It should also be noted that CARP doesn't work with bridged interfaces,
so if you want CARP (which for a data center environment, you probably
do) you'll want to use the setup that Chris suggested.
Chris Daniel wrote:
If you think you will ever need failover using CARP, 1:1 NAT with
virtual IPs is the way to go. A filtering bridge is nice, and yes, a
bit easier, but you can't implement failover with it under pfSense.
Either way you go, it's essentially the same procedure with regard to
maintaining firewall rules. I can't speak to the Asterisk issue, but
maybe someone else can chime in on that.
Ugo Bellavance wrote:
Hi,
I'm about to have a few servers in the same half-rack in a
datacenter and I'm thinking about the best setup possible for that:
- Filtering Bridge
- 1-to-1 NAT
- Other???
I'm especially affraid of Asterisk (SIP) behind a 1-to-1 NAT. I don't
know exactky what are the pros and cons of each. I guess a filtering
bridge is easier to install, and we configure the hosts behind with
public IP addresses and it is easier to forget a host unprotected...
Any opinions on this?
Regards,
Ugo
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]