From owner-freebsd-pf@FreeBSD.ORG Mon Nov 8 14:30:46 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3A5B416A4CE for ; Mon, 8 Nov 2004 14:30:46 +0000 (GMT) Received: from pinco.pl (gw-z-futuro.pinco.pl [62.233.197.58]) by mx1.FreeBSD.org (Postfix) with SMTP id 0E46743D48 for ; Mon, 8 Nov 2004 14:30:45 +0000 (GMT) (envelope-from mocart@pinco.pl) Received: (qmail 60413 invoked by uid 1001); 8 Nov 2004 14:30:59 -0000 Date: Mon, 8 Nov 2004 15:30:59 +0100 From: =?iso-8859-2?Q?=A3ukasz?= Dudek To: freebsd-pf@freebsd.org Message-ID: <20041108143059.GA54873@dorbja.pinco.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Organization: Nigdy nie =?iso-8859-2?Q?spe=B3nione?= sny. User-Agent: Mutt/1.5.6i Subject: pf multipath nat X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Nov 2004 14:30:46 -0000 Hello, i've tried to configure multipath nat using RELENG_5 box (when it was current and now when it became stable) this are simplified rules schema i've been using nat on $ext_if1 from $int_subnet to any -> ($ext_if1) nat on $ext_if2 from $int_subnet to any -> ($ext_if2) # ## routing for internal subnets pass in on $int_if \ route-to { ( $ext_if1 $gateway1), ( $ext_if2 $gateway2 ) } round-robin \ from $int_subnet to any keep state ## need the next rules to properly pass traffic to/from the external IPs pass out on $ext_if2 route-to ($ext_if1 $gateway1) from $ext_if1 to any pass out on $ext_if1 route-to ($ext_if2 $gateway2) from $ext_if2 to any every time i've loaded this rules machine hangs hard in 30 to 300 seconds leaving nothing on special information on console or in logs i've been manipulating debug.mpsafenet without any change i've compiled in remote console via serial cable support i've also compiled in required debugging options. and it shows nothing but i've been able to send break. and probably manualy send doadump (i didnt try) then i've setup an openbsd 3.5 generic install on another disk and just copied my pf.conf to started the machine and everything was working fine for few hours. so i'm curios what should i look for to make it working on freebsd, or meaby something is wrong whith my configuration or freebsd. Regards, Lukasz Dudek