On Tue, Oct 13, 2020 at 12:01:17PM +0200, Rocky Hotas wrote: > I probably have no difficulties in configuring the routing as regards the > netbsd_gateway host itself. Something like: > > Internet: > Destination Gateway Flags Refs Use Mtu > Interface > default modem_IP UG - - - NIC2 > 127/8 localhost UGR - - 33624 lo0 > localhost lo0 UHl - - 33624 lo0 > subnet2 link#2 U - - - > NIC2 > subnet1 link#1 UHl - - - > NIC1 > > But when netbsd_gateway receives a packet from a host in subnet1, whose > destination is a remote host in the internet, how must it be instructed > to forward the packet to modem_IP through NIC2?
With above routing table this should already happen - no concrete local subnet matching, so it will pick "default". > With a routing table > entry, or with a rule (the `pass stateful out all' in soho_gw-npf.conf) > in npf? That rule does not change routing, it just allows the packet to go out, and also creates a NAT state entry so any answers are allowed back in. In general it is best to get packet flow working first and then start caring about filtering, but with NAT this is tricky. Martin
