View Single Post
  #4   (View Single Post)  
Old 9th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

From http://openbsd.org/faq/pf/pools.html#outgoing
Quote:
One additional piece of information that's needed to do this is the IP address of the adjacent router on each Internet connection. This is fed to the route-to option to control the destination of outgoing packets.

The following example balances outgoing traffic across two Internet connections:
lan_net = "192.168.0.0/24"
int_if = "dc0"
ext_if1 = "fxp0"
ext_if2 = "fxp1"
ext_gw1 = "68.146.224.1"
ext_gw2 = "142.59.76.1"
I don't have 2 internet connections, so I never did get a chance to play with this, but from what I understand the network topology should be something like this:
Code:
 INTERNET         INTERNET
    |                 |
    |                 |
    |                 |
   adj.              adj.
  router           router
 80.0.0.254      22.0.0.254
    |                 |
    |                 |
    |                 |
    |                 |
    |                 |
----|-----------------|------
|  re0               fxp0    |
| 80.0.0.1          22.0.0.1 |
|                            |
|     gateway/firewall       |
|                            |
|         rl0                |
|      192.168.0.1           |
-----------|------------------
           |
           |
           |
      internal lan
This diagram looks rather different from yours, so I wonder whether your setup will work
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote