Re: multipath and route-to

[Leonardo Lombardo]

I try to explain better. Machine is a 4.6 stable on a virtualbox test 
environment. Here is my conf:

hostname.pcn0:
inet 192.168.3.204 255.255.255.0
inet alias 192.168.3.203 255.255.255.255
!route add -mpath default 192.168.3.252
!route add -mpath default 192.168.3.254
# ifconfig -a
pcn0: flags=8a43<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
        lladdr 08:00:27:62:0e:58
        priority: 0
        groups: egress
        media: Ethernet none
        status: active
        inet 192.168.3.204 netmask 0xffffff00 broadcast 192.168.3.255
        inet6 fe80::a00:27ff:fe62:e58%pcn0 prefixlen 64 scopeid 0x1
        inet 192.168.3.203 netmask 0xffffffff broadcast 192.168.3.203
pcn1: flags=8a43<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
        lladdr 08:00:27:49:21:1a
        priority: 0
        media: Ethernet none
        status: active
        inet 172.16.1.1 netmask 0xffffff00 broadcast 172.16.1.255
        inet6 fe80::a00:27ff:fe49:211a%pcn1 prefixlen 64 scopeid 0x2


# route -n show
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio 
Iface
default            192.168.3.252      UGSP       1    76579     -     8 pcn0
default            192.168.3.254      UGSP       0   112752     -     8 pcn0
127/8              127.0.0.1          UGRS       0        0 33200     8 lo0
127.0.0.1          127.0.0.1          UH         2       32 33200     4 lo0
172.16.1/24        link#2             UC         1        0     -     4 pcn1
[cut]

# traceroute 151.1.150.15
traceroute to 151.1.150.15 (151.1.150.15), 64 hops max, 40 byte packets
 1  192.168.3.254 (192.168.3.254)  7.32 ms  5.366 ms  6.267 ms
[cut]

# traceroute 151.1.150.16
traceroute to 151.1.150.16 (151.1.150.16), 64 hops max, 40 byte packets
 1  192.168.3.252 (192.168.3.252)  5.931 ms  3.774 ms  5.678 ms
[cut]

and from pf.conf:

ext_if=pcn0
pass out quick on $ext_if route-to ($ext_if 192.168.2.254) from any to 
151.1.150.16

with this rule I think I can avoid ecmp to reach that address and so 
have a "static route" to it. But with that rule enabled it doesn't work 
at all.

Note that 151.1.150.16 is only a test ip, it's not mine ;-)

Thanks for your support!


On 07/03/2010 15.44, Shi Jie Gung wrote:
I run multipath NAT on my openbsd like this

pf.conf
pass out from em0:network to !em0:network nat-to {tun0,tun1}

I think change nat-to to route-to can also work.

By the way, this is for routing,nating clients.
If you wish to do multipath for the machine openbsd is running on.

1. Check the default route interface, suppose tun0
2. pass out on tun0 from any to any nat-to {tun0,tun1,tun2}

These are done with OpenBSD-current
http://www.openbsd.org/faq/current.html#20090901




----- Original Message ----
From: Leonardo Lombardo<l.lomba...@jwizard.it>
To: misc@openbsd.org
Sent: Thu, March 4, 2010 8:22:50 PM
Subject: multipath and route-to

Hi all,

is there a way to force a route in pf, with route-to, on a machine that have 
multipath routing enabled ?
I'm trying to configure a gateway with multipath routing with the possibility 
of assigning a fixed route for some clients.

I can't find a way but to disable ecmp and do all the work with pf.

Can you give me some hints ?

Thanks
Leonardo





__________ Informazioni da ESET NOD32 Antivirus, versione del database delle 
firme digitali 4923 (20100307) __________

Il messaggio h stato controllato da ESET NOD32 Antivirus.

www.nod32.it




   

--
Dr. Leonardo Lombardo
Via Colle pizzuto 71, 00044 Frascati (Roma)
Mobile: 328 9424845
Fax:    06 72650667