On Sat, May 14, 2016 at 10:53:49PM +0200, Piotr Kubaj wrote: > Hi, > > I need help with multiple routing tables, because the tutorials on the > Internet is pretty much scarce. The router is Ubiquiti EdgeRouter Lite > running OpenBSD 5.9. > > > I've got two public IP's attached by DHCP - since I don't want to use > multiple physical NIC's, I use two vether interfaces (with different > MAC's) in bridge with a physical NIC (cnmac0). > > Behind the router, I've got a home server with FreeBSD running multiple > jails. The server itself and all jails but one are to use the vether0 > NIC on the router with its IP. One jail (running Tor exit node) is to > use the vether1 NIC with its IP. > > > That's why two routing tables are necessary. > > The whole server is in 192.168.11.0/24 class with Tor jail using > 192.168.11.13 (other services use other IP's). > All outgoing and incoming traffic from 192.168.11.13 is to use vether1 > NIC. Other IP's are to use vether0 for all the traffic.
> When I want to add 192.168.11/24 class to rdomain2, I get: > # route -T 2 add 192.168.11/24 192.168.11.1 > route: writing to routing socket: Network is unreachable > add net 192.168.11/24: gateway 192.168.11.1: Network is unreachable You cannot reach 192.168.11.1 in rdomain 2 because there is no interface in rdomain 2 which has an address from 192.168.11/24. They key point seems to be that you're trying to route between different rdomains. I believe you must use pf to route traffic coming from this IP (which is in rdomain 0) to vether1 (which is in rdomain 2) See the pf.conf man page and search for 'rdomain' and 'rtable'.
