setfib+pf
Dimitar Vasilev
dimitar.vassilev at gmail.com
Thu Jan 15 03:37:43 PST 2009
2009/1/15 Julian Elischer <julian at elischer.org>
> Dimitar Vasilev wrote:
>
>> <cut>
>>
>> I'd much appreciate if someone thinks with me for the best
>> options of using
>> the setfib features along with pf.
>>
>>
>> I know setfib but I don't know pf unfortunately.. I use ipfw
>> (which is why ipfw has fib support :-)
>>
>>
>> possibly Max Lair may know both..
>>
>> Hi Julian,
>> Could you sched some light on the ipfw and setfib as an example. Seems the
>> person you're referring to is busy. The rest I will figure out on my own. If
>> there are results - I will share back.
>> Thanks,
>> Dimitar
>>
>
>
> well, you need to tell me a little more about what you want to do.
Thanks - here is the schema:
Lan1(browsing clients)
|
-------------- ----------------
| WRT |-------------| ALIX |-----------Lan2 (DMZ stuff, splitted
into various networks, vlans,etc)
-------------- ---------------
| |
----------- ----------------
| Uplink| | Uplink |
------------ ----------------
I will have two uplinks and would like to failover uplink of clients from
lan 1 and lan 2 depending on which link is up, keeping Lan2 accessible via
the both uplinks, using something like tunnel1.foobar and tunnel2.foobar, as
well as keeping LAN2 isolated from the clients via vlan and firewall rules
allowing ssh mostly. As will have various private networks,tunnels,etc and
no BGP, I would like to take advantage of setfib. Thanks.
Best regards,
Dimitar Vassilev
More information about the freebsd-net
mailing list