kern/115725: pf nat -> ($if) works only intermittently
Max Laier
max at love2party.net
Wed Aug 22 15:00:11 PDT 2007
The following reply was made to PR kern/115725; it has been noted by GNATS.
From: Max Laier <max at love2party.net>
To: bug-followup at freebsd.org,
kjelderg at gmail.com
Cc:
Subject: Re: kern/115725: pf nat -> ($if) works only intermittently
Date: Wed, 22 Aug 2007 23:44:39 +0200
> nat pass on $ext_if from $freenx_jail_ip to any -> ($ext_if)
>
> When I then jexec a shell in the jail and try to do things on the
> network, only 1 in 3 or so connections would work. Ideally they should
> have all worked.
This usually happens when you have aliases on $ext_if. In this case
($ext_if) expands to a round-robin pool with all addresses assigned to
the interface. If you want to use the primary address on that interface
you can use the "($ext_if:0)" syntax to exclude aliases. If the address
you want to use is an alias, you have to specify it manually.
--
Max
More information about the freebsd-pf
mailing list