From owner-freebsd-questions@FreeBSD.ORG Fri Oct 1 12:41:23 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 111DD1065672 for ; Fri, 1 Oct 2010 12:41:23 +0000 (UTC) (envelope-from kkobb@skylinecorp.com) Received: from mail.skylinecorp.com (mail.skylinecorp.com [72.42.206.86]) by mx1.freebsd.org (Postfix) with ESMTP id C655F8FC19 for ; Fri, 1 Oct 2010 12:41:22 +0000 (UTC) Received: from [172.16.2.42] ([172.17.0.161]) (authenticated bits=0) by mail.skylinecorp.com (8.14.4/8.14.4) with ESMTP id o91COUFu065584 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Fri, 1 Oct 2010 08:24:30 -0400 (EDT) (envelope-from kkobb@skylinecorp.com) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=skylinecorp.com; s=mail; t=1285935870; bh=CCGJOBmC13oxaXC7KSvTv68FaVwRzTg0r91RiPTu0Us=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=CHAW+I5hoL8HJnjOBoX737mMtug1Nu4KY/rgQCfp2PPfTgD08bYWJ2V/MXQM6Nf2l beqnoU+RxjiAkNnL00KD+pWSaWyUNAufAGJsVp5T3p4nKl1ZJG7m1z5Jf39nb9JHXV silsMEKpNs42ezL0BhaNUV/XCvTTlt0HRESRh3bI= DomainKey-Signature: a=rsa-sha1; s=mail2; d=skylinecorp.com; c=simple; q=dns; h=message-id:date:from:organization:user-agent:mime-version:to: subject:references:in-reply-to:content-type:content-transfer-encoding; b=WzZ+6/7ncLh6di1Wo7OaAEfglAXzcghMP9Zr7NS+/bc6HssMoDBi5nl/FIYh2oLQS Vj3PBEYWu7seYYTSf/BCw== Message-ID: <4CA5D2FE.8070900@skylinecorp.com> Date: Fri, 01 Oct 2010 08:24:30 -0400 From: Kevin Kobb Organization: Skyline Corporation User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.9) Gecko/20100915 Lightning/1.0b2 Thunderbird/3.1.4 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <20101001001926.6ef8aa93@davenulle.org> In-Reply-To: <20101001001926.6ef8aa93@davenulle.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Skyline-MailScanner-Information: Please contact the ISP for more information X-Skyline-MailScanner-ID: o91COUFu065584 X-Skyline-MailScanner: Found to be clean X-Skyline-MailScanner-MCPCheck: MCP-Clean, MCP-Checker (score=0, required 1) X-Skyline-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-105.2, required 4.25, autolearn=not spam, ALL_TRUSTED -4.80, BAYES_00 -0.30, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, USER_IN_DKIM_WHITELIST -100.00) X-Skyline-MailScanner-From: kkobb@skylinecorp.com X-Skyline-MailScanner-Watermark: 1286540671.78778@kHDpa+1kXiIlNXkmkUDU0w X-Spam-Status: No Subject: Re: router / firewall with PF and carp. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2010 12:41:23 -0000 Both would probably be fine. However, I would recommend taking a look at pfsense if I were you. It is made to do what you want without as much of the overhead as a full blown *BSD install. It is easier to configure, update, the documentation is good, and you can get top notch paid support from the developers if you want. On 9/30/2010 6:19 PM, Patrick Lamaiziere wrote: > Hi, > > We are in the process to replace two Cisco Pix firewalls and one Cisco > router with two servers running PF with carp. The network is large > (it is an University) and all will depend on this two machines. > > We have made some tests with OpenBSD, PF and OpenBGPD and it looks to > work (but we have to make a lot of more tests to validate this). > > I think that the support for an OpenBSD release is very small (only one > year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 > years of support if we follow a stable branch). > > I am an happy user of FreeBSD since some time - I mean that I know it is > not perfect and there are some bugs! - but I dont have any experience > running it as a router on a large network. So, are PF and carp expected > to work fine on FreeBSD or are there some known problems? > > Do you think that OpenBSD suits better for this? > > Thanks, regards. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"