I was separating load-balancing from failover therefore I was assuming failover
would be for a single WAN connection hence my mentioning state.
Failover is something I am interested in and will at some point implement if
someone doesnít beat me to it. The only thing stopping me from diving in now is
that my background is Linux (LVS / Heartbeat) and, prior to installing
M0n0wall, Iíve not touched a FreeBSD box. However, fvrrpd (
http://www.bsdshell.net/hut_fvrrpd.html ) looks like it'll allow M0n0wall to
fail over nicely.
Quoting Andrew Lewis <andrew at coastal dot com>:
> Alexander Goldstone wrote:
> > I am not sure load balancing should be carried out by a firewall. Would it
> > be better to have a dedicated firewall(S) for each connection.
> If you are describing separate hardware units I think that would
> increase the complexity of the whole thing exponentially. I don't see
> how it would be worth it.
> > Automatic failover, however, would be good. Failover itself would be fairly
> > trivial to add unless you expected state to be kept. It would be a bit more
> > work to automatically update the configuration of the backup firewall as
> > primary firewall was changed. It would be a much larger job to failover
> > state.
> In my case each WAN link has a different IP subnet. It wouldn't be
> possible to perform a stateful failover.