Hi,
On 13/05/2020 13:10, mabi wrote:
> I am currently running OpenBSD 6.5 as firewall with two ix interfaces inside
> a trunk interface with LACP protocol. On top of that I have a few vlan
> interfaces so it's basically (ix -> trunk -> vlan).
>
> Now I saw that OpenBSD has a new interface specifically for LACP which is
> called aggr. As I will soon be upgrading to OpenBSD 6.6 I was wondering if it
> is the right time to switch from trunk to the new aggr interface?
More details are at: https://marc.info/?l=openbsd-cvs=156229058006706=2
> From what I understand the new aggr interface has mainly 2 advantages: it is
> multi-processor safe and it should be faster than the tun interface. Is this
> correct?
Assuming you mean trunk, not tun, yes.
> And last point because aggr is pretty new, is it already safe to use it for a
> production firewall?
I don't see mention of any aggr fixes in the 6.7 changelog, so I guess it
didn't have any disasters in it. Others are using it on production systems.
Thanks,
Iain.
--
https://hambsd.org/