Date: Mon, 8 Nov 2004 16:21:39 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: pf multipath nat Message-ID: <200411081621.46313.max@love2party.net> In-Reply-To: <20041108143059.GA54873@dorbja.pinco.pl> References: <20041108143059.GA54873@dorbja.pinco.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2090757.JIVDIWOjU2
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Monday 08 November 2004 15:30, =A3ukasz Dudek wrote:
> i've tried to configure multipath nat using RELENG_5 box
> (when it was current and now when it became stable)
>
> this are simplified rules schema i've been using
Please send the *complete* ruleset you are useing.
> nat on $ext_if1 from $int_subnet to any -> ($ext_if1)
> nat on $ext_if2 from $int_subnet to any -> ($ext_if2)
>
> #
> ## routing for internal subnets
>
> pass in on $int_if \
> route-to { ( $ext_if1 $gateway1), ( $ext_if2 $gateway2 ) }
> round-robin \ from $int_subnet to any keep state
>
>
> ## need the next rules to properly pass traffic to/from the external IPs
>
> pass out on $ext_if2 route-to ($ext_if1 $gateway1) from $ext_if1 to any
> pass out on $ext_if1 route-to ($ext_if2 $gateway2) from $ext_if2 to any
>
> every time i've loaded this rules machine hangs hard in 30 to 300
> seconds leaving nothing on special information on console or in logs
>
> i've been manipulating debug.mpsafenet without any change
Are you *sure* that you had debug.mpsafenet=3D0 in the end? You know that i=
t is=20
only changeable during the loader and *not* in the live system?
> i've compiled in remote console via serial cable support
> i've also compiled in required debugging options.
>
> and it shows nothing but i've been able to send break.
> and probably manualy send doadump (i didnt try)
>
> then i've setup an openbsd 3.5 generic install on another disk
> and just copied my pf.conf to started the machine and everything
> was working fine for few hours.
>
> so i'm curios what should i look for to make it working on freebsd, or
> meaby something is wrong whith my configuration or freebsd.
=2D-=20
/"\ Best regards, | mlaier@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
--nextPart2090757.JIVDIWOjU2
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQBBj48KXyyEoT62BG0RAoSXAJ9omDbeATe1LuVzX5ksND5UaZ/SxQCfb6yr
cdbnzROSDdH91bECq70FEw4=
=tZlC
-----END PGP SIGNATURE-----
--nextPart2090757.JIVDIWOjU2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411081621.46313.max>