Routing with external interface doesn't work after a while
Martin Turgeon
turgeon.martin at gmail.com
Wed Oct 18 08:31:23 PDT 2006
The NAT rules are already written that way:
nat on $wan_if tag LAN_WAN_NAT tagged LAN_WAN -> ($wan_if)
nat on $wan_if tag WLS_WAN_NAT tagged WLS_WAN -> ($wan_if)
nat on $wan_if tag AP_WAN_NAT tagged AP_WAN -> ($wan_if)
nat on $wan_if tag VPN_WAN_NAT tagged VPN_WAN -> ($wan_if)
Thanks anyway
Martin
-----Message d'origine-----
De : Erik Norgaard [mailto:norgaard at locolomo.org]
Envoyé : 18 octobre 2006 10:30
À : Martin Turgeon
Cc : freebsd-pf at freebsd.org; freebsd-bugs at freebsd.org;
freebsd-questions at freebsd.org
Objet : Re: Routing with external interface doesn't work after a while
Martin Turgeon wrote:
> I've been reading the mailing list for a while, but it's my first post.
I'm
> not sure what is causing the problem so I'm posting to multiple lists. I'm
> running FreeBSD 6.1 on a Celeron 2.8GHz with 512Mo of RAM. It looks likes
> after a while (a couple of weeks) the routing isn't working anymore, but
> only with the external interface (the one connected to my cable modem from
> Videotron in Montreal). The box is acting as the gateway of the network
with
> PF, OpenVPN 2.0.5-1 and ISC-DHCPd 3.0.3-1 running. The problem also
occurred
> on FreeBSD 6.0 on another box.
Is your external ip configured with dhcp? I would guess this is because
your ip on the external interface changes. Your NAT rules will still go
to the old ip and hence nowhere. If reloading your pf ruleset solves the
problem, then this is a strong indication.
There is some trick to handle that, IIRC something like this would do:
ext_if=fxp0 # external interface
nat on $ext_if from <lan> to !<lan> -> ($ext_if)
The () means that pf will lookup the ip on that interface, and update
dynamically when the ip changes.
Well, that's how I remember it, I couldn't find where I've seen it, but
there is a trick like this.
Cheers, Erik
--
Ph: +34.666334818 web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
More information about the freebsd-bugs
mailing list