Load balancing over NOS-TUN

Hello,

This has to be logically a quite simple environment to set up, but I can't just overcome it. The situation is that our ISP is blocking the IPSec, PPTP, GIF tunnels, so I decided to establish an IPIP tunnel over protocol number 94 with NOS-TUN. The tunnel is working perfectly, but the problem is that it seems the ISP is also limiting the throughput of any unknown protocol, which is 94 in my case. So I decided to set up two tunnels over protocol 94 and 95, then load-balance the bandwidth equally between them to aggregate the total throughput. I thought that LAGG would to this for me, but it seems that it is for physical interfaces only, so I chose PF and I read this article, but I get a syntax error when I try to start PF.

Here is my pf.conf content on FreeBSD box 1:

Code:
lan_net = "192.168.20.0/24"
int_if  = "em0"
ext_if1 = "tun94"
ext_if2 = "tun95"
ext_gw1 = "192.168.94.1"
ext_gw2 = "192.168.95.1"

pass in on $int_if from $lan_net route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin

pass out on $ext_if1
pass out on $ext_if2

pass out on $ext_if1 from $ext_if2 route-to ($ext_if2 $ext_gw2)
pass out on $ext_if2 from $ext_if1 route-to ($ext_if1 $ext_gw1)

The other side's pf.conf is as follows:

Code:
lan_net = "192.168.21.0/24"
int_if  = "em0"
ext_if1 = "tun94"
ext_if2 = "tun95"
ext_gw1 = "192.168.94.2"
ext_gw2 = "192.168.95.2"

pass in on $int_if from $lan_net route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin

pass out on $ext_if1
pass out on $ext_if2

pass out on $ext_if1 from $ext_if2 route-to ($ext_if2 $ext_gw2)
pass out on $ext_if2 from $ext_if1 route-to ($ext_if1 $ext_gw1)

What am I missing here? Is there any other way to load-balance between these tunnels?
 
Back
Top