|
||||||||||
Yep, that's exactly what i'm refering to... That'll teach me for jumping in to the middle of a conversation - sorry. Since I've brought it up though, is there any sort of demand for a high-availability patch for M0n0wall (probably but not deffinately using vrrpd)? It's just been pointed out that Astaro (astaro.com) has this (we're evaluating firewalls to head up a web cluster at the moment) so it'd be nice to get it into M0n0wall asap. I may give it a go over the weekend. Quoting Andrew Lewis <andrew at coastal dot com>: > > > Alexander Goldstone wrote: > > I was separating load-balancing from failover therefore I was assuming > failover > > would be for a single WAN connection hence my mentioning state. > > > > Failover is something I am interested in and will at some point implement > if > > someone doesn’t beat me to it. The only thing stopping me from diving in > now is > > that my background is Linux (LVS / Heartbeat) and, prior to installing > > M0n0wall, I’ve not touched a FreeBSD box. However, fvrrpd ( > > http://www.bsdshell.net/hut_fvrrpd.html ) looks like it'll allow M0n0wall > to > > fail over nicely. > > > I think you're referring to multiple m0n0wall units, in a high > availability configuration? > > That's not quite what I'm referring to in my use of failover. I am > referring to using whatever WAN interface has solid connectivity. In my > case the upstream ISP may have a failure and I don't want to send any > more packets their way. It's not as simple as a close router failure, > it could be a DDoS attack at their edge and even though I can talk to > their network I can't get to the internet at large through them. Hence > the TCP/ping testing to something like google.com one each WAN interface > to determine if it has healthy connectivity. > > > |