View Single Post
  #7   (View Single Post)  
Old 15th February 2014
Atlantis Atlantis is offline
New User
Join Date: Jan 2014
Posts: 4

Hi all, long time and still issues.
Everything works well going outbound, but not the same inbound.
I now use equal mpath, so outgoing traffic is correctly balanced through $nc and alternatively to $free.
BUT issue encountered now is that incoming trafic is only allowed to the first default route listed in the routing table, also used for outgoing trafic meaning that i think that the replys to the incoming requests coming to the second default route are sent to the wrong interface (first default route) and dropped by PF.
My goal is the gateway to be reachable from anywhere to both $free and $nc.
There might be an issue btw pf and routing table, which makes every reply to an incoming connection to be sent to the first default gateway whatever PF reply-to rules are.
I have found something about this kind of issues, and a potential solution, using virtual routing on openBSD. I am not familiar with this new feature. Any help would be welcome, if someone has already implemented such a conf.

Thanks all !
Reply With Quote