I did notice the problem with only detecting a LAN failure and was looking at a better monitor. If I just used plain PF rules what would I use for the next-hop parameter to the route-to command? This IP is dynamic.
-----Original Message----- From: Giancarlo Razzolini [mailto:grazzol...@gmail.com] Sent: Thursday, October 9, 2014 7:26 AM To: Justin Mayes; misc@openbsd.org Subject: Re: Route-to with a dynamic 'next hop' On 09-10-2014 02:58, Justin Mayes wrote: > Ok I got it working. Here is what I did > > Enabled multipath routing (sysctl) > Added the relayd anchor to pf.conf > Created a relayd.conf with this in it > > gw1="fxp0" > gw2="fxp1" > > table <gateways> { $gw1 ip ttl 1, $gw2 ip ttl 1 } > router "uplinks" { > route 0.0.0.0/0 > forward to <gateways> check icmp > } > Started relayd > Reloaded pf.conf > > I then could see with 'relayctl show summary' my two gateways and their 'up' > status as well as the default route to each with 'route show'. When I > 'ifconfig down' one interface, 'relayctl show summary' showed it as down and > then default route to it was removed automatically. Awesomeness. > > > -----Original Message----- > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of > Justin Mayes > Sent: Wednesday, October 8, 2014 10:56 PM > To: misc@openbsd.org > Subject: Re: Route-to with a dynamic 'next hop' > > I just watched Reyk's youtube. I'm going with relayd. I can see the 'routers' > section in the man page for relayd to do what I want. > > http://www.youtube.com/watch?v=JtMxGslqGbM > > > -----Original Message----- > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of > Justin Mayes > Sent: Wednesday, October 8, 2014 10:04 PM > To: misc@openbsd.org > Subject: Route-to with a dynamic 'next hop' > > Greetings all - > > I have 2 internet connections. One of them is static IP, one is dynamic. I > want to use both of them on my gateway. From the man pages and other docs I > see the use of route-to in the pf.conf including the 'next-hop' that it > requires. This is easy enough. Problem is that the next hop is hard coded IP > in all examples. I need that next hop to get updated when my one WAN DHCP > link is updated. I know about if:peer, if:broadcast, if:network ect but there > is no if:gateway. Seems like you could have used dhclient-script to adjust pf > config when ip changed but dhclient-script has been removed. I also read > that relayd has become the best option to accomplish this uplink load > balancing in current versions of OpenBSD. I wanted to check with you all to > make sure I'm not missing something basic with the load balanced uplink > scenario in OpenBSD. As always, comments and suggestions are much appreciated. > > J > There is no need to use relayd. Plain pf rules would do the trick, even on you dynamic interface. The relayd conf you made will only detect failure at the LAN network level. It will not detect internet failure. For that you would need to add another checks through icmp to ping external ip addresses. Or a check script. There is also the option of using ifstated. As, for the rules part you could use the route-to direct to the interface. Cheers
