I can say that both of them are pretty good choice, in my personal experience I had the same configuration that you are planning to implement qith two servers on OpenBsd 4.6 + carp+ bgp as a router in a huge network , the only problem was some well know bug with carp and bgp..that for some reason some times one of the server nic (carp-backup) try to became master, when wasn't necesary... and the routes were screwed up. But now with the new openbsd 4.8, if i were you I would give it a try
Jorge E. Espada On Fri, Oct 1, 2010 at 6:29 AM, krad <kra...@gmail.com> wrote: > On 30 September 2010 23:19, Patrick Lamaiziere <patf...@davenulle.org > >wrote: > > > Hi, > > > > We are in the process to replace two Cisco Pix firewalls and one Cisco > > router with two servers running PF with carp. The network is large > > (it is an University) and all will depend on this two machines. > > > > We have made some tests with OpenBSD, PF and OpenBGPD and it looks to > > work (but we have to make a lot of more tests to validate this). > > > > I think that the support for an OpenBSD release is very small (only one > > year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 > > years of support if we follow a stable branch). > > > > I am an happy user of FreeBSD since some time - I mean that I know it is > > not perfect and there are some bugs! - but I dont have any experience > > running it as a router on a large network. So, are PF and carp expected > > to work fine on FreeBSD or are there some known problems? > > > > Do you think that OpenBSD suits better for this? > > > > Thanks, regards. > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscr...@freebsd.org" > > > > In my experiance freebsd should work fine. However I would say openbsd is > probably better suited to your needs, due to its tighter security model > (auditing) You will also get a newer version of pf with openbsd. If you get > issues with openBGP would could look at quagga. I have used it in the past > but havent for a while so am not sure of the state of it now. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
