.28.6.33        00:15:2b:46:56:90  UHLW        4   
    6    em0   1182
>  wsa02:rjulian 11]
>
>  _______________________________________________
>  freebsd-netfreebsd.org mailing list
>  http://lists.freebsd.org/mailman/listinfo/freebsd-net
>  To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
>



-- 
"UNIX is basically a simple operating system, but you
have to be a
genius to understand the simplicity." Dennis Ritchie
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
country flaguser name
United States		 2008-04-26 18:04:18 
Ivo Vachkov wrote:
> when do we get to see those patches ? 

for -current: http://www.fr
eebsd.org/~julian/mrt.diff
for releng_6: http://www.f
reebsd.org/~julian/mrt6.diff

> 
> On Sat, Apr 26, 2008 at 6:44 PM, Julian Elischer
<julianelischer.org> wrote:
>> A little progress report
>>
>>  From a recently installed (6.3) machine.... (plus
patches)
>>
>>  wsa02:julian 9] setfib -0 netstat -rn
>>  Routing tables
>>
>>  Internet:
>>  Destination        Gateway            Flags   
Refs      Use  Netif Expire
>>  default            172.28.14.1        UGS        
0      788   bce1
>>  127.0.0.1          127.0.0.1          UH         
0      379    lo0
>>  172.28.5/24        172.28.14.1        UGS        
0       10   bce1
>>  172.28.6.32/28     link#2             UC         
0        0    em0
>>  172.28.6.33        00:15:2b:46:56:90  UHLW       
1        0    em0   1190
>>  172.28.14/24       link#6             UC         
0        0   bce1
>>  172.28.14.1        00:04:23:b5:a9:2b  UHLW       
3        0   bce1   1117
>>  wsa02:julian 10] setfib -1 netstat -rn
>>  Routing tables
>>
>>  Internet:
>>  Destination        Gateway            Flags   
Refs      Use  Netif Expire
>>  default            172.28.6.33        UGS        
0        0    em0
>>  1.1.1/28           172.28.6.33        UGS        
0        0    em0
>>  127.0.0.1          127.0.0.1          UH         
0        1    lo0
>>  172.28.5/24        172.28.6.33        UGS        
0        6    em0
>>  172.28.6.32/28     link#2             UC         
0        0    em0
>>  172.28.6.33        00:15:2b:46:56:90  UHLW       
4        6    em0   1182
>>  wsa02:rjulian 11]
>>
>>  _______________________________________________
>>  freebsd-netfreebsd.org mailing list
>>  http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>  To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
>>
> 
> 
> 

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
user name
 2008-04-26 21:03:37 
Sorry for my late entry into this interesting subject,
however, what
exactly was the original post displaying?  I have 6.3-Stable
running,
and I don't even have the first command listed as
"setfib", on my
system.

What did the setfib -l command do, so that you were able to
see two
distinctly different routing tables?

On Sat, 2008-04-26 at 21:09 +0300, Ivo Vachkov wrote:
> when do we get to see those patches ? 
> 
> On Sat, Apr 26, 2008 at 6:44 PM, Julian Elischer
<julianelischer.org> wrote:
> > A little progress report
> >
> >  From a recently installed (6.3) machine.... (plus
patches)
> >
> >  wsa02:julian 9] setfib -0 netstat -rn
> >  Routing tables
> >
> >  Internet:
> >  Destination        Gateway            Flags   
Refs      Use  Netif Expire
> >  default            172.28.14.1        UGS        
0      788   bce1
> >  127.0.0.1          127.0.0.1          UH         
0      379    lo0
> >  172.28.5/24        172.28.14.1        UGS        
0       10   bce1
> >  172.28.6.32/28     link#2             UC         
0        0    em0
> >  172.28.6.33        00:15:2b:46:56:90  UHLW       
1        0    em0   1190
> >  172.28.14/24       link#6             UC         
0        0   bce1
> >  172.28.14.1        00:04:23:b5:a9:2b  UHLW       
3        0   bce1   1117
> >  wsa02:julian 10] setfib -1 netstat -rn
> >  Routing tables
> >
> >  Internet:
> >  Destination        Gateway            Flags   
Refs      Use  Netif Expire
> >  default            172.28.6.33        UGS        
0        0    em0
> >  1.1.1/28           172.28.6.33        UGS        
0        0    em0
> >  127.0.0.1          127.0.0.1          UH         
0        1    lo0
> >  172.28.5/24        172.28.6.33        UGS        
0        6    em0
> >  172.28.6.32/28     link#2             UC         
0        0    em0
> >  172.28.6.33        00:15:2b:46:56:90  UHLW       
4        6    em0   1182
> >  wsa02:rjulian 11]
> >
> >  _______________________________________________
> >  freebsd-netfreebsd.org mailing list
> >  http://lists.freebsd.org/mailman/listinfo/freebsd-net
> >  To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
> >
> 
> 
> 

