[nycbug-talk] openbsd/pf issue

Marc Spitzer mspitzer
Tue Aug 16 09:50:33 EDT 2005


On 8/16/05, Okan Demirmen <okan at demirmen.com> wrote:
> On Tue 2005.08.16 at 01:30 -0400, Marc Spitzer wrote:
> > I am trying to update some client firewalls, from fbsd 4.9/ipf to obsd
> > 3.7/pf and its not working.  When I have the obsd box up it seems to
> > confuse the network.  There iis cluster stops working, you can only
> > get to one of the ips and all the rest do not work.  The switches are
> > dell 3324's and I think they are running 2003 on the webservers.
> >
> > Obsd is  3.7, cvs is about a week old.
> >
> > Now could carp, think it is off or pfsync be causing the problems?
> 
> i'm assuming you've looked for arp issues, right? are you replacing one
> fbsd 4.9/ipf with a pair of carp'd obsd boxes? i'd say, first remove the
> complexity if there are issue - one to one - then add the second obsd
> firewall in once everything is right - done a few inline firewall swaps
> like this.

yup, and that is what I am doing.  

marc

> 
> cheers
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>




More information about the talk mailing list