[ previous ] [ next ] [ threads ]
 From:  Daniele Guazzoni <daniele dot guazzoni at gcomm dot ch>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  m0n0wall-failover
 Date:  Fri, 24 Dec 2004 00:24:15 +0100
Hash: SHA1


I'm working on a failover version of m0n0wall using freeVRRP.
The VRRP implementation is not a big issue, the headache part is the
configuration replica/synchronization between primary and secondary...

To synchronize the config I see 3 possibilities (of course there are
more...) which could be considered:
- - SSH / SCP
- - rsync
- - HTTP

I'm rather for the SSH/SCP for security reasons and also practicity.
Not only we would be able to copy/move config and other files from a
m0n0wall to the other but also shell commands could be remotely executed.
I'm thinking about reboot, priority-change in VRRP, ...

The rsync version would be the easiest but as-is rsync do not encrypt
traffic, so config changes (or the whole config during a push/get) would
pass as nice unencrypted XML file on the network...

For HTTP I see the same problem as m0n0wall does not force the admin to
use SSL for the GUI. Otherwise this would use the existing
backup/restore functions (with a few mods in regards of failover).


And this is the list of added functionality with the failover:

- - Of course hot-standby failover (active/passive cluster):
Each interface pair shares a virtual IP address / MAC address.
Interface status are binded togheter so a single interface failure will
cause VRRP to swap traffic to the secondary.

- - Smooth-reload functionality:
You can reload the cluster without loosing connectivity.
M0n0walls will reboot sequentially.
Will also be used for image upgrades

- - Replica-stop:
Breaks the configuration replica to provide fast recovery on
configuration changes.
You can change the config on the active device but keep the original
config on the passive device. In case of trouble you can switch the

- - Status-swap:
Force the primary to become secondary and vice-versa.

- - Enhanced status page:
On the status page you see at a glance the failover and replica status

One negative point is that VRRP will not work for dynamic assigned
addresses so only static configuration of WAN interface can be used.
Also to keep the configuration "straight" only identical devices can be
used, like 2 WRAP/Soekris or 2 PC with the same NICs, otherwise we would
need to map interface names and numbers between primary and secondary...

What does the list think about this ?
Any idea, hints, any obscure freeBSD port ?
I maybe need some help on PHP changes (I'm not a PHP guru...) any
volountier ?


- ------------------------------------------------------------------
Daniele Guazzoni

Senior Network Engineer, CCNP, CCNA

mail: daniele dot guazzoni at gcomm dot ch

PGP key ID 0xA8CC16F7
- ------------------------------------------------------------------
"Destiny is not a matter of chance, it is a matter of choice;
it is not a thing to be waited for, it is a thing to be achieved."
~                        William Jennings Bryan
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org