RE: [leaf-user] Firewall failover

2005-05-27 Thread Jaime Nebrera 
  Hi,

> http://svn.netfilter.org/cgi-bin/viewcvs.cgi/trunk/netfilter-ha/
> 
> You want ct_sync, or connection tracking syncronization.  I am not sure what
> it's status really is, but I think it is in 'testing' or 'works for me'.

  Yep, all of you agreed on this solution. It seems active know, it
would be just a matter of investigating it a bit more.

  Thanks !!

-- 
Jaime Nebrera - [EMAIL PROTECTED]
Consultor TI - ENEO Tecnologia SL
Telf.- 95 455 40 62 - 619 04 55 18



---
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Firewall failover

2005-05-25 Thread Peter Mueller 
>   We are investigating on firewall failover design. I have 
> searched the net and found that projects like LVS have it 
> mostly solved for their side but that netfilter lacks it.
> 
>   Of course, a simple failover of the firewall is available 
> using things like VRRP (KeepAlive software) but without state 
> syncronization, and that is preciselly the part we need to 
> investigate.
> 
>   Is this issue solved in netfilter? How? Any ideas? Does it 
> work with kernel 2.4?
> 
>   Bear in mind I'm not talking about ISP redundancy but the 
> firewall itself, if possible set as an active/active failover 
> solution.

http://svn.netfilter.org/cgi-bin/viewcvs.cgi/trunk/netfilter-ha/

You want ct_sync, or connection tracking syncronization.  I am not sure what
it's status really is, but I think it is in 'testing' or 'works for me'.

Regards,

P



---
SF.Net email is sponsored by: GoToMeeting - the easiest way to collaborate
online with coworkers and clients while avoiding the high cost of travel and
communications. There is no equipment to buy and you can meet as often as
you want. Try it free.http://ads.osdn.com/?ad_idt02&alloc_id135&op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Firewall failover

2005-05-25 Thread Jaime Nebrera 
  Hi all,

  We are investigating on firewall failover design. I have searched the
net and found that projects like LVS have it mostly solved for their
side but that netfilter lacks it.

  Of course, a simple failover of the firewall is available using things
like VRRP (KeepAlive software) but without state syncronization, and
that is preciselly the part we need to investigate.

  Is this issue solved in netfilter? How? Any ideas? Does it work with
kernel 2.4?

  Bear in mind I'm not talking about ISP redundancy but the firewall
itself, if possible set as an active/active failover solution.

  Thanks in advance. Regards.

-- 
Jaime Nebrera - [EMAIL PROTECTED]
Consultor TI - ENEO Tecnologia SL
Telf.- 95 455 40 62 - 619 04 55 18



---
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/