Thank you all for the suggestions, I am currently testing a few of them. Incase it makes any difference, the underlying problem I have is I have two firewalls with BGP upstreams, one acting as primary, one as standby. So the problem I am seeing is the age-old problem of asymmetric traffic to the secondary firewall meaning pkg_add on the secondary doesn't work.
I guess I could med/localpref tweak the secondary to push traffic via the primary. But then I still have the problem of determining return path for the traffic (given inherent overlapping of IP ranges on the boxes). 26 Feb 2021, 15:34 by s...@spacehopper.org: > On 2021-02-26, Daniel Jakots <d...@chown.me> wrote: > >> On Fri, 26 Feb 2021 11:53:40 +0100 (CET), Rachel Roch >> > ><rr...@tutanota.de> wrote: > >>> Let's say I'm running "pkg_add -u" on a OpenBSD-based router with >>> multiple interfaces. >>> >>> What determines the source IP ? >>> >> >> On -current there is >> route [-T rtable] sourceaddr [-inet|-inet6] [address] >> route [-T rtable] sourceaddr [-inet|-inet6] -ifp interface >> > > Use with care though, this can be a footgun (especially if you are > connecting from there to other local machines with "strict host model"). > > If you want something more targetted then nat-to is one option. >
