From owner-freebsd-security  Mon Aug 13  6:41:26 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ringworld.nanolink.com (gb.office1.bg [193.68.24.4])
	by hub.freebsd.org (Postfix) with SMTP id 65E5637B40C
	for <freebsd-security@FreeBSD.ORG>; Mon, 13 Aug 2001 06:41:16 -0700 (PDT)
	(envelope-from roam@ringlet.net)
Received: (qmail 6028 invoked by uid 1000); 13 Aug 2001 13:39:56 -0000
Date: Mon, 13 Aug 2001 16:39:56 +0300
From: Peter Pentchev <roam@ringlet.net>
To: Tony Landells <ahl@austclear.com.au>
Cc: Joshua Goodall <joshua@roughtrade.net>,
	freebsd-security@FreeBSD.ORG
Subject: Re: distributed natd
Message-ID: <20010813163956.A1119@ringworld.oblivion.bg>
Mail-Followup-To: Tony Landells <ahl@austclear.com.au>,
	Joshua Goodall <joshua@roughtrade.net>, freebsd-security@FreeBSD.ORG
References: <joshua@roughtrade.net> <200108122306.JAA21903@tungsten.austclear.com.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200108122306.JAA21903@tungsten.austclear.com.au>; from ahl@austclear.com.au on Mon, Aug 13, 2001 at 09:06:25AM +1000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Mon, Aug 13, 2001 at 09:06:25AM +1000, Tony Landells wrote:
> joshua@roughtrade.net said:
> > If you want to do failover between two NAT gateways, you can avoid
> > reinventing much of the high-availability wheel with the net/vrrp port
> > and taking things from there. VRRP was defined specifically to support
> > router failover. Perhaps you can piggyback state onto the
> > advertisements? 
> 
> Last time I checked on VRRP, it was in a questionable legal state
> due to protests by Cisco that it (sort of) infringed on HSRP--has
> that changed?
> 
> I don't really want to build a solution on technology that may get
> yanked suddenly...

I think the legal issues with the net/vrrp port have been solved,
however another problem has crept up: the port maintainer now thinks
that this port does not really implement the relevant RFC's correctly,
so the port was marked FORBIDDEN, and the maintainer is working on
his own version.

G'luck,
Peter

-- 
If this sentence didn't exist, somebody would have invented it.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message