[ previous ] [ next ] [ threads ]
 From:  Alexander Goldstone <m0n0wall dash list at zander dot net>
 To:  Andrew Lewis <andrew at coastal dot com>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] LoadBalancing revisited
 Date:  Fri, 13 Feb 2004 15:50:13 +0000
I was separating load-balancing from failover therefore I was assuming failover
would be for a single WAN connection hence my mentioning state.

Failover is something I am interested in and will at some point implement if

that my background is Linux (LVS / Heartbeat) and, prior to installing

http://www.bsdshell.net/hut_fvrrpd.html ) looks like it'll allow M0n0wall to
fail over nicely.


Quoting Andrew Lewis <andrew at coastal dot com>:

> Alexander Goldstone wrote:
> > I am not sure load balancing should be carried out by a firewall. Would it
> not
> > be better to have a dedicated firewall(S) for each connection.
> If you are describing separate hardware units I think that would
> increase the complexity of the whole thing exponentially.  I don't see
> how it would be worth it.
> > Automatic failover, however, would be good. Failover itself would be fairly
> > trivial to add unless you expected state to be kept. It would be a bit more
> > work to automatically update the configuration of the backup firewall as
> the
> > primary firewall was changed. It would be a much larger job to failover
> keeping
> > state.
> In my case each WAN link has a different IP subnet.  It wouldn't be
> possible to perform a stateful failover.