*hmmm*
i did a test using ipsec vpn colouring aka. tagging
ipsec.conf offers the option to tag the vpn traffic for further PF filtering
using these tags i can instruct PF to use different public NAT addresses
(outgoing to internet) for each VPN
but when you have overlapping subnets behind the VPNs
hi all
obsd 4.9 seems to support 128 routing domains
is this a hard limit or is it configurable?
how about 512/1024/2048 routing domains? (silly idea?)
...i want to consolidate more than 128 small firewalls on one hardware and
routing domains would be nice to prevent data leaking between the FWs...
a few thoughts about firewall virtualization...
first of all: firewall virtualization is one of the topics i just can't resist
;D
it begun when i discovered the VRF capabilities in openbsd (guess since 4.7 or
so...)
the first experiments were using routing domain coupled with different vlans
but vl
hi all
still thinking about the diff between 2gbit in the specs and about 400mbit in
real world on a pretty new processor
that's a *big* difference
so we can say that every accelerator board - regardless if pci-e 16x or
miniPCI - will not be able to perform at lets say 1gbit because of the need of
On May 15, 2011, at 15:25, Kenneth R Westerback wrote:
> On Sun, May 15, 2011 at 02:24:27PM +0200, Oeschger Patrick wrote:
>> i was playing with virtual routing on openbsd4.9 recently
>> first results using vlans are impressive
>> now i am asking myself if virtual routing is
i was playing with virtual routing on openbsd4.9 recently
first results using vlans are impressive
now i am asking myself if virtual routing is possible
- without using dedicated physical interfaces for each routing domain
- without using dedicated vlans for each routing domain
idea behind this:
i
6 matches
Mail list logo
