Greetings All,

My first question can be ignored. I realize this is not possible as packets can only hold the next hop. I was working with someone and we basically assumed that it could work because some other devices let you create these route statement, but it turns out the only reason it was allowed was for documentation purposes and it shows that as usual pfSense is doing it correctly.

[IGNORE]

Will pfSense ever allow for route creation with a remote gateway. e.g. If my default gateway is 1.1.1.1 and through it I can reach 2.2.2.2 and I want to create a route to 3.3.3.0/24, I can set most other business class routers and firewalls like Cisco ASAs so that 3.3.3.0/24 can be reached via 2.2.2.2 without having an IP in the same subnet as 2.2.2.2.

Is this a FreeBSD limitation? Is the fix a simple kernel flag or can the kernel be compiled to allow for this?

Additionally, I get that this can be an issue for multi-wan, but I would guess there is a way to deal with that as BSD is the basis for many high-end routers out there that support multi-wan.

Would the solution would be to have a rule that pushes traffic to 3.3.3.0/24 through the correct interface, using the default routing table. This is no big deal with the current setup as with multi-wan currently you have to create rules for all traffic that needs to use the default routing table.

The real technical challenge is when 2.2.2.2 can be reached via multiple WAN interfaces something has to be created to push this traffic through the active WAN with the highest priority.

[/IGNORE]

A More simple multi-WAN setup. Currently you have to create rules to use multi-WAN setups which means that you have to create separate rules for internal traffic. The idea is that the admin could specify multiple WANs as default with the LB and Failover metrics and all traffic to default would be sent down the appropriate WAN without special rules. Maybe other systems allow for this by creating their own IP stack with a routing table system that allows for this, so maybe it's not possible with stock BSD.

I believe that FreeBSD supports multiple routing tables. Could route-to be used with fibs or is there something that could replace route-to for use with fibs?

e.g. If a user has two wans pfSense could create two fibs. Each fib has all the same routes, I understand this would require code, except the default route for fib0 is the first WAN and the default route for fib1 is the second WAN. Then something like a gateway group could be created for the fibs. This would eliminate the need to create separate rules for local traffic which is required when using gateway groups.

Thanks,

Rhongomiant