Multi-WAN Multi-VLAN floating rules not matching
-
Hi,
I'm having big trouble regarding traffic shaping on Multi-WAN multi-VLAN environment.
2.3.4-RELEASE-p1 (amd64)
built on Fri Jul 14 14:52:43 CDT 2017
FreeBSD 10.3-RELEASE-p19I've followed deajan howto here: https://forum.pfsense.org/index.php?topic=120380.0 however, it's only multi-WAN. Trouble begins when trying to match per-LAN traffic.
Eg:
RULE 1 - matching HTTPS traffic download from VLAN10 through WAN1:
- Action: Match
- Interface: WAN1 & VLAN10
- Direction: out
- Address Familiy: IPv4
- Protocol: TCP
- Destination Port Range: HTTPS
- Ackqueue / Queue: qAckWAN1 / qHighWAN1VLAN10
RULE 2 - matching HTTPS traffic download from VLAN20 through WAN1:
- Action: Match
- Interface: WAN1 & VLAN20
- Direction: out
- Address Familiy: IPv4
- Protocol: TCP
- Destination Port Range: HTTPS
- Ackqueue / Queue: qAckWAN1 / qHighWAN1VLAN20
So what happens here is that rule 1 conflicts with rule 2.
Testings done:
- If I deactivate rule 2, rule 1 works fine, otherwise not.
- Seems to me that selecting WAN1 on both rules is the problem, but if only select VLANx interface on both rules, doesn't match any rule.
- Tried to add Source: WAN1 net, doesn't work.
- Tried to match with gateway: WAN1, also doesn't work. In fact, gateway option is not for matching, but for enforcing.
So, any help appreciated. I'm happy to provide any output log/status if needed.
Cheers,
Victor.