Trying to setup DSR load balancing with pf route-to

Ed Schouten ed at
Wed Mar 7 10:23:20 UTC 2007


I have the same problem as well. The route-to doesn't seem to be able to
emit packets at all. I have a setup like this:

	-----+----------+----- <- - outside
	     |          |
	+----+---+  +---+----+
	| PF box |  | Router |
	+--------+  +---+----+
	----------------+----- <- - inside

I'm able to reproduce this issue with this really simple pf.conf:

| pass in log on xl0 route-to (xl0 to

When packets from the outside to arrive at the PF box,
the above rule will match the packets. `tcpdump -i pflog0 -n -e' will
match the packets, but they are not routed to the router. They just get
trashed. dup-to will also only route the packet to the default route.
This means that routing packets to a specific address is broken right

 Ed Schouten <ed at>
