From owner-freebsd-pf@FreeBSD.ORG  Tue Nov 20 10:34:37 2012
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 76BA5473
 for <freebsd-pf@freebsd.org>; Tue, 20 Nov 2012 10:34:37 +0000 (UTC)
 (envelope-from dhartmei@insomnia.benzedrine.cx)
Received: from insomnia.benzedrine.cx
 (cust.static.213-3-30-106.swisscomdata.ch [213.3.30.106])
 by mx1.freebsd.org (Postfix) with ESMTP id B95388FC14
 for <freebsd-pf@freebsd.org>; Tue, 20 Nov 2012 10:34:34 +0000 (UTC)
Received: from insomnia.benzedrine.cx (localhost.benzedrine.cx [127.0.0.1])
 by insomnia.benzedrine.cx (8.14.1/8.13.4) with ESMTP id qAKAYPck005625
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Tue, 20 Nov 2012 11:34:25 +0100 (MET)
Received: (from dhartmei@localhost)
 by insomnia.benzedrine.cx (8.14.1/8.12.10/Submit) id qAKAYP9X009211;
 Tue, 20 Nov 2012 11:34:25 +0100 (MET)
Date: Tue, 20 Nov 2012 11:34:24 +0100
From: Daniel Hartmeier <daniel@benzedrine.cx>
To: Hooma Fazaeli <hoomanfazaeli@gmail.com>
Subject: Re: WAN load balance with PF
Message-ID: <20121120103424.GA18780@insomnia.benzedrine.cx>
References: <3908090977629100732@unknownmsgid> <50AB59F3.6070208@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <50AB59F3.6070208@gmail.com>
User-Agent: Mutt/1.5.12-2006-07-14
Cc: freebsd-pf@freebsd.org
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Nov 2012 10:34:37 -0000

On Tue, Nov 20, 2012 at 01:52:43PM +0330, Hooma Fazaeli wrote:

> If we could connect both ADSl modems to the box, a config like below 
> would work:
> 
> lan_if = "em0"
> wan_if1 = "em1"
> wan_if2 = "em2"
> 
> nat on $wan_if1 from $lan_if1:network to any -> $wan_if1
> nat on $wan_if2 from $lan_if1:network to any -> $wan_if2
> 
> pass in on $lan_if route-to {($wan_if1 $wan_ip1) ($wan_if2 $wan_ip2)}
> pass all
> 
> our problem is that since both WAN links are connected to the same 
> interface (via the switch)
> there is no way to distinguish between the two in NAT rules.
> 
> Any idea?

You could try to do round-robin on the nat rule, and route-to on 'pass
out' rules on the default route interface (nat comes first), like

  # assuming default route through $wan_if1 
  nat on $wan_if1 from $lan_if1:network to any -> { $wan_if1 $wan_if2 } round-robin
  pass out on $wan_if1 route-to ($wan_if2 $wan_ip2) from $wan_if2 to any

Daniel