Any way to "fix" this? Btw, I'm pretty sure I have also seen traceroutes from the Internet having the last 2 hops be the primary WAN and then the virtual WAN.
On Sat, Dec 13, 2008 at 6:03 PM, Chris Buechler <[email protected]> wrote: > On Sat, Dec 13, 2008 at 8:56 PM, Jeppe Øland <[email protected]> wrote: > > Hi all, > > > > I recently configured my pfSense (1.2-RELEASE on WRAP) with multiple WAN > IP > > addresses. > > I have a /29 network on the WAN. (First address is the modem, 2nd is > pfSense > > WAN, then 4 other addresses I can use). > > > > The 4 additional addresses are configured with VirtualIP using Proxy ARP. > > > > The extra IPs work fine, and I can NAT through the firewall in both > > directions. > > > > However, traceroute looks strange. > > > > From LAN, traceroute to the modem address complete in 2 hops. > > From LAN, traceroute to the primary WAN address complete in 1 hop. > > From LAN, traceroute to a virtual WAN address have 1 hop to the pfSense, > > then no replies after that. > > > > From Internet, traceroute to the modem address complete in X hops. > > From Internet, traceroute to the primary WAN address complete in X+1 hop. > > From Internet, traceroute to a virtual WAN address have X+2 hops, but the > > last 2 are replies from the same address. > > > > Is that normal? > > > > Yes, because of the way pf's route-to works. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
