Trying to setup DSR load balancing with pf route-to
Frans Haarman
F.Haarman at giessen.nl
Wed Mar 7 10:25:34 UTC 2007
This rule works fine:
echo "pass in quick log on bge0 route-to $TUNDEV tagged $TUNDEV keep
state"
Perhaps you forgot the keep state ?
Frans Haarman
De Giessen Automatisering B.V.
Technische Dienst
Telefoon : (0184) 67 53 75
Fax : (0184) 61 12 46
E-mail : servicedesk at giessen.nl
Website : www.giessen.nl
Algemeen
Tel : (0184) 67 54 00
d u i d e l i j k e t a a l !
-----Oorspronkelijk bericht-----
Van: owner-freebsd-pf at freebsd.org [mailto:owner-freebsd-pf at freebsd.org]
Namens Ed Schouten
Verzonden: woensdag 7 maart 2007 10:54
Aan: freebsd-pf at freebsd.org; chip at 2bithacker.net
Onderwerp: Re: Trying to setup DSR load balancing with pf route-to
Hello,
I have the same problem as well. The route-to doesn't seem to be able to
emit packets at all. I have a setup like this:
-----+----------+----- <- 10.0.0.0/24 - outside
| |
+----+---+ +---+----+
| PF box | | Router |
+--------+ +---+----+
|
----------------+----- <- 192.168.0.0/24 - inside
I'm able to reproduce this issue with this really simple pf.conf:
| pass in log on xl0 route-to (xl0 10.0.0.7) to 192.168.0.0/24
When packets from the outside to 192.168.0.0/24 arrive at the PF box,
the above rule will match the packets. `tcpdump -i pflog0 -n -e' will
match the packets, but they are not routed to the router. They just get
trashed. dup-to will also only route the packet to the default route.
This means that routing packets to a specific address is broken right
now.
Yours,
--
Ed Schouten <ed at fxq.nl>
WWW: http://g-rave.nl/
More information about the freebsd-pf
mailing list