Thanks s2scott/jggimi for the info.
Quote:
|
pf will -- now -- parse correctly whether tun0 is up or down. The () change state will be detected appropriately.
|
That's what I was doing before but figured there must be a better way. I guess maybe there isn't. Is there any down side to using that though? (aside from having to type the ( ) all the time?
I do not believe I require DHCP for my internet access.
As for my routes. Well what I posted was my "public addressable space" except I naturally modified so this information is not readily available to the world. I chose 192.168.x to indicate that.
In my example:
Code:
default 192.168.40.1 UGS 5 252 - 8 tun0
192.168.40.1 192.168.20.2 UH 1 0 1492 4 tun0
192.168.40.1 - would be the gateway
192.168.20.2 - would be my IP
I'm not sure how this could even be displayed without giving out personal information. The block my ISP owns would appear to be much larger than any class C address space. Hence a "supernet" however I have no intention of speculating further on the design practices of my ISP.
http://en.wikipedia.org/wiki/Supernet
http://www.firewall.cx/supernetting-intro.php
My performance issues have been resolved to some degree. I disabled all the "set" options in my PF.CONF which would indicate they were the cause of some of the performance. As it stands I see a lot of fluctuation in speed. My system is running in a VMWare ESXi server which may have compatibility issues with OpenBSD? When I do 'top' the CPU seems to be practically sleeping and memory looks adequate with no swap usage.
Anyway to see actual interface throughput/utilization? PFTOP shows some info but not specific to an interface, rather to PF.
Thanks for all your help!