Relayd obviously has many benefits but is there any benefit for simple
client connections over just using PF. I guess header connection close,
nodelay etc. but not hugely significant..

I am wondering if a simpler setup might avoid this issue before just
seeing if new snapshots or 5.9 will.

http://marc.info/?l=openbsd-bugs&m=144872455708920&w=2

The man page for example says:
(UDP) Domain Name System (DNS) protocol.  The requested IDs in the DNS
header will be used to match the state.  relayd(8) replaces these IDs
with random values to compensate for predictable values generated by
some hosts

I'm not sure if henning once mentioned that PF did this in any case?

Are there any other benefits?

Thanks, Kc

-- 

KISSIS - Keep It Simple So It's Securable

Reply via email to