PBR with Multiple gateways on the same subnet/interface



  • Under 2.x thre is a new gateway screen, allowing gateways to be added, appearing in the Firewall rule gateways (PBR) selection.

    Test setup
    Default gateway 192.168.1.10
    Alternative gateway 192.168.1.11

    Seems after doing some testing, that while you can set this via the firewall rules it appears that the PBR doesn't actually take affect (Traffic continues along to 192.168.1.10)
    Under 1.3 you can't do this via the interface, and can do this by defining an additional interface

    I'm guessing the underlying code hasn't been changed / doesn't support this?



  • That works if they're both on the same interface.



  • I could see it hitting the rule on the logs, but the traffic never showed up at the alternative gateway, it just carried on along the default route



  • But isn't this kinda lame? If I have two internet connections and want to do PBR with two external interfaces then this won't work? Or do you mean that the subnets need to be different when using two interfaces?


  • Rebel Alliance Developer Netgate

    When using two separate physical interfaces, the gateways must be different.



  • Yeah, but isn't this just the 'normal' way?



  • If it's on two different interfaces you can't provide any assurance of where that ARP will end up being seen. It'll work with different gateways on two different interfaces that are on the same IP subnet, but may not use the interface you expect it to.


Log in to reply