Re: Source-based routing (sometimes)

To: current-users%NetBSD.org@localhost
Subject: Re: Source-based routing (sometimes)
From: David Young <dyoung%pobox.com@localhost>
Date: Tue, 24 Nov 2009 12:12:58 -0600

On Tue, Nov 24, 2009 at 06:54:51PM +0100, Hans Rosenfeld wrote:
> On Tue, Nov 24, 2009 at 10:59:01AM -0600, Michael Graff wrote:
> > I tried adding this to my pf.conf:
> > 
> > pass out on rtk0 route-to ( gif0 149.20.65.100 ) from 149.20.7.0/24 to
> > any
> > 
> > It seems that the route-to is ignored.
> 
> I recently had a similar problem. Some other pf rule created state
> information that matched those packets that were supposed to go through
> the tunnel. Adding "no state" to all rules that could possibly affect
> those packets fixed it for me.

Just in case you need to create state, you can bind state to an
interface with the keyword 'if-bound'.  That will let PF filter process
the packet a second time on a second interface.

Dave

-- 
David Young             OJC Technologies
dyoung%ojctech.com@localhost      Urbana, IL * (217) 278-3933

Follow-Ups:
- Re: Source-based routing (sometimes)
  - From: Michael Graff

References:
- Source-based routing (sometimes)
  - From: Michael Graff
- Re: Source-based routing (sometimes)
  - From: Hans Rosenfeld

Prev by Date: Re: boot problem
Next by Date: Hair pinning with pf and NetBSD
Previous by Thread: Re: Source-based routing (sometimes)
Next by Thread: Re: Source-based routing (sometimes)
Indexes:

Home | Main Index | Thread Index | Old Index