On 2008-03-10, clifford bailey <[EMAIL PROTECTED]> wrote:
> Having got a nice redundant firewall setup working with openbsd 4.2 pf +
> carp + pfsync. My next step was to integrate it with ospf. My initial
> plan was to continue to treat the firewall pair, as a single 'virtual
> firewall' within the network and use ospf to advertise routes through
> just the carp interfaces. Looking at a couple of docs for ospf though, I
> was disappointed to find out I can't do this.
don't you mean something like this?
router-id 1.2.3.4
auth-type crypt
auth-md 1 mekmitasdigoat
auth-md-keyid 1
hello-interval 1
router-dead-time 4
area 0.0.0.0 {
interface vlan701
interface carp72 { passive }
interface carp42 { passive }
interface carp209 { passive }
interface carp168 { passive }
}
