Trying to setup DSR load balancing with pf route-to
Chris
racerx at makeworld.com
Wed Mar 7 11:09:47 UTC 2007
Ed Schouten wrote:
> Hello,
>
> I have the same problem as well. The route-to doesn't seem to be able to
> emit packets at all. I have a setup like this:
>
> -----+----------+----- <- 10.0.0.0/24 - outside
> | |
> +----+---+ +---+----+
> | PF box | | Router |
> +--------+ +---+----+
> |
> ----------------+----- <- 192.168.0.0/24 - inside
>
> I'm able to reproduce this issue with this really simple pf.conf:
>
> | pass in log on xl0 route-to (xl0 10.0.0.7) to 192.168.0.0/24
>
> When packets from the outside to 192.168.0.0/24 arrive at the PF box,
> the above rule will match the packets. `tcpdump -i pflog0 -n -e' will
> match the packets, but they are not routed to the router. They just get
> trashed. dup-to will also only route the packet to the default route.
> This means that routing packets to a specific address is broken right
> now.
>
> Yours,
Shouldn't the diagram look like this - based on your wording. OR,
perhaps what you really mean is that the PF box and router ought to be
reversed?
----------------+----- <- 10.0.0.0/24 - outside
|
+---+----+
| PF box |
+---+----+
|
+---+----+
| Router |
+---+----+
|
----------------+----- <- 192.168.0.0/24 - inside
--
Best regards,
Chris
Nothing is ever so bad that it can't get worse.
More information about the freebsd-pf
mailing list