Date: Thu, 27 Mar 2003 18:21:37 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Markus Boelter <markus@mitternachtsstun.de> Cc: freebsd-security@freebsd.org Subject: Re: Multiple Firewalls with ipfilter? Message-ID: <20030327162137.GA16141@gothmog.gr> In-Reply-To: <20030327145525.GF24413@mitternachtsstun.de> References: <3E82386C.000003.20487@ns.interchange.ca> <20030327103945.GA8208@gothmog.gr> <20030327145525.GF24413@mitternachtsstun.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2003-03-27 15:55, Markus Boelter <markus@mitternachtsstun.de> wrote: >On Thu, Mar 27, 2003 at 12:39:45PM +0200, Giorgos Keramidas wrote: >> Hmmm, you could probably do some ingenious stuff with ipfs and a >> shared disk partition, where the 'active' firewall save its state >> periodically. When this falls over, the code that handles the switch >> to the 'backup' machine could reload the state from the shared disk :) > > Hm - and if the disk fails, you don't have redundancy :)) Erm, it quickly gets ugly, but you can always save state in a disk that is local to any of the two machines, i.e. one that is shared over the network from some other place where you can guarantee redundancy using other means. Anyway, I'm not a high-availability expert, so I should shuttup now :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030327162137.GA16141>