Date: Sun, 11 Jan 2009 22:04:56 +0200 From: "Dimitar Vasilev" <dimitar.vassilev@gmail.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: setfib+pf Message-ID: <59adc1a0901111204xaf7fbd1v58f6fde0ec1c4e52@mail.gmail.com> In-Reply-To: <59adc1a0901062205l2bdaaa4enf6f08c0b6cd7f539@mail.gmail.com> References: <59adc1a0901062205l2bdaaa4enf6f08c0b6cd7f539@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2009/1/7 Dimitar Vasilev <dimitar.vassilev@gmail.com> > Hello, > > I'd like to ask on the best options for using setfib and pf in a non-BGP > environment. I will run 2 uplinks, with VLANs for internal networks and want > to fail over external links if one of them fails. > Currently pf supports to the best of my knowledge: > > a) rtable - this means i can create the routing tables with setfib and then > use pass from .... rtable N( N >1 <16) or give out directly network ranges > b) route-to - pass in/out on X from ... route-to > c) packet tagging - i can tag networks and use standalone or through > routing tags. Anyone aware if is it ok to use /etc/gateways without running > routed or how can i label routes alternatively? > d) pass in from route N(192.168.1.1 from example) to... - saw this on > http://www.mail-archive.com/pf@benzedrine.cx/msg07220.html and requires > BGP to make tags speak anything but network numbers. > e) use the vlan id's > > I'd much appreciate if someone thinks with me for the best options of using > the setfib features along with pf. > Thanks! > Best regards, > Dimitar Vassilev > > Hi, could someone confirm which of the features above are working with setfib? Seeking for the laziest and most efficient ways. If no answer received, I will try all of them 2-3 weeks later when my gear arrives. Thanks. Best regards, Dimitar Vassilev
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59adc1a0901111204xaf7fbd1v58f6fde0ec1c4e52>