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
country flaguser name
United States		 2008-04-29 12:14:59 
Wilkinson, Alex wrote:
>     0n Sat, Apr 26, 2008 at 08:44:30AM -0700, Julian
Elischer wrote: 
> 
>     >A little progress report
>     >From a recently installed (6.3) machine....
(plus patches)
> 
> Ok, being ignorant to this, possibly a silly question:
> 
>   Why would i want or need multiple routing tables ?

any time you wnat to base a route upon something other than
just
the destination address.  It's basically called "Policy
based
routing".


Trivial examples:
You have two ISPs and you want to send all SMTP via one link
and
all other traffic via the other.

You have 3 ISPs and want all traffic from the accounting
department
to go via a particular path (that is encrypted) but regular
office
chatter to go via another.

I have other more complex examples in my work.

I'm sure others have more solid examples as well.

google for policy routing.
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
user name
 2008-04-29 13:43:22 
On Tuesday 29 April 2008 20:19:14 Julian Elischer wrote:
> Paul wrote:
> > I've been waiting for something like this.  Linux
has done policy
> > routing for many many years and is very good at
it.  I prefer to use
> > FreeBSD for routing though and this is a feature I
have been waiting
> > for  Mainly to
use with BGP , having multiple BGP routing tables.  
> > I would like it to be similar to Cisco's VRF or
Juniper's routing
> > instance, but maybe that's asking too much.  We
use it on our
> > hardware routers for implementations such as
having multiple bgp
> > route tables and having customer bandwidth pricing
change based on
> > which routing table their traffic gets , say..
value customers,
> > premium customers, customers who want only certain
carriers in their
> > bandwidth mix, etc.   Would be fun to have support
for FBSD with
> > quagga/openbgpd etc.. and be able to use dscp for
marking or any
> > other policy based rule (source ip for instance).
> >
> > Thanks Julian.. This is a step forward in the
right direction 
>
> The interaction with routing daemons is something I
don't know
> enough about. I need someone who knows routing daemons
to tell
> how to correctly tweek code that sends routing events.
>
> I think it is possible that events from a particular
FIB should only
> be reported to routing sockets that are associated with
that FIB.
> but I'm not sure about this.
>
> This would mean running a separate instance of the
routing daemon for
> each FIB (VRF?).  Does this sound right to people?

OpenBSD "added"[1] a field to the rt_msghdr to
indicate/select the 
source/destination table.  If we were to do the same at
least OpenBGPB 
should work with fairly minimal changes.

I think it's a sensible approach, too.  A routing daemon
wouldn't have to 
select over a dozen sockets to do what is needed and it will
be much 
easier as well.  If easily done, a way to "bind" a
route socket to a 
table id would also be nice as it would easily make things
work with 
multi table oblivious daemons.

[1]http://www.openbsd.org
/cgi-bin/cvsweb/src/sys/net/route.h.diff?r1=1.44&r2=1.45
&f=h

