On 16.11.2012, at 7.34, gpon...@spamcop.net wrote: > I recently moved from OpenBSD 4.9 to 5.2, and onto a new machine with an > extra enet port for the backup cable modem. DSL with a block of static IPs is > the primary external interface. My plan was add rules with route-to to route > specific traffic to the cable modem. > > First thing, I can't seem to write a rule that will route anywhere other than > to the default interface. For example, a rule such as "pass in quick on em0 > from any to 1.2.3.4 keep state route-to ( em2 $em2GatewayAddr )" should do > it. But then "telnet 1.2.3.4" causes a packet to go out em1, which is the > interface hosting the default route. "pfctl -vvs rules" does show the > route-to rule as one would expect, and it is being evaluated, but no packets > match. I can't see any reason for packets to not match. > > A second problem is that the cable modem must get an address using DHCP. To > route to the cable modem, I assume that route-to rules must contain the > gateway address. But it is not clear how to get that from DHCP issued address > into a rule. Is there a way to do it, or is my approach incorrect ? > > George
Hi George, please check my blog posts http://www.rinta-aho.org/blog/?p=168 (original, without VLANs) and http://www.rinta-aho.org/blog/?p=346 (with VLANs) I faced, and solved, the same problems as you although my goal was a bit different and maybe more complicated (get multiple public IPs from the same ISP). Basically I use pf tables to store the next hop routers and update those from dhclient. Hope it helps! BR, Teemu
