OpenForum RSS: PF FreeBSD два ISP два VLAN https://ns.opennet.dev/openforum/vsluhforumID1/96130.html Помогите пожалуйста натировать трафик с одного vlan8 в IPS1 а с vlan6-13 в ISP2.<br>Вроде читаю и делаю но ничего не получаеться. <br><br>тут читал <br>http://dreamcatcher.ru/2009/12/28/ pf-Часть-2-Расширенная-конфигурация<br><br>получалось только так <br><br>ext_if1 = "igb0"<br>ext_if2 = "vlan4"<br>ext_gw1 = "26.74.250.1"<br>ext_gw2 = "6.38.18.1"<br><br><br><br>set limit states 16000000<br>set optimization aggressive<br>set limit src-nodes 160000<br>set limit table-entries 160000<br>nat-anchor "ftp-proxy/*"<br><br><br>nat on $ext_if1 from 10.8.0.0/20 to any -&gt; $ext_if2 (клиенты под сети жалуются на пинг)<br>nat on $ext_if1 from 10.0.0.0/8 to any -&gt; $ext_if1<br><br># route packets from any IPs on $ext_if1 to $ext_gw1 and the same for $ext_if2 and $ext_gw2<br>pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any<br>pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any<br><br><br>10.8 улетает на isp2 <br><br>10.6<br>10.11<br>10.13 на isp1 <br><br>мне нужно грубо раскидать вланы по каналам. <br> PF FreeBSD два ISP два VLAN (isvd) https://ns.opennet.dev/openforum/vsluhforumID1/96130.html#1 Tue, 12 May 2015 12:42:55 GMT вроде так работает. прокоментируйте. <br><br><br>ext_if1 = "igb0"<br>ext_if2 = "vlan4"<br>ext_gw1 = "xx.xx.250.1"<br>ext_gw2 = "xx.xx.18.1"<br>lan_net = "10.0.0.0/8"<br><br><br>set limit states 16000000<br>set optimization aggressive<br>set limit src-nodes 160000<br>set limit table-entries 160000<br>nat-anchor "ftp-proxy/*"<br><br><br>nat on $ext_if1 from 10.6.0.0/20 to any -&gt; $ext_if1<br>nat on $ext_if1 from 10.11.0.0/20 to any -&gt; $ext_if1<br>nat on $ext_if1 from 10.13.0.0/20 to any -&gt; $ext_if1<br>nat on $ext_if1 from 10.18.0.0/20 to any -&gt; $ext_if1<br><br>nat on $ext_if2 from 10.8.0.0/20 to any -&gt; $ext_if2<br><br><br><br>#проброс без балансировки (согласно списку адресов)<br>pass in quick on vlan6 route-to ($ext_if1 $ext_gw1) from 10.6.0.0/20 to !$lan_net keep state<br>pass in quick on vlan8 route-to ($ext_if2 $ext_gw2) from 10.8.0.0/20 to !$lan_net keep state<br>pass in quick on vlan11 route-to ($ext_if1 $ext_gw1) from 10.11.0.0/20 to !$lan_net keep state<br>pass in quick on vlan13 route-to ($ext_if1 $ext_gw1) from 10.13.0.0/20 to !$lan_net keep state<br>pass in quic