On 9/26/07, Chris Buechler <[EMAIL PROTECTED]> wrote: > > I'm no firewall programming network guru, if I was i'd be working with > > you already on the project, so please forgive some lack of detailed > > knowledge of the system. But since I was using inexpensive switches I > > had assumed pfSense had initiated the blocking, mostly because when > > you check ifconfig it shows one side of the bridge in blocking mode, > > as opposed to the whole interface. > > Interesting... did somebody add STP and I missed it? :)
I believe we always supported STP :) It's RSTP that we don't yet support (I believe - I think we have Andrews patches for that in our tree, not sure if they are active though). Either way, bridge and CARP don't mix. Don't do it. STP will lock out your port and it takes up to 45 seconds to re-enable the port after it goes back into learning mode. CARP otoh, will failover in 3 seconds or less, but can't if STP has the port disabled (other interesting hilarity ensues when CARP and STP mix). --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
