diff --git a/roles/core/network/files/FreeBSD/router.rc b/roles/core/network/files/FreeBSD/router.rc
new file mode 100644
index 0000000..b5a955e
--- /dev/null
+++ b/roles/core/network/files/FreeBSD/router.rc
@@ -0,0 +1,16 @@
+#   -------------------------------------------------------------
+#   Network — rc configuration
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+#   Project:        Nasqueron
+#   License:        Trivial work, not eligible to copyright
+#   Source file:    roles/core/network/files/FreeBSD/router.rc
+#   -------------------------------------------------------------
+#
+#   <auto-generated>
+#       This file is managed by our rOPS SaltStack repository.
+#
+#       Changes to this file may cause incorrect behavior
+#       and will be lost if the state is redeployed.
+#   </auto-generated>
+
+gateway_enable="YES"
diff --git a/roles/core/network/routes.sls b/roles/core/network/routes.sls
index 69df078..884d034 100644
--- a/roles/core/network/routes.sls
+++ b/roles/core/network/routes.sls
@@ -1,40 +1,55 @@
 #   -------------------------------------------------------------
 #   Salt — Network
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 #   Project:        Nasqueron
 #   License:        Trivial work, not eligible to copyright
 #   -------------------------------------------------------------
 
 {% from "roles/core/network/map.jinja" import routes_config with context %}
 
 #   -------------------------------------------------------------
 #   Routes
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 {{ routes_config["config_path"] }}:
   file.managed:
     - source: salt://roles/core/network/files/{{ routes_config["source_path"] }}
     - makedirs: True
     - template: jinja
     - context:
         routes: {{ salt["node.get_routes"]() }}
 
+#   -------------------------------------------------------------
+#   Enable packet forwarding for routers
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% if "router" in grains['roles'] %}
+{% if grains['os'] == 'FreeBSD' %}
+
+/etc/rc.d/routing/router:
+  file.managed:
+    - source: salt://roles/core/network/files/FreeBSD/router.rc
+    - makedirs: True
+
+{% endif %}
+{% endif %}
+
 #   -------------------------------------------------------------
 #   Systemd unit for Linux systems using our /etc/routes.conf
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 {% if routes_config["provider"] == "custom-service" %}
 
 /usr/sbin/routes:
   file.managed:
     - source: salt://roles/core/network/files/Linux/routes.sh
     - mode: 755
 
 /etc/systemd/system/routes.service:
   file.managed:
     - source: salt://roles/core/network/files/Linux/routes.service
   service.running:
     - name: routes
     - enable: true
 
 {% endif %}
diff --git a/roles/core/sysctl/files/sysctl.conf b/roles/core/sysctl/files/sysctl.conf
index 9d87dd4..30574dd 100644
--- a/roles/core/sysctl/files/sysctl.conf
+++ b/roles/core/sysctl/files/sysctl.conf
@@ -1,41 +1,35 @@
 #   -------------------------------------------------------------
 #   Kernel state configuration
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 #   Project:        Nasqueron
 #   Created:        2017-11-06
 #   License:        Trivial work, not eligible to copyright
 #   Source file:    roles/core/sysctl/files/sysctl.conf
 #   -------------------------------------------------------------
 #
 #   <auto-generated>
 #       This file is managed by our rOPS SaltStack repository.
 #
 #       Changes to this file may cause incorrect behavior
 #       and will be lost if the state is redeployed.
 #   </auto-generated>
-{% if is_router %}
-#   -------------------------------------------------------------
-#   Network
-#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
-net.inet.ip.forwarding=1
-{% endif %}
 #   -------------------------------------------------------------
 #   VFS — kernel interface to file systems
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 # Allow user to mount disks (required by FUSE or PEFS)
 vfs.usermount=1
 
 {%- if use_zfs %}
 
 {% if mem < 4096 %}
 # Maximum size of the Adaptive Replacement Cache (ARC).
 vfs.zfs.arc_max = 2147483648
 {% endif %}
 
 # Keep prefetch: this works by reading larger blocks than were requested
 # into the ARC in hopes that the data will be needed soon.
 vfs.zfs.prefetch_disable=0
 
 {% endif -%}
diff --git a/roles/core/sysctl/init.sls b/roles/core/sysctl/init.sls
index 26f205c..9410121 100644
--- a/roles/core/sysctl/init.sls
+++ b/roles/core/sysctl/init.sls
@@ -1,23 +1,22 @@
 #   -------------------------------------------------------------
 #   Salt — Kernel state
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 #   Project:        Nasqueron
 #   Created:        2017-11-06
 #   License:        Trivial work, not eligible to copyright
 #
 #   -------------------------------------------------------------
 
 {% if grains['os'] == 'FreeBSD' %}
 
 {% set use_zfs = salt['node.has']('zfs:pool') %}
 
 /etc/sysctl.conf:
   file.managed:
     - source: salt://roles/core/sysctl/files/sysctl.conf
     - template: jinja
     - context:
         use_zfs: {{ use_zfs }}
         mem: {{ grains['mem_total'] }}
-        is_router: {{ "router" in grains['roles'] }}
 
 {% endif %}