Are you going to load a full internet BGP routing table? Is that why you do not want a default? Remember that even if you have a default route any route that is more specific will take preference. I dont see the problem? And if you want to prevent any unknown IP destination being routed to your uplink providers I guess you can set a default gw that is part of a unrouted vlan with a bogus ip. That way all unknown traffic is routed to a unreachable destination.
HTH. Brgds, Espen 10. mars 2015 13:21 skrev "Shannon Gernyi" <shannon.ger...@xsv.com.au>: > Hi Mark - this is exactly what I'm seeing - and it would be fine if there > were a way to not set a static default. > > Unfortunately, when unchecking the "Default gateway" box in the system> > routing menu, this selection isn't honoured. > > Cheers, > > Shannon > https://www.linkedin.com/in/shannongernyi > > ------------------------------ > *From: *"Mark Tinka" <mark.ti...@seacom.mu> > *To: *list@lists.pfsense.org > *Sent: *Tuesday, 10 March, 2015 10:19:30 PM > *Subject: *Re: [pfSense] Have you set up a system with "no" default route? > > > > On 10/Mar/15 10:21, Shannon Gernyi wrote: > > Hi Guys, > > First time poster to the list - I've spent some time searching without too > much luck. Could be ambiguity in my search queries. > > I'm putting out some new firewalls shortly, and like many already in > place, I'll be using openBGPd to interface with our provider. > > I'd like to also make use of BGP for internal failover to an alternate > route, however, it's become evident that it's not within design to be able > to have no "default router" selected as a static route. This is causing > issues as we receive a default announcement from our providers, and I'd > also like to use default announcements for alternate paths, etc, however > openBGPd doesn't seem to want to override the already configured static > route. > > Have you come up against this, and if so, what hackery did you do to work > around it? > > > I haven't used OpenBGPd, but in general routing, static routing trumps > dynamic routing on a well-engineered platform. This could be what you're > seeing. > > Mark. > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold >
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
