On Wed, Nov 05, 2008 at 09:40:02AM +0000, Stuart Henderson wrote:
> On 2008-11-05, Mikel Lindsaar <[EMAIL PROTECTED]> wrote:
> > The other option I believe would be using PF to round robin the packets on
> > both destinations using route-to rules. Would this work?
>
> it should, but you might need to make the rules stateless ("no state").
>
It works, and you do.
# san2 and san3 are in interface group att
att_if0="san2"
att_if1="san3"
pass in log on att to self
pass in on att to $my_net no state flags any
pass out on att from { $my _net self } no state flags any
pass out on { $att_if0 $att_if1 } route-to { \
($att_if0 $att_if0:peer) \
($att_if1 $att_if1:peer) \
} round-robin from $my_net tag ROUTED ! tagged ROUTED \
no state flags any
pass out on att to att:network
this is on a multiple AT&T T1 link, but it should work mostly the same.
However, you probably won't have the :peer address and will have to
specify the address.
l8rZ,
--
andrew - ICQ# 253198 - Jabber: [EMAIL PROTECTED]
BOFH excuse of the day: Typo in the code
