From owner-freebsd-net@FreeBSD.ORG  Sat Nov 11 11:47:17 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E315416A40F
	for <freebsd-net@freebsd.org>; Sat, 11 Nov 2006 11:47:17 +0000 (UTC)
	(envelope-from niki@totalterror.net)
Received: from sellinet.net (galileo.sellinet.net [82.199.192.2])
	by mx1.FreeBSD.org (Postfix) with SMTP id E596C43D58
	for <freebsd-net@freebsd.org>; Sat, 11 Nov 2006 11:47:16 +0000 (GMT)
	(envelope-from niki@totalterror.net)
Received: (qmail 26690 invoked by uid 1009); 11 Nov 2006 13:47:14 +0200
Received: from niki@totalterror.net by galileo by uid 1002 with
	qmail-scanner-1.22 
	(spamassassin: 3.0.3.  Clear:RC:1(82.199.197.152):. 
	Processed in 0.049931 secs); 11 Nov 2006 11:47:14 -0000
Received: from unknown (HELO tormentor.totalterror.net) (82.199.197.152)
	by galileo.sellinet.net with SMTP; 11 Nov 2006 13:47:14 +0200
Received: (qmail 44021 invoked from network); 11 Nov 2006 11:47:13 -0000
Received: from qmail by qscan (mail filter); 11 Nov 2006 11:47:13 +0000
Received: from unknown (HELO ?10.0.0.3?) (10.0.0.3)
	by tormentor.totalterror.net with SMTP; 11 Nov 2006 11:47:13 -0000
Message-ID: <4555B841.4030105@totalterror.net>
Date: Sat, 11 Nov 2006 13:47:13 +0200
From: Nikolay Denev <niki@totalterror.net>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: pf table synchronization between redundant routers (pfsync?)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Nov 2006 11:47:18 -0000

Hi all,

I'm thinking about adding support for pfsync to synchronize
pf tables, so it can be used on redundant firewalls/routers setup.

At first glance it looks fairly simple, just send/receive
a message containing the table name, the prefix, and the action "add" or 
  "remove".

Has anyone tried something like this?
The other thing that comes to my mind is for example a patched routed, 
that will work on pftables, instead of the kernel routing table?

P.S: I know about pftabled, but i'm searching about different solution.

--
Niki