From owner-freebsd-security  Sun Aug 12 16: 6:31 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ns2.austclear.com.au (ns2.austclear.com.au [192.43.185.70])
	by hub.freebsd.org (Postfix) with ESMTP id 16E6637B409
	for <freebsd-security@FreeBSD.ORG>; Sun, 12 Aug 2001 16:06:28 -0700 (PDT)
	(envelope-from ahl@austclear.com.au)
Received: from tungsten.austclear.com.au (tungsten.austclear.com.au [192.168.166.65])
	by ns2.austclear.com.au (8.11.2/8.11.3) with ESMTP id f7CN6P428700;
	Mon, 13 Aug 2001 09:06:25 +1000 (EST)
	(envelope-from ahl@austclear.com.au)
Received: from tungsten (tungsten [192.168.166.65])
        by tungsten.austclear.com.au (8.9.3/8.9.3) with ESMTP id JAA21903;
        Mon, 13 Aug 2001 09:06:25 +1000 (EST)
Message-Id: <200108122306.JAA21903@tungsten.austclear.com.au>
X-Mailer: exmh version 2.1.1 10/15/1999
To: Joshua Goodall <joshua@roughtrade.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: distributed natd 
In-Reply-To: Message from Joshua Goodall <joshua@roughtrade.net> 
   of "Sun, 12 Aug 2001 10:50:33 +0100." <Pine.LNX.4.33.0108121042260.13034-100000@elm.phenome.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 13 Aug 2001 09:06:25 +1000
From: Tony Landells <ahl@austclear.com.au>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

joshua@roughtrade.net said:
> If you want to do failover between two NAT gateways, you can avoid
> reinventing much of the high-availability wheel with the net/vrrp port
> and taking things from there. VRRP was defined specifically to support
> router failover. Perhaps you can piggyback state onto the
> advertisements? 

Last time I checked on VRRP, it was in a questionable legal state
due to protests by Cisco that it (sort of) infringed on HSRP--has
that changed?

I don't really want to build a solution on technology that may get
yanked suddenly...

Tony
-- 
Tony Landells					<ahl@austclear.com.au>
Senior Network Engineer				Ph:  +61 3 9677 9319
Australian Clearing Services Pty Ltd		Fax: +61 3 9677 9355
Level 4, Rialto North Tower
525 Collins Street
Melbourne VIC 3000
Australia



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message