I posted the wrong rule in my last mesg:
the rdr rule that DOES NOT work is this:
---
table <smtp> persist {10.10.10.10, 10.10.10.11}
rdr pass on $ext_if proto tcp from any to any port {25 110 143} ->
<smtp> round-robin sticky-address
---
This works fine: --- $mail_pool = {10.10.10.10, 10.10.10.11} rdr pass on $ext_if proto tcp from any to any port {25 110 143} -> $mail_pool round-robin sticky-address ----
----- Original Message ----- From: "Gustavo A. Baratto" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Thursday, January 13, 2005 3:13 PM
Subject: load balance (rdr) with tables
Greetings all,
I'm quite new in pf, and I'm having some problem with a load balance rule to a pool defined in a table. This is roughly what I have:
------
table <smtp> persist {10.10.10.10, 10.10.10.11}
rdr pass on $ext_if proto tcp from any to any port {25 110 143} -> $mail_pool round-robin sticky-address
------
# pfctl -s nat
rdr pass on xl0 proto tcp from any to any port = smtp -> <smtp> round-robin sticky-address
rdr pass on xl0 proto tcp from any to any port = http -> <smtp> round-robin sticky-address
rdr pass on xl0 proto tcp from any to any port = pop3 -> <smtp> round-robin sticky-address
rdr pass on xl0 proto tcp from any to any port = imap -> <smtp> round-robin sticky-address
rdr pass on xl0 proto tcp from any to any port = https -> <smtp> round-robin sticky-address
The strange thing is that exactly the same rdr rule works fine with I use a macro instead of a table, eventhough the pf FAQ says:
-------
round-robin - loops through the address pool in sequence. This is the default method and also the only method allowed when the address pool is specified using a table.
-------
Using freebsd port of pf, which is the equivalent to version in openbsd 3.5
thanks for any suggestion ;)
