From owner-freebsd-pf@FreeBSD.ORG Tue Nov 20 21:53:19 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4438F985 for ; Tue, 20 Nov 2012 21:53:19 +0000 (UTC) (envelope-from hoomanfazaeli@gmail.com) Received: from mail-la0-f54.google.com (mail-la0-f54.google.com [209.85.215.54]) by mx1.freebsd.org (Postfix) with ESMTP id B13AC8FC08 for ; Tue, 20 Nov 2012 21:53:18 +0000 (UTC) Received: by mail-la0-f54.google.com with SMTP id j13so6156910lah.13 for ; Tue, 20 Nov 2012 13:53:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=9LGkllBP974pHYAZWUgQKMGaTwrntuYx0Erx88zCEvw=; b=jf6QK3zjKxNoPXvP401iHokyWWucxk6ErL83NfnEd3kX/pjNzDa/TVAPAbvb7wx1av 3S0clYMriYRbIcyaZ6skMW1F5em/fhn/3rBXsHeYy8bNeVNMyV6f/OxpAWJoIAEgeKMQ b+iyOmzLSd42U9/aa6bTQwrRZKQTzW1aIhv8hnIZHkT1ttjbG5H7NiAf214u8FvF735T dW0dmjA502Cmz4IK6r2HkBkFdpAN5TRcbBbZxTfXDhxo64s/SGTE8KkaEYxwIQTZp3oV 2R5fjKitokiGpygrxggjjQTUu4ZmMuSq/k0ZWV3z3i1A3N1+yXiuJPV1qMXXXCBDrUHa uhIw== Received: by 10.152.106.110 with SMTP id gt14mr15730838lab.1.1353448396282; Tue, 20 Nov 2012 13:53:16 -0800 (PST) Received: from [192.168.1.240] ([2.176.178.63]) by mx.google.com with ESMTPS id pw17sm5313668lab.5.2012.11.20.13.53.13 (version=SSLv3 cipher=OTHER); Tue, 20 Nov 2012 13:53:15 -0800 (PST) Message-ID: <50ABFBC0.6060509@gmail.com> Date: Wed, 21 Nov 2012 01:23:04 +0330 From: Hooma Fazaeli User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20121026 Thunderbird/16.0.2 MIME-Version: 1.0 To: Daniel Hartmeier Subject: Re: WAN load balance with PF References: <3908090977629100732@unknownmsgid> <50AB59F3.6070208@gmail.com> <20121120103424.GA18780@insomnia.benzedrine.cx> <50AB61CF.9040309@gmail.com> <20121120120101.GB18780@insomnia.benzedrine.cx> In-Reply-To: <20121120120101.GB18780@insomnia.benzedrine.cx> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 21:53:19 -0000 On 11/20/2012 03:31 ب.ظ, Daniel Hartmeier wrote: > On Tue, Nov 20, 2012 at 02:26:15PM +0330, Hooma Fazaeli wrote: > >>> # assuming default route through $wan_if1 >>> nat on $wan_if1 from $lan_if1:network to any -> { $wan_if1 $wan_if2 } >>> round-robin >>> pass out on $wan_if1 route-to ($wan_if2 $wan_ip2) from $wan_if2 to any >>> >>> Daniel >> But there is no wan_if2 actually. The box has only two interfaces: one >> connected to LAN and >> the other connected to L2 switch (to which modems are connected). > Same thing, just > > pass out on $wan_if1 route-to ($wan_if1 $wan_ip2) from $wan_if2 to any > > Daniel Thanks Daniel I was thinking that route-to does not work with OUT rules (I should have read it somewhere) and so never considered the possibility of routing after NAT. And just for the record, I include the final ruleset here: lan_if = "em0" wan_if = "em1" # default route interface wan_gw1 = "...." # ADSL modem 1 IP address wan_gw2 = "...." # ADSL modem 2 IP address wan_if_ip1 = "..." # default route destination wan_if_ip2 = "...." # IP address assigned to $wan_if to reach $wan_gw2 nat on $wan_if from $lan_if to any -> {$wan_if} round-robin pass out on $wan_if route-to ($wan_if $wan_gw2) from $wan_if_ip2 to any