Hi, I use PF on some OpenBSD BGP+OSPF routers on Renater (IPv4 + IPv6), it works like a charm. Why this question ?
pf rule are simple: pass in quick proto tcp from $bgp_neighbor_1 to $self_peering_1 port 179 pass out quick proto tcp from $self_peering_1 to $bgp_neighbor_1 port 179 -- Best regards, Loïc BLOT, UNIX systems, security and network engineer http://www.unix-experience.fr Le mardi 29 octobre 2013 à 18:27 +0100, OCEANET - Cédric BASSAGET a écrit : > Hi, > Simple and general question : > Is it a good thing to run PF on an openbgpd server (for security > reasons), or should I de-activate PF ? > > Regards, > Cédric [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
