I recently moved from OpenBSD 4.9 to 5.2, and onto a new machine with
an extra enet port for the backup cable modem. DSL with a block of
static IPs is the primary external interface. My plan was add rules
with route-to to route specific traffic to the cable modem.
First thing, I can't seem to write a rule that will route anywhere
other than to the default interface. For example, a rule such as "pass
in quick on em0 from any to 1.2.3.4 keep state route-to ( em2
$em2GatewayAddr )" should do it. But then "telnet 1.2.3.4" causes a
packet to go out em1, which is the interface hosting the default
route. "pfctl -vvs rules" does show the route-to rule as one would
expect, and it is being evaluated, but no packets match. I can't see
any reason for packets to not match.
A second problem is that the cable modem must get an address using
DHCP. To route to the cable modem, I assume that route-to rules must
contain the gateway address. But it is not clear how to get that from
DHCP issued address into a rule. Is there a way to do it, or is my
approach incorrect ?
George
- Routing challenges with DHCP and static interfaces gpontis
-