On Sun, May 02, 2010 at 04:36:00PM -0400, Chris Buechler wrote: > On Sun, May 2, 2010 at 2:30 PM, Scott Lambert <[email protected]> wrote: > > On Sun, May 02, 2010 at 01:03:50PM +0200, Eugen Leitl wrote: > >> I'm attempting to simulate a production network 88.198.238.112/28 > >> with gateway 88.198.238.113 on the OPT1 interface (set to 88.198.238.113) > >> but I'm too dense to figure out how override the default route, which sends > >> the packet to WAN. > >> > >> I obviously need to do something along the lines of > >> route add -net 88.198.238.112/28 88.198.238.113 > > > > No, I believe you have what you want simply by specifying the IP and > > netmask on the the OPT1 interface. If there is a subnet other than > > 88.198.248.112/28 which you want to speak to across the OPT1 interface, > > you may want to specify the gateway, on the OPT1 interface, of the > > router which knows how to speak to that other subnet. Then you would > > add a static route.
I've had that working with a private address range, so I was surprised this didn't work with the public IPs. Of course the reason it didn't work is that I made a typo. My second step will be adding static routes for a couple networks, using OPT1 as default gateway (this is a lab setup, I need to check carp+pfsync pfsense cluster failover before I put it into production). > > > > Exactly that. If you have OPT1 configured with that subnet, and > traffic to that destination subnet is going out WAN, then you probably > haven't enabled OPT1 or have its IP info wrong or maybe don't have > that NIC plugged in. It was a mistake on my part -- typo in the OPT1 network. I actually checked for that, but made a second mistake in the hurry. Thanks everybody. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
