On Fri, Jul 29, 2005 at 10:00:09PM +0200, Marcin Jessa wrote:
> On Fri, 29 Jul 2005 15:24:44 +0200
> Pavel Cahyna <pavel.cahyna@st.mff.cuni.cz> wrote:
> 
> > On Fri, 29 Jul 2005 13:56:46 +0200, Marcin Jessa wrote:
> Documentation: 
> http://www.openbsd.org/cgi-bin/man.cgi?query=carp
> http://www.freebsd.org/cgi/man.cgi?query=carp&apropos=0&sektion=0&manpath=FreeBSD+6.0-current&format=html

I know this, and it is not a documentation of the protocol, it only
explains how to use the carp pseudo-device.

> > BTW if you have experience with CARP, could you please explain why a
> > kernel implementation is desirable, 
> Correct handling of arp i would say.
> 
> >and how is it related to the pf firewall?
> "Additions to the pfsync(4) interface allow CARP to synchronise state
> table entries between two or more firewalls which are operating in
> parallel, allowing stateful connections to cross any of the firewalls
> regardless of where the state was initially created."

Where have you found this paragraph? It sounds strange, because it
contradicts the carp(4) manpage which don't state at all that CARP can
syncronize state table entries. According to the manpages, it rather seems
that CARP and pfsync are independent protocols, with different protocol
numbers.

Bye	Pavel