On Thu, 04 Jul 2013 21:30:56 +0200 Loïc BLOT <loic.b...@unix-experience.fr> wrote:
> Hello all, > thanks for this interesting debate about pf syncing. > To remember my initial question: > > pfsync seems to sync states but not correctly on my BGP+OSPF routers. > Because each BGP router is master/standby to 2 neighbors (full meshed > bgp) packets which are outgoing by one router can income by the other > router, then if i want to use pf as a stateful firewall i must use > pfsync to sync created states from router A to router B. > > If you tell me it's not possible, then i will use pf as a stateless > firewall. If you speak Serbian, I have just documented my BGP / OSPF / CARP / PFSYNC setup: https://www.mimar.rs/openbsd-na-obodu-korporacijske-mreze/ Maybe google translate is good enough to make it understandable.
