From owner-freebsd-isp Fri Jul 7 9:36:19 2000 Delivered-To: freebsd-isp@freebsd.org Received: from alpha.root-servers.ch (alpha.root-servers.ch [195.49.62.125]) by hub.freebsd.org (Postfix) with SMTP id 8C68F37BF36 for ; Fri, 7 Jul 2000 09:35:59 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 14732 invoked from network); 7 Jul 2000 16:35:56 -0000 Received: from client99-59.hispeed.ch (62.2.99.59) by ns1.root-servers.ch with SMTP; 7 Jul 2000 16:35:56 -0000 Date: Fri, 7 Jul 2000 18:36:31 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.44) UNREG / CD5BF9353B3B7091 Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <13990135708.20000707183631@buz.ch> To: Luigi Rizzo Cc: Chris Shenton , Alan Batie , isp@FreeBSD.ORG Subject: Re[2]: load balancing In-reply-To: <200007070656.IAA89161@info.iet.unipi.it> References: <200007070656.IAA89161@info.iet.unipi.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > having a machine acting as hot-backup is trivial as long as > you tolerate that during the crash recovery (an unlikely event) > all active sessions will drop and need to restart. I'm very interested in hearing such a solution. The point where we're failing here is the following one: one SERVICE (not the complete box) of the box goes down. IP itself stays up. Now the hotspare should jump in and take the IP over but how are you going to protect the network from being screwed up by two identical IP addresses? I'd really appreciate it if one could explain me how to solve this problem (IP takeover with completely failed boxes is easy). One possible solution would be that one: each box can do a hardware reset of it's twin (connect it's reset switch to the other one) but this one brings some rather bad security issues with it (not to mention the problem of not shutting down the system correctly...[1]) If one box get's hacked, the attacker can reboot the other one possibly causing it to fail... Best regards, Gabriel [1] With regard to this point, I'd be really interested in the softupdate stuff. However, I didn't manage to find any manpages about it. Any pointers? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message