> > Julian Elischer wrote:
> >> Wilkinson, Alex wrote:
> >>>     0n Sat, Apr 26, 2008 at 08:44:30AM
-0700, Julian Elischer wrote:
> >>>     >A little progress report
> >>>     >From a recently installed (6.3)
machine.... (plus patches)
> >>>
> >>> Ok, being ignorant to this, possibly a
silly question:
> >>>
> >>>   Why would i want or need multiple
routing tables ?
> >>
> >> any time you wnat to base a route upon
something other than just
> >> the destination address.  It's basically
called "Policy based
> >> routing".
> >>
> >>
> >> Trivial examples:
> >> You have two ISPs and you want to send all
SMTP via one link and
> >> all other traffic via the other.
> >>
> >> You have 3 ISPs and want all traffic from the
accounting department
> >> to go via a particular path (that is
encrypted) but regular office
> >> chatter to go via another.
> >>
> >> I have other more complex examples in my
work.
> >>
> >> I'm sure others have more solid examples as
well.
> >>
> >> google for policy routing.
> >>
_______________________________________________
> >> freebsd-netfreebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> >> To unsubscribe, send any mail to
> >> "freebsd-net-unsubscribefreebsd.org"
>
> _______________________________________________
> freebsd-netfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"



-- 
/"  Best regards,                      | mlaierfreebsd.org
 /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.l
ove2party.net/  | mlaierEFnet
/   ASCII Ribbon Campaign              | Against HTML Mail
and News
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
country flaguser name
United States		 2008-04-29 13:57:33 
Max Laier wrote:
> On Tuesday 29 April 2008 20:19:14 Julian Elischer
wrote:
>> Paul wrote:
>>> I've been waiting for something like this. 
Linux has done policy
>>> routing for many many years and is very good at
it.  I prefer to use
>>> FreeBSD for routing though and this is a
feature I have been waiting
>>> for  Mainly to
use with BGP , having multiple BGP routing tables.  
>>> I would like it to be similar to Cisco's VRF or
Juniper's routing
>>> instance, but maybe that's asking too much.  We
use it on our
>>> hardware routers for implementations such as
having multiple bgp
>>> route tables and having customer bandwidth
pricing change based on
>>> which routing table their traffic gets , say..
value customers,
>>> premium customers, customers who want only
certain carriers in their
>>> bandwidth mix, etc.   Would be fun to have
support for FBSD with
>>> quagga/openbgpd etc.. and be able to use dscp
for marking or any
>>> other policy based rule (source ip for
instance).
>>>
>>> Thanks Julian.. This is a step forward in the
right direction 
>> The interaction with routing daemons is something I
don't know
>> enough about. I need someone who knows routing
daemons to tell
>> how to correctly tweek code that sends routing
events.
>>
>> I think it is possible that events from a
particular FIB should only
>> be reported to routing sockets that are associated
with that FIB.
>> but I'm not sure about this.
>>
>> This would mean running a separate instance of the
routing daemon for
>> each FIB (VRF?).  Does this sound right to people?
> 
> OpenBSD "added"[1] a field to the rt_msghdr
to indicate/select the 
> source/destination table.  If we were to do the same at
least OpenBGPB 
> should work with fairly minimal changes.

I would like someone who knows routing daemons to add this
or tell me what needs to be done.

> 
> I think it's a sensible approach, too.  A routing
daemon wouldn't have to 
> select over a dozen sockets to do what is needed and it
will be much 
> easier as well.  If easily done, a way to
"bind" a route socket to a 
> table id would also be nice as it would easily make
things work with 
> multi table oblivious daemons.

I already have a socket option that works on routing sockets
to bind 
them to a FIB.

and /usr/bin/setfib can be used to make a fib-unaware
process bind by 
default to a set fib.
e.g. setfib -2 routed [args]




> 
> 

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: Multiple routing tables in action...
country flaguser name
Russian Federation		 2008-05-11 04:20:46 
On Tue, Apr 29, 2008 at 12:11:03PM -0700, Julian Elischer
wrote:

> >Then you can export RIB entries , say 
> >you have 5 BGP peers and you want to export 2 or 3
or all of them into 
> >the 'main' routing instance you can set up a policy
to add those learned 
> >routes into the main instance and v-v.
> >Linux behaves a little bit differently as you have
to make an 'ip rule' 
> >entry for it but it doesn't use the firewall.
> 
> for now this code asks you to use a firewall to
classify incoming 
> packets..
> 
> e.g.
> 100 setfib 2 ip from any to any in recv em0

Is is possible to extend ifconfig to classify incoming
packets ?


-- 
Igor Sysoev
http://sysoev.ru/en/
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
[1-8]

about | contact  Other archives ( Real Estate discussion Medical topics )