WAN load balance with PF
Hooma Fazaeli
hoomanfazaeli at gmail.com
Tue Nov 20 10:56:21 UTC 2012
On 11/20/2012 02:04 ب.ظ, Daniel Hartmeier wrote:
> On Tue, Nov 20, 2012 at 01:52:43PM +0330, Hooma Fazaeli wrote:
>
>> If we could connect both ADSl modems to the box, a config like below
>> would work:
>>
>> lan_if = "em0"
>> wan_if1 = "em1"
>> wan_if2 = "em2"
>>
>> nat on $wan_if1 from $lan_if1:network to any -> $wan_if1
>> nat on $wan_if2 from $lan_if1:network to any -> $wan_if2
>>
>> pass in on $lan_if route-to {($wan_if1 $wan_ip1) ($wan_if2 $wan_ip2)}
>> pass all
>>
>> our problem is that since both WAN links are connected to the same
>> interface (via the switch)
>> there is no way to distinguish between the two in NAT rules.
>>
>> Any idea?
> You could try to do round-robin on the nat rule, and route-to on 'pass
> out' rules on the default route interface (nat comes first), like
>
> # assuming default route through $wan_if1
> nat on $wan_if1 from $lan_if1:network to any -> { $wan_if1 $wan_if2 } round-robin
> pass out on $wan_if1 route-to ($wan_if2 $wan_ip2) from $wan_if2 to any
>
> Daniel
But there is no wan_if2 actually. The box has only two interfaces: one
connected to LAN and
the other connected to L2 switch (to which modems are connected).
More information about the freebsd-pf
mailing list