I'm glad you have a circumvention which appears to be working for you. I'm not sure I can help improve it.
The OpenBSD pf.conf(5) man page from May 2007 - pre-fork - mentioned that the external address field must be routable.
With that limited knowledge, I'm only able to conjecture that you cannot use an alias address.
Possibly, you may be able to revise your network block so that the NIC's base address can be used for routing and for NAT.
---
I don't know what an "almost /28" is. A /28 is a block of 16 IP addresses, with 2 reserved and 14 available for device addressing.
Last edited by jggimi; 25th November 2015 at 05:18 PM.
Reason: typo
|