Re: OSPFd, CARP and pfsync

[Andreas Östling]

On Tuesday 10 October 2006 19:59, Ronnie Garcia wrote:
> I have an OSPF enabled backbone and want to insert two firewalls.
> Each firewall will be connected to one different core router.
...
> With this design, a SYN packet can enter thru FW2 and the
> corresponding ACK packet go back thru FW1.
>
> Will pfsync just handle the split sessions happily ? Will it handle
> the load for, say, 10k pps ?

I've tried exactly that and it was not reliable. The solution is pretty 
simple though, just make sure only one fw at the time is active. I've 
used Quagga with some ifstated-type hacks to make it work but these 
days OpenOSPFD sounds like your good friend. Or use CARP on both sides 
if that's an alternative.

/Andreas

Re: sguil and OpenBSD

[Andreas Östling]

On Friday 01 July 2005 02:16, Vivek Ayer wrote:
> Hi all,
>
> Has anyone installed sguil on OpenBSD? I hear ACID development has
> stopped so it would be an opportune time to switch to sguil. If
> anyone can point me in the right direction of an
> install-and-configure guide specifically for openbsd, that would
> great. I'm running OpenBSD 3.7-current. I need it for the firewall
> that I have setup to protect a wired and wireless network. Thanks.
>
> Vivek

You'll probably have better luck with the sguil-users mailing list 
(including its archive), there are several OpenBSD users on it.

/Andreas