> > *match in on $ext_if inet proto tcp to $ext_if port 8080 rdr-to
> $web_servers
> > \
> > round-robin sticky-address *
>
> You need to pass the inbound traffic somehow (match doesn't do this).
> Either change the 'match in' above to 'pass in',
YES, changed. It worked.
> or add another rule
>
TESTED this below too. it also worked.
> below like this:
>
> pass in on $ext_if inet proto tcp to $web_servers port 8080
>
>
> > # filter rules
> > block in log
> > block out log
>
> I think it's better you put this before the match rule(s). If you don't
> you'll have to use 'quick' on the pass rules I mentioned above.
>
> as You said, I put the above 2 rules before. thanks a lot.
*Here are my rules NOW. *
##For web_servers - BEGIN
match in on $ext_if inet proto tcp to $ext_if port 8080 rdr-to $web_servers
\
round-robin sticky-address
pass in on $ext_if inet proto tcp from any to $web_servers port 8080
*
# either the above 2 rules or the below one*
pass in on $ext_if inet proto tcp to $ext_if port 8080 rdr-to $web_servers \
round-robin sticky-address
*#This is to go out from $int_if*
pass out log on $int_if inet proto tcp from any to $web_servers port 8080 \
flags S/SA modulate state
##END
But, it always directs to one particular ip address. How to see load
balancing?
--
Thank you
Indunil Jayasooriya
