Hi,
Having got a nice redundant firewall setup working with openbsd 4.2 pf +
carp + pfsync. My next step was to integrate it with ospf. My initial
plan was to continue to treat the firewall pair, as a single 'virtual
firewall' within the network and use ospf to advertise routes through
just the carp interfaces. Looking at a couple of docs for ospf though, I
was disappointed to find out I can't do this. I am not familiar with the
internals of ospf, so there may be an obvious reason for this
limitation, is it easy to explain, or could someone point me towards an
explanation?
Instead of doing this, I am now intending to drop carp out of the
picture altogether and just use ospf to provide the failover. Is this
the recommended solution? Does anyone else run this solution?
Thanks in advance!
- carp vs. ospf ? clifford bailey
-
