Policy Based Bittorrent

Surtr

I have recently switched to a dual WAN setup with pfsense and I'm trying to make it so that all my traffic goes on one WAN connection while the rest of the house goes on the other WAN connection.  I've had success with everything except Bittorrent.  Just like all the other services, I've told it to use the gateway that I want, but that doesn't seem to work.  The problem seems to be that the traffic leaves through the gateway, but it is trying to come back in through the other one, which I don't understand.

Here's my setup

LAN - 192.168.1.1
WAN1 (DSL) - 192.168.2.2 <-> Router (192.168.2.1) <-> 75.x.255.x (dynamic)
WAN2 (Wireless) - 216.xxx.123.101 <-> 216.xxx.123.1 (static)
My computer - 192.168.1.100 (static)

I setup a LAN firewall rule under LAN to have everything coming from my computer on source port 52839 (which is the port I setup in Azureus) to use the gateway 216.xxx.123.1.  I then enabled port forwarding for all incoming traffic on WAN2 and port 52839 to come in and go to 192.168.1.100:52839, which also made a firewall rule to allow it.  Then when I start Azureus, it complains that a tracker cannot connect to 75.x.255.x:52839, which I don't understand, since it should be using the other gateway.  When I check Diagnostics -> States it will show entries like the following:

192.168.1.100:52839 -> 216.xxx.123.101:65246 -> 74.98.27.5:64336
192.168.1.100:52839 <- 192.168.2.2:52839 <- 68.158.225.6:62825

Which assures me that it IS leaving on the correct gateway, but it's trying to come back in on the other connection.

Can anybody offer any insight into this?  I've been trying to figure it out for about 3 days, trying all kinds of different settings, but it's all just come down to guessing and checking.  Any help would be appreciated.

Surtr

Bah, so I kept playing with it and figured out it is an Azureus thing, not a pfsense thing.  I originally expected that, but since I couldn't find any settings in Azureus I turned to pfsense.

For anybody else having the same problem, I had to go to Options -> Tracker -> Client -> Override tracker announce IP.  I don't know what you'd do if you had a dynamic IP, though.

Edit: Scratch that.  I guess that didn't really fix it.

hoba

@Surtr:

192.168.1.100:52839 -> 216.xxx.123.101:65246 -> 74.98.27.5:64336
192.168.1.100:52839 <- 192.168.2.2:52839 <- 68.158.225.6:62825

This traffic doesn't belong to the same connection. If something like this would happen it usually would drop the traffic as it is out of state. I'm not sure of the way azureus is determening it's WAN IP but I guess that this is done by checking some external service (like http://checkip.dyndns.org/ ) and that this traffic is getting balanced and thus it's announcing sometimes WAN and sometime OPTWAN IP (depending on which WAN this frequent check left last). Just a guess. Sniffing would help to really see what's going on.

Surtr

I believe you're right about using the external service to check the external IP address.  I think it's using HTTP to do so, which I have set to always use WAN1.  When I get time I'm going to try to figure out where it's going to do that, so I can tell it to use the WAN2 gateway.