2008/1/20, Jussi Peltola <[EMAIL PROTECTED]>: > On Sun, Jan 20, 2008 at 03:48:16PM +1100, Sunnz wrote: > > > pass out on pppoe1 route-to (pppoe0 pppoe0:peer) \ > > from any to pppoe0 > I don't think that will work. Anyone trying to reach pppoe0 will not get > routed out on pppoe1. > > > pass in on pppoe1 route-to (pppoe0 pppoe0:peer) \ > > from any to pppoe0 > You should never receive packets to pppoe0 on pppoe1 or your ISP is > doing funny things. > > Try: > pass in on pppoe0 reply-to (pppoe0 pppoe0:peer) from any to pppoe0 > > and: > pass in on pppoe1 reply-to (pppoe1 pppoe1:peer) from any to pppoe1. > > Then you also need to handle outgoing traffic: > pass route-to (pppoe0 pppoe0:peer) > > or something similar (do not try load-balancing before you get the rest > of it working). > > In this situation route-to will not help you with *incoming* > connections. They are already routed by your isp. It is the replies > (reply-to) and outgoing connections (route-to) that you need to > statefully route to the correct interface using PF. >
Thank you!! It is finally working now with: pass in on pppoe0 reply-to pppoe0 from any to pppoe0 pass in on pppoe1 reply-to pppoe1 from any to pppoe1 Well at least ping and traceroute is working, not yet ssh... but that's a good start I suppose. -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
