Project

General

Profile

Actions

Feature #1847

closed

Relax gateway checking

Added by Franck Bourdonnec about 13 years ago. Updated over 9 years ago.

Status:
Rejected
Priority:
Low
Assignee:
-
Category:
Gateways
Target version:
-
Start date:
09/06/2011
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

Hello,

During network lessons at school you learn that the gateway must be reachable with an IP in the same subnet has the host.
Few people understand that this gateway IP is is just used so that ARP get the mac address of the gateway.

So, there is nothing wrong using a gateway IP outside of the interface subnet.

This kind of unusual config is used by OVH, a french datacenter provider (and probably other) with a system they call 'failover IP'
The base machine have a normal config ip/netmask/gateway . Failover IP have /32 netmask and no gateway.

When the base machine is a ESXi vmware server, it receives the normal config. The virtual machines receive the 'failover IP'.
Some config tricks allow the linux/windows/bsd VM to accept the gateway IP provided to the base machine that is completly different from failover IP.
pfsense do not allow using a gateway in this case.

Say you have 88.88.56.67/32 failover IP for WAN1 and 199.200.1.1 for gateway.
Let me enter this config or let me give pfsense the mac address of the gateway.

Franck

Actions #1

Updated by Jim Pingle about 13 years ago

  • Status changed from New to Rejected

Duplicate of #972

Actions #2

Updated by Chris Buechler over 9 years ago

  • Target version deleted (2.0)
Actions

Also available in: Atom PDF