My understanding of route-to is that if the destination is not on same network as the 'route-to' interface, you need the second 'next hop' parameter. All examples I was seeing show pf.conf this way. Is that not right? I will test with just the interface name.
-----Original Message----- From: Giancarlo Razzolini [mailto:grazzol...@gmail.com] Sent: Thursday, October 9, 2014 8:52 AM To: Justin Mayes; misc@openbsd.org Subject: Re: Route-to with a dynamic 'next hop' On 09-10-2014 10:16, Justin Mayes wrote: > I did notice the problem with only detecting a LAN failure and was looking at > a better monitor. If I just used plain PF rules what would I use for the > next-hop parameter to the route-to command? This IP is dynamic. > There is no next-hop. Just make your rule point to the interface. route-to (if). You can also make it route-to if. In either cases, you'd be better off using ifstated/relayd with anchors to dynamicaly change your rules, in case of link failures. Also, if possible, use snmp to query your modems/routers to determine the internet link availability. Cheers
