two external intarfaces - BSD

This is a discussion on two external intarfaces - BSD ; I have two external interfaces with OBSD 3.9 box. If I try to connect to 2nd "ext_if" PF seems to direct all response packets to the default gateway (1st ext_if). The rules below don't make a proper job: # pass ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: two external intarfaces

  1. two external intarfaces

    I have two external interfaces with OBSD 3.9 box.
    If I try to connect to 2nd "ext_if" PF seems to direct all response packets
    to the default gateway (1st ext_if).
    The rules below don't make a proper job:

    # pass in log on $ext_if2 reply-to ($ext_if2 $ext_gw2) inet proto tcp from
    any to $ext_if2 keep state

    # pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
    # pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any

    Should I delete default route from route table?

    Tnx for suggestions



  2. Re: two external intarfaces

    lost wrote:
    > I have two external interfaces with OBSD 3.9 box.
    > If I try to connect to 2nd "ext_if" PF seems to direct all response packets
    > to the default gateway (1st ext_if).
    > The rules below don't make a proper job:
    >
    > # pass in log on $ext_if2 reply-to ($ext_if2 $ext_gw2) inet proto tcp from
    > any to $ext_if2 keep state
    >
    > # pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
    > # pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
    >
    > Should I delete default route from route table?


    It is not very clear to me what you want to do, and since you received
    no other responses, this seems to be the rule.

    What is your setup, IP-wise, and what does your routing table looks
    like? What do you want to do with traffic?

    Joachim

  3. Re: two external intarfaces

    > It is not very clear to me what you want to do, and since you received
    > no other responses, this seems to be the rule.
    >
    > What is your setup, IP-wise, and what does your routing table looks
    > like? What do you want to do with traffic?
    >
    > Joachim

    I have 2 interfaces connected to internet.
    One of them act as default in route table as usual.
    If I send eg. ping to a second interface address then icmp reply is shown
    outgoing on the first interface instead of to be send out through the second
    one.
    The reply should be directed back through the second interface as well,
    as expected result by using the option reply-to.




  4. Re: two external intarfaces

    According to lost :
    > > It is not very clear to me what you want to do, and since you received
    > > no other responses, this seems to be the rule.
    > >
    > > What is your setup, IP-wise, and what does your routing table looks
    > > like? What do you want to do with traffic?
    > >
    > > Joachim

    > I have 2 interfaces connected to internet.
    > One of them act as default in route table as usual.
    > If I send eg. ping to a second interface address then icmp reply is shown
    > outgoing on the first interface instead of to be send out through the second
    > one.
    > The reply should be directed back through the second interface as well,
    > as expected result by using the option reply-to.


    It sounds as though you have both interfaces connected to the
    same subnet. What is this intended to accomplish?

    You would probably have better results if the two interfaces
    were connected to separate nets.

    But until we have more information, all we can do is guess.

    Good luck,
    DoN.

    --
    Email: | Voice (all times): (703) 938-4564
    (too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
    --- Black Holes are where God is dividing by zero ---

+ Reply to Thread