Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 11 Jan 2009 22:04:56 +0200
From:      "Dimitar Vasilev" <>
To:        "" <>
Subject:   Re: setfib+pf
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
2009/1/7 Dimitar Vasilev <>

> Hello,
> I'd like to ask on the best options for using setfib and pf in a non-BGP
> environment. I will run 2 uplinks, with VLANs for internal networks and want
> to fail over external links if one of them fails.
> Currently pf supports to the best of my knowledge:
> a) rtable - this means i can create the routing tables with setfib and then
> use pass from  .... rtable N( N >1 <16) or give out directly network ranges
> b) route-to - pass in/out on X from ... route-to
> c) packet tagging - i can tag networks and use standalone or through
> routing tags. Anyone aware if is it ok to use /etc/gateways without running
> routed or how can i label routes alternatively?
> d) pass in from route N( from example) to... - saw this on
> and requires
> BGP to make tags speak anything but network numbers.
> e) use the vlan id's
> I'd much appreciate if someone thinks with me for the best options of using
> the setfib features along with pf.
> Thanks!
> Best regards,
> Dimitar Vassilev
> Hi, could someone confirm which of the features above are working with
setfib? Seeking for the laziest and most efficient ways.
If no answer received, I will try all of them 2-3 weeks later when my gear
Best regards,
Dimitar Vassilev

Want to link to this message? Use this URL: <>