Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Nov 2012 11:34:24 +0100
From:      Daniel Hartmeier <daniel@benzedrine.cx>
To:        Hooma Fazaeli <hoomanfazaeli@gmail.com>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: WAN load balance with PF
Message-ID:  <20121120103424.GA18780@insomnia.benzedrine.cx>
In-Reply-To: <50AB59F3.6070208@gmail.com>
References:  <3908090977629100732@unknownmsgid> <50AB59F3.6070208@gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 20, 2012 at 01:52:43PM +0330, Hooma Fazaeli wrote:

> If we could connect both ADSl modems to the box, a config like below 
> would work:
> 
> lan_if = "em0"
> wan_if1 = "em1"
> wan_if2 = "em2"
> 
> nat on $wan_if1 from $lan_if1:network to any -> $wan_if1
> nat on $wan_if2 from $lan_if1:network to any -> $wan_if2
> 
> pass in on $lan_if route-to {($wan_if1 $wan_ip1) ($wan_if2 $wan_ip2)}
> pass all
> 
> our problem is that since both WAN links are connected to the same 
> interface (via the switch)
> there is no way to distinguish between the two in NAT rules.
> 
> Any idea?

You could try to do round-robin on the nat rule, and route-to on 'pass
out' rules on the default route interface (nat comes first), like

  # assuming default route through $wan_if1 
  nat on $wan_if1 from $lan_if1:network to any -> { $wan_if1 $wan_if2 } round-robin
  pass out on $wan_if1 route-to ($wan_if2 $wan_ip2) from $wan_if2 to any

Daniel



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121120103424.GA18780>