Date: Mon, 21 Jul 2014 07:44:24 +0200 From: Andreas Nilsson <andrnils@gmail.com> To: sthaug@nethelp.no Cc: Maxim Khitrov <max@mxcrypt.com>, Current FreeBSD <freebsd-current@freebsd.org>, Mailinglists FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <CAPS9%2BSsSmxZnTF8AEmEmWtGOd_8A%2Bd_8cYUYhuC3OsLYFxGHGQ@mail.gmail.com> In-Reply-To: <20140721.074105.74747815.sthaug@nethelp.no> References: <CAJcQMWe9=3PvOhfT8N-78N04A0u3OvkjOd-HPCiBUcJFZZb0-g@mail.gmail.com> <20140720134133.1d30f725@kan> <CAPS9%2BStPJRVSFLjpxgVEewT9fwHHFxw=qODAYa=uOAzb-V=v2Q@mail.gmail.com> <20140721.074105.74747815.sthaug@nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 21, 2014 at 7:41 AM, <sthaug@nethelp.no> wrote: > > Also, the openbsd stack has some essential features missing in freebsd, > > like mpls and md5 auth for bgp sessions. > > I use MD5 auth for BGP sessions every day (and have been doing so for > several releases). One could definitely wish for better integration - > having to specify MD5 key both in /etc/ipsec.conf and in the Quagga > bgpd config is not nice. But it works. > As far as I know you can only send out correctly authed stuff but not validate incoming. Has that changed? /Andreas > > MPLS would be nice - but is not a high priority. That's what I use > Juniper and Cisco routers for. For MPLS to be of any use I'd also need > a working IS-IS implementation, and I believe Quagga isn't quite there > yet. > > Steinar Haug, Nethelp consulting, sthaug@nethelp.no >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPS9%2BSsSmxZnTF8AEmEmWtGOd_8A%2Bd_8cYUYhuC3OsLYFxGHGQ>