First, my warm thanks to everyone to responded on and off list, an amazing response that truly speaks for the opennness and incredible skill of this community. We are likely to change the setup to make sure the switch fabric sits behind the edge routers, and thanks to my new understanding of iBGP, will simply associate different upstream with the different edge routers and run BGP between them. The downside of this setup is that if a router falls over, we loose an uplink, but that's a minor problem considering how it makes the whole setup much simpler, and completely removes the single point of failure of the switch. And anyways since the uplinks are directly in the router, the downtime should be negligible in such a (rare) occurence. We will keep on experimenting with OpenBGPd, but at the first sign of trouble we will switch to what seems to be the more widely accepted alternative in the *BSD world, Bird, which also allows for a clean transition to GNU/Linux if we ever make the jump. CARP will come later, but will still be in the picture. Both routers will be in production at all time, and we'll use CARP to elect the gateway for the internal network. We prefer CARP to VRRP because it seems well supported in *BSD world and because VRRP is patent-encumbered. I am worried, however, of rumours of kernel panics associated with CARP, but I am confident that the very responsive FreeBSD community will be able to help with that. Thanks again for all your feedback, you guys rock. Cheers, A. -- A ballot is like a bullet. You don't throw your ballots until you see a target, and if that target is not within your reach, keep your ballot in your pocket. - Malcom X