On 2023-11-22, Ian Timothy wrote:
> Hello,
>
> I have two ISPs where one connection is primary and the other is
> low-bandwidth for temporary failover only. ifstated handles the failover by
> simply changing the default gateway. But under normal conditions I want to be
> able to connect via either connection at any time without changing the
> default gateway.
>
> A long time ago under the old pf syntax I had this in /etc/pf.conf which
> worked fine, and as far as I can remember was the only thing needed to enable
> this desired behavior:
>
> pass in on $wan1_if reply-to ( $wan1_if $wan1_gw )
> pass in on $wan2_if reply-to ( $wan2_if $wan2_gw )
>
> But I’ve not been able to find the right way to do this under the new pf
> syntax. From what I’ve been able to find this is supposedly does the same
> thing, but no success so far:
>
> pass in on $wan1_if reply-to ($wan1_if:peer)
> pass in on $wan2_if reply-to ($wan2_if:peer)
The :peer syntax is for point-to-point interfaces (e.g. pppoe, maybe umb).
> What am I missing? Or this there a better way to do this?
As long as the gateway is at a known address (not a changing address from
DHCP) this should do:
pass in on $wan1_if reply-to $wan1_gw
pass in on $wan2_if reply-to $wan2_gw
You can also have a setup with multiple rtables, but in the simple case,
reply-to is often easier.
--
Please keep replies on the mailing list.
