No bridge, just routed. We use pmacct because we need the memory plug in for dynamicly unpriorise those taking too much bandwith for fair sharing policy. We also use pmacct on FreeBSD and Linux so we have the same tool everywhere and use the same scripts on every platform.
Thanks Michel Le 21 oct. 2011 17:27, "Stuart Henderson" <[email protected]> a icrit : > On 2011/10/21 17:01, Michel Blais wrote: > > This is for a firewall and main gateway of my network. > > Is a atom dual core cpu 1.6 Ghz with 2 Go or RAM > > It have 2 realtek onboard nic but since I wanted Intel NIC, I added a 3 > > intel NIC optional board. > > > > em0 is use to connect to my ISP fiber link > > em1 is use to connect to my Lan > > re1 is use to connect direct to the router for maintenance. > > > > PF is use for firewall and nat some users. Others have public IP. > > any bridging or is this just routed? (if bridged, read > http://marc.info/?l=openbsd-misc&m=124082008204226, it has a few > problems..) > > > PMACCT to collect some network stat. > > is this using BPF capture? consider pflow(4) instead (netflow compatible, > this exports flows directly from PF in kernel mode, so the overheads are > much lower).
