Date: Wed, 7 Mar 2007 11:25:30 +0100 From: "Frans Haarman" <F.Haarman@giessen.nl> To: "Ed Schouten" <ed@fxq.nl>, <freebsd-pf@freebsd.org> Subject: RE: Trying to setup DSR load balancing with pf route-to Message-ID: <2DC959620A73E842969792F5B47FCA01037D436B@dg-exch1.giessen.nl> In-Reply-To: <20070307095414.GG75767@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
This rule works fine: echo "pass in quick log on bge0 route-to $TUNDEV tagged $TUNDEV keep state" Perhaps you forgot the keep state ? Frans Haarman De Giessen Automatisering B.V. Technische Dienst Telefoon : (0184) 67 53 75 Fax : (0184) 61 12 46 E-mail : servicedesk@giessen.nl Website : www.giessen.nl Algemeen Tel : (0184) 67 54 00 d u i d e l i j k e t a a l ! -----Oorspronkelijk bericht----- Van: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd-pf@freebsd.org] Namens Ed Schouten Verzonden: woensdag 7 maart 2007 10:54 Aan: freebsd-pf@freebsd.org; chip@2bithacker.net Onderwerp: Re: Trying to setup DSR load balancing with pf route-to Hello, I have the same problem as well. The route-to doesn't seem to be able to emit packets at all. I have a setup like this: -----+----------+----- <- 10.0.0.0/24 - outside | | +----+---+ +---+----+ | PF box | | Router | +--------+ +---+----+ | ----------------+----- <- 192.168.0.0/24 - inside I'm able to reproduce this issue with this really simple pf.conf: | pass in log on xl0 route-to (xl0 10.0.0.7) to 192.168.0.0/24 When packets from the outside to 192.168.0.0/24 arrive at the PF box, the above rule will match the packets. `tcpdump -i pflog0 -n -e' will match the packets, but they are not routed to the router. They just get trashed. dup-to will also only route the packet to the default route. This means that routing packets to a specific address is broken right now. Yours, -- Ed Schouten <ed@fxq.nl> WWW: http://g-rave.nl/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2DC959620A73E842969792F5B47FCA01037D436B>