Multiple Firewalls with ipfilter?
Giorgos Keramidas
keramida at ceid.upatras.gr
Thu Mar 27 03:24:39 PST 2003
On 2003-03-26 18:31, Michael Richards <michael at fastmail.ca> wrote:
> The problem here is really 2 pronged:
> 1) I need some means of realising that the firewall just died and
> transparently switching over to the backup or load balancing the two
> so if one dies the other takes up the slack.
>
> 2) I need a means of syncing the state info so existing connections
> won't be torn down if they end up going through the other firewall.
Hmmm, you could probably do some ingenious stuff with ipfs and a
shared disk partition, where the 'active' firewall save its state
periodically. When this falls over, the code that handles the switch
to the 'backup' machine could reload the state from the shared disk :)
More information about the freebsd-security
mailing list