This is a guide to configuring OSPF between Cisco IOS and the open-source Vyatta router platform.
a summary route, it is an inter-area route, which is true because the networks are in area 10, and the correct mask is being used, encompassing all our subnets, but no more. The last thing I wanted to do is practice passing a default route from the Cisco router to the Vyatta router.
The new Vy OS rig performs better than my old pf Sense box.
Granted, this due in no small part to newer, faster hardware.
Latency is exceptional too, as traversal of the firewall adds only ~0.08ms on average, even on a low-power Atom CPU that’s now several generations old.
Vy OS (and Linux’s firewall connection tracking facility in general) is also much more efficient in terms of memory consumption.