OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: junglemattie on May 18, 2016, 04:22:52 pm

Title: Multiple routing tables
Post by: junglemattie on May 18, 2016, 04:22:52 pm

Hi,

I'd like to know if OPNsense tends to start supporting multiple routing tables, kernel needs to be recompiled with:

# Multiple routing tables
options         ROUTETABLES=2

When this done it would be possible to setup multiple default gateways instead of having to go around the current way of doing the multi-wan setup

From the looks of it only one fib is currently allowed:

/home/matthew # setfib 0 netstat -rn | grep default
default            x.x.x.x      UGS    bce1_vla

/home/matthew # setfib 1 netstat -rn
setfib: 1: invalid FIB (max 0)

Thanks in advance

Matthew

Title: Re: Multiple routing tables
Post by: junglemattie on May 19, 2016, 10:04:59 am

Right found away around this by setting it in the boot loader.
But now would be nice if I could use it from the frontend ;)

Title: Re: Multiple routing tables
Post by: franco on May 19, 2016, 09:54:36 pm

Hi Matthew,

How did you set this in loader.conf? I looks like this is a kernel compile setting, set to 1 if not defined?

Generally this would be nice to have, but bringing this into the GUI will be a lot of work and all the effort to not deviate from FreeBSD by undoing customisations would then go a bit backwards.

I'd feel better about a seamless integration like rdomains in OpenBSD where the OS is simply capable of handling an arbitrary number, but FreeBSD does not seem to have that? But I could be wrong.

Kernel packages are on the horizon to enable different flavours selectively, but as I said it would only get you so far.

Long story short... open for suggestions. :)


Cheers,
Franco

Title: Re: Multiple routing tables
Post by: junglemattie on May 20, 2016, 11:31:30 am

Hi Franco,

I just set net.fibs=2 in /boot/loader.conf , this of course will probably get overridden when upgrading to new release version.
FreeBSD actually made this possible to separate the routing on different WAN's on the same machine.
But then again using pf and static routes would do the same trick.
I guess you mostly will need this feature when you want to separate BGP routing tables for example using two BGP daemons over two different paths.

And on the question on vrf support ( vrf-lite/rdomains )  for FreeBSD, fib is a bit like vrf but without the features that OpenBSD implemented with their vrf-lite.
Multiple fib's can be used to route different Jails on FreeBSD to their own routing table to segment it from your main routing table for example.