On 2023-11-22, Ian Timothy <i...@thrivedata.it> wrote: > Hello, > > I have two ISPs where one connection is primary and the other is > low-bandwidth for temporary failover only. ifstated handles the failover by > simply changing the default gateway. But under normal conditions I want to be > able to connect via either connection at any time without changing the > default gateway. > > A long time ago under the old pf syntax I had this in /etc/pf.conf which > worked fine, and as far as I can remember was the only thing needed to enable > this desired behavior: > > pass in on $wan1_if reply-to ( $wan1_if $wan1_gw ) > pass in on $wan2_if reply-to ( $wan2_if $wan2_gw ) > > But I’ve not been able to find the right way to do this under the new pf > syntax. From what I’ve been able to find this is supposedly does the same > thing, but no success so far: > > pass in on $wan1_if reply-to ($wan1_if:peer) > pass in on $wan2_if reply-to ($wan2_if:peer)
The :peer syntax is for point-to-point interfaces (e.g. pppoe, maybe umb). > What am I missing? Or this there a better way to do this? As long as the gateway is at a known address (not a changing address from DHCP) this should do: pass in on $wan1_if reply-to $wan1_gw pass in on $wan2_if reply-to $wan2_gw You can also have a setup with multiple rtables, but in the simple case, reply-to is often easier. -- Please keep replies on the mailing list.
