From owner-freebsd-questions@FreeBSD.ORG Tue Jun 25 12:17:12 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 4EFCB2E8 for ; Tue, 25 Jun 2013 12:17:12 +0000 (UTC) (envelope-from unga888@yahoo.com) Received: from nm44-vm7.bullet.mail.bf1.yahoo.com (nm44-vm7.bullet.mail.bf1.yahoo.com [216.109.115.31]) by mx1.freebsd.org (Postfix) with ESMTP id D8D9117CA for ; Tue, 25 Jun 2013 12:17:11 +0000 (UTC) Received: from [98.139.215.141] by nm44.bullet.mail.bf1.yahoo.com with NNFMP; 25 Jun 2013 12:13:53 -0000 Received: from [98.139.212.246] by tm12.bullet.mail.bf1.yahoo.com with NNFMP; 25 Jun 2013 12:13:53 -0000 Received: from [127.0.0.1] by omp1055.mail.bf1.yahoo.com with NNFMP; 25 Jun 2013 12:13:53 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 838535.26920.bm@omp1055.mail.bf1.yahoo.com Received: (qmail 47897 invoked by uid 60001); 25 Jun 2013 12:13:53 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1372162433; bh=126zaJOGSOCDa9+eyeHM9sr98r66RNEie1EgdCIYP/Q=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=NMU8Bd8+LDmH68MugVmALcjFrZVhDdw+SCxX2A9GTvMcH+wC6XpFGFTK2fgKHyp2B4qDiccFepBNkujq6tABG5oFHZ8oXxMmrkeqcbflQkW/pNP7Y8qY+gV2BjgSrxfrL1o7ZqHMY0Qn0muF125UDNe8XbhbO/6qZNrIjapND5o= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=YQYzZeWdnpuB+MVufD2JQ97YLrQhLMeGDDm4RBG0PElRS6SU4vm6mQgQGqvjM9u9fdgmpb5em6jZjR0ltE+GkB0O5qK9bS+Y1Zti92aDU9r4DRC87UTgAqxkhXaysZgKaebPUmAo9UWsMxHDJQaF1aqvuelzvBZvLJ0lOO6d7Ts=; X-YMail-OSG: tGzdWcQVM1n7ypgWNOuiioiNvzfjMnKzeBGlmm.oVx5RXkH zXKoEqRDsVF3gksxR5Gq7wJJEG2wjHzarlsAcYaQIvLfAsfHR_aWy9tuUbjd 8Visu03uq8PXP96FpytS14cXLWIe17NGP.GyHJfM26xJ7uOeC0R17oALeTL3 uiqLLvYxTKEfkjccjM0nRQJJyOGkVezdiSzomVhJjolz.DZWH3kzCkjVg90L aJdrfsqZpm1iN599yXCsy.PlzZzTZNO7Wh0H5t6Al.vm_DXOzJ.aeWVhWAPW HYk.POFFLDSzAyoYs2.2QXuQlO2KDAdGNaL6uC5ZeL0BlulaspmYtUtehtVj 3P0odmnvlYESrWO6HEPPMM_03OH5pqwwrSTbuoRwynMkaS9LQ6WV0Rp2bgN3 PaDfFNtYbfpAPLOp7MdzgPdyygxukIYbxhxubi1mhCUXbCHnrGDeIf_uA5c9 WTPxqQTCTllr2y_bICvHCboxqEubg0AMJxcQuQVWcuVWGxaN9GNf7h1PUyZ. dGUYbznRnDwn62KviLn3zuz6qW.WERrfSXw-- Received: from [124.43.74.23] by web161901.mail.bf1.yahoo.com via HTTP; Tue, 25 Jun 2013 05:13:53 PDT X-Rocket-MIMEInfo: 002.001, SGkgYWxswqAKCk15IHNlcnZlciBydW5zIEZyZWVCU0QgOS4wIChpMzg2KS4KCi9ldGMvcmMuY29uZiBzaG93czoKIwpjbG9uZWRfaW50ZXJmYWNlcz0ibGFnZzAgbGFnZzEiCiMKaWZjb25maWdfZW0wPSJ1cCIKaWZjb25maWdfZW0yPSJ1cCIKaWZjb25maWdfbGFnZzA9ImxhZ2dwcm90byBsYWNwIGxhZ2dwb3J0IGVtMCBsYWdncG9ydCBlbTIiCmlwdjRfYWRkcnNfbGFnZzA9InNvbWVJUC8yNiIKIwppZmNvbmZpZ19lbTE9InVwIgppZmNvbmZpZ19lbTM9InVwIgppZmNvbmZpZ19sYWdnMT0ibGFnZ3Byb3RvIGwBMAEBAQE- X-Mailer: YahooMailWebService/0.8.148.554 Message-ID: <1372162433.20015.YahooMailNeo@web161901.mail.bf1.yahoo.com> Date: Tue, 25 Jun 2013 05:13:53 -0700 (PDT) From: Unga Subject: Which is the public interface to use for ipfw when lagg(4)? To: "freebsd-questions@freebsd.org" MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Unga List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jun 2013 12:17:12 -0000 Hi all=A0=0A=0AMy server runs FreeBSD 9.0 (i386).=0A=0A/etc/rc.conf shows:= =0A#=0Acloned_interfaces=3D"lagg0 lagg1"=0A#=0Aifconfig_em0=3D"up"=0Aifconf= ig_em2=3D"up"=0Aifconfig_lagg0=3D"laggproto lacp laggport em0 laggport em2"= =0Aipv4_addrs_lagg0=3D"someIP/26"=0A#=0Aifconfig_em1=3D"up"=0Aifconfig_em3= =3D"up"=0Aifconfig_lagg1=3D"laggproto lacp laggport em1 laggport em3"=0Aipv= 4_addrs_lagg1=3D"publicIP1/29 publicIP2/32"=0A=0A=0AThe server is publicly = accessed using publicIP1 and publicIP2.=0A=0A=0AIn the ipfw rules:=0Acmd=3D= "ipfw -q add"=0Apif=3D"???"=0A=0A# Allow out ping=0A$cmd 00100 allow icmp f= rom any to any out via $pif keep-state=0A=0A=0AWhat is the interface should= I use for the pif? Is it lagg1?=0A=0ABest regards=0AUnga