Re: Multi-VRF bgpd (no MPLS)

[runelind]

BARDOU Pierre bardou.p at mipih.fr writes:

...

I'm running into the same thing with bgp.  I also tried ospf6d, which 
seemed to get stuck in init, but 
never fully joined.  Did you ever come across a solution?

problems passing radius traffic through pf

[runelind]

I have a Domain Controller in a DMZ which is handling radius requests from
my access point.  I'm having problems passing the radius information
successfully  through pf.  The pf box is a soekris running 4.1.

Mar 09 09:58:56.467664 rule 3/(match) block in on sis4: 172.30.30.5.1812 
10.50.3.11.2055: Axs! id:1 [1477] [|radius] (frag 25868:[EMAIL PROTECTED])
Mar 09 09:58:56.467745 rule 3/(match) block in on sis4: 172.30.30.5 
10.50.3.11: (frag 25868:[EMAIL PROTECTED])

# more /etc/pf.conf | grep pix_if
pix_if = sis4
pass  quick log  on $pix_if from  any to 10.50.3.11
block in log on $pix_if
pass out on $pix_if

In this case, 172.30.30.5 is my radius server, and 10.50.3.11 is my access
point.  Even though I am logging the pass rule, I do not seeing getting
hit through tcpdump.  If I take out the block in log on $pix_if, radius
information flows ok.

Thanks,

runelind at runelind dot net