From owner-freebsd-hackers@freebsd.org  Fri Sep 29 04:37:47 2017
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45319E22760
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Fri, 29 Sep 2017 04:37:47 +0000 (UTC)
 (envelope-from george+freebsd@m5p.com)
Received: from mailhost.m5p.com (mailhost.m5p.com [207.172.210.101])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "m5p.com", Issuer "Let's Encrypt Authority X3" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id D4FEC7D230
 for <freebsd-hackers@FreeBSD.org>; Fri, 29 Sep 2017 04:37:46 +0000 (UTC)
 (envelope-from george+freebsd@m5p.com)
Received: from [IPv6:2001:470:1f07:15ff::1f] (haymarket.m5p.com
 [IPv6:2001:470:1f07:15ff::1f]) (authenticated bits=0)
 by mailhost.m5p.com (8.15.2/8.15.2) with ESMTPSA id v8T4bJjx063989
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
 for <freebsd-hackers@FreeBSD.org>; Fri, 29 Sep 2017 00:37:24 -0400 (EDT)
 (envelope-from george+freebsd@m5p.com)
To: freebsd-hackers@FreeBSD.org
From: George Mitchell <george+freebsd@m5p.com>
Subject: Best practices: changing ISP
Message-ID: <72393abb-f966-c7ca-de1d-b0650bdf98dd@m5p.com>
Date: Fri, 29 Sep 2017 00:37:12 -0400
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="Iidg6rfuOs7nlt8IK7TTF2HXJjvmdo0pF"
X-Spam-Status: No, score=0.2 required=10.0 tests=HELO_MISC_IP, RP_MATCHES_RCVD
 autolearn=no autolearn_force=no version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mattapan.m5p.com
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2
 (mailhost.m5p.com [IPv6:2001:470:1f07:15ff::f7]);
 Fri, 29 Sep 2017 00:37:26 -0400 (EDT)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Sep 2017 04:37:47 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Iidg6rfuOs7nlt8IK7TTF2HXJjvmdo0pF
Content-Type: multipart/mixed; boundary="4oV5xwkaXgG4blpXGNTNPKfHNSoucrnFR";
 protected-headers="v1"
From: George Mitchell <george+freebsd@m5p.com>
To: freebsd-hackers@FreeBSD.org
Message-ID: <72393abb-f966-c7ca-de1d-b0650bdf98dd@m5p.com>
Subject: Best practices: changing ISP

--4oV5xwkaXgG4blpXGNTNPKfHNSoucrnFR
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

So for a while I'll have service from two ISPs, and hopefully anyone
who connects to my old external address will get a response from that
address, and anyone connects to the new address will get a response
from there.  Internally, my gateway is a FreeBSD box using "pf" with
NAT in the kernel, and my old ISP on one ethernet interface and the
new ISP on another one.  Has anyone written up a cheat sheet somewhere
that I can review?  What are the gotchas I'm going to run into?  To
begin with, I've set all my DNS TTLs to 300 to discourage people from
caching the old address for too long.  Thanks for any pointers.
-- George


--4oV5xwkaXgG4blpXGNTNPKfHNSoucrnFR--

--Iidg6rfuOs7nlt8IK7TTF2HXJjvmdo0pF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENdM4ZHktsJW5kKZXwRES3m+p4fkFAlnNzfkACgkQwRES3m+p
4flkFw/+KYuXjs3AW3EH8LRMqz2n90RaB2uTWftgYlPpnTHHs077piPv+PRfI+9e
1EuLA6PmSzXKcTnElBgW1b1u+2VMYu1CF0EDjT4prFfarn0mgcAxHFYx+coB0wME
ADYhS7H9z/cJ2Q4ergPBVRaP1SHwQreFkR8kOkUX0aKVMnysckl4UN0y7YKb0kCj
+/ZsPfU30H7UqpNiSwOhrgxYzga6dYXHsNllmu2R7oHvIZ2L2XK+yhsgJ49qn/Ca
RbMhehoWdCDWotm76DGs5bqK7UzyEXxjkvs1/5y2xud7jEWSXijdIyEsy9Wx9oay
nnE/QP7qVq32f6lk2iIbc3m+fZXg9cSFW12BiWxtCmsqzLRfHk+MFpMRu3rkbawX
gMIBGb1OsvxExPhOkeuLm4AdUGov5RtSE5x8nXCUdcFGbqxTJtsebc4YuOXhvTQZ
0b9GBzoIZjvpi91DQ8gP9hheaLC9ERTFj23GohIfRhhSSEn2I6V4gaXb2FRLTn84
SbfX9GgvsO7rffMIIUyatC9X39FdyCIUG+ix8uZyqJUdXGIJqJTWd5RV68EMMvDD
GunSsb/P87dkJjYwdSn/NKqDMjIMCqCYRknvZQ+jku3HqxC5tTH4j4FNDQGutII5
kfmf/VktRGt/uDMzF5gPYC8e7dhWllM3/P7PQ1pX+cm/rOMN/m0=
=80mA
-----END PGP SIGNATURE-----

--Iidg6rfuOs7nlt8IK7TTF2HXJjvmdo0pF--