[ previous ] [ next ] [ threads ]
 
 From:  Alexander Goldstone <m0n0wall dash list at zander dot net>
 To:  Andrew Lewis <andrew at coastal dot com>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] LoadBalancing revisited
 Date:  Fri, 13 Feb 2004 16:12:29 +0000
Yep, that's exactly what i'm refering to...

That'll teach me for jumping in to the middle of a conversation - sorry.

Since I've brought it up though, is there any sort of demand for a
high-availability patch for M0n0wall (probably but not deffinately using
vrrpd)?

It's  just been pointed out that Astaro (astaro.com) has this (we're evaluating
firewalls to head up a web cluster at the moment) so it'd be nice to get it
into M0n0wall asap. I may give it a go over the weekend.


Quoting Andrew Lewis <andrew at coastal dot com>:

>
>
> Alexander Goldstone wrote:
> > I was separating load-balancing from failover therefore I was assuming
> failover
> > would be for a single WAN connection hence my mentioning state.
> >
> > Failover is something I am interested in and will at some point implement
> if

> now is
> > that my background is Linux (LVS / Heartbeat) and, prior to installing

> > http://www.bsdshell.net/hut_fvrrpd.html ) looks like it'll allow M0n0wall
> to
> > fail over nicely.
>
>
> I think you're referring to multiple m0n0wall units, in a high
> availability configuration?
>
> That's not quite what I'm referring to in my use of failover.  I am
> referring to using whatever WAN interface has solid connectivity.  In my
> case the upstream ISP may have a failure and I don't want to send any
> more packets their way.  It's not as simple as a close router failure,
> it could be a DDoS attack at their edge and even though I can talk to
> their network I can't get to the internet at large through them.  Hence
> the TCP/ping testing to something like google.com one each WAN interface
> to determine if it has healthy connectivity.
>
>
>