Date: Thu, 4 Oct 2001 22:06:37 -0400 From: Sean Lutner <sean@rentul.net> To: freebsd-security@freebsd.org Subject: HA/Failover options Message-ID: <20011004220637.B525@rentul.net>
next in thread | raw e-mail | index | archive | help
Hello... I've recently been tasked with coming up with a redundant/failover firewall solution to replace our managed firewalls. The goal is to have more control, and spen dless money. So, after some research I decided FreeBSD with ipfw and vrrp would do the trick. I set out to in stall and configure everything. I noticed when trying to install vrrp from ports that it's been tagged forbidden, and confirmed this after searching the -security archives. The problem I'm running into is this. I grabbed the code that /usr/ports/net/vrrp would have, and built it, but the implementation has some problems. Once failed over (slave taking over for master), it does not fail back without intervention. If you down an interface with a vrid on it, somehow the vip stays in the interface causing problems. My basic question is this. Is there anyone else out there running redundant/failover firewalls using freebsd? If so, what are you running? I found one other piece of software at http://linux-ha.org that said would build on freebsd, but no such luck. If anyone has any ideas, pointers, products, or thwaps in the right direction, i'd appreciate them. Thanks Sean -- Sean Lutner | www: http://www.rentul.net e-mail: sean@rentul.net | gpg: http://www.rentul.net/sean.sig "Imagination is more important than knowledge." -- Albert Einstein To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011004220637.B525>