A web server behind two gateways?
Eugene Grosbein
eugen at grosbein.net
Mon Jul 17 17:34:01 UTC 2017
18.07.2017 0:26, Kurt Jaeger wrote:
> I have a vague idea:
>
> If you set a tag (or a keep-state :flowname) using a ipfw rule that matches
> the incoming gateway MAC and match that tag/check-state flowname and
> the connection (keep-state) to fwd the answer packet back to that gateway ?
In fact, the NAT engine already keeps state track of packet flows
and uses that to correctly translate answers back to public IP address.
All you need is to forward translated outgoing answers to correct channel
based on translated external source IP address (read: do policy based forwarding).
More information about the freebsd-net
mailing list