[EMAIL PROTECTED] a écrit :
Hi,
I have some time to come up with a new firewall/router/vpn solution
for our datacentre, and I'm considering a shiny new server with
OpenBSD and pf instead of a costly PIX. On the part of our network
that I'm doing this for we might see maximum 20Mbit/s unencrypted
traffic.
Is anyone using an OpenBSD/pf solution in a production environment
like this? What hardware are you using? How's it holding up? :-)
I'm fascinated to hear about anyone who has put the house on this
combination and succeeded, and whether they've implemented hot
failover etc.
Thanks in advance,
Andrew
Hi ..
I am using pf (OpenBSD 3.9) at work on a old pII 400 with 4 nic and 256
Mo of ram
it is uptime for more than a year now... and still running with no
process/ram/etc ... issues
I have at least ~ 400 users ( ~250 per day) and every thing run just fine
My pf.conf is very short .... (still PRIQ missing .. working on it ...
for "TCP NO delay" on asymetrique DSL)
see : http://www.benzedrine.cx/ackpri.html
here is the LAN/WAN :
/ -Line 1--ADSL 2+ Modem (Bewan Combo)-- ~ 1
Mbit/s up / 15 Mbit/s down--PPPoE ---> ip1
LAN ------- Proxy Squid----pF box Load Balance & RouteTo
\ /
\ -Line 2 --ADSL 2+ Modem (Bewan Combo)-- ~ 1
Mbit/s up / 15 Mbit/s down--PPPoE ---> ip2
\ /
\---->>>------/
\ - Line 3 --SMTP/ IMAP /POP --> Routeur -->
Private Mail WAN ---> ip3
The load balancing works just fine... and i ve got some tables for
special site.
if you got some questions.. just ask ... it's always a real pleasure to
share "real world" experiences.
*-----------------------------------*
jc roiron
Conseil Général Haute-Loire
[EMAIL PROTECTED]
*------------------------------------*
