[ previous ] [ next ] [ threads ]
 
 From:  "Jason Grimm" <jason dot grimm at freedomlink dot net>
 To:  "Mitch \(WebCob\)" <mitch at webcob dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] m0n0 hacking questions
 Date:  Fri, 23 Apr 2004 07:34:42 -0400
I have some experience with HA on Linux, BSD, and proprietary devices like
the Nokia and Cisco platforms that is similar to what is being described
here.  Ultimately I ended up going with Riverstone and Foundry solutions
that are dedicated to HA / Layer 4 Switching / Virtual IP / Heartbeat type
technology and let my linux and bsd boxes do what they are best at doing.
Yeah, it's off the shelf and a bit expensive, and probably not the answer
you're looking for, but for me it was worth it.  I didn't incur the cpu
overhead on my servers and I didn't have one-off configurations every time I
wanted to load balance a service or give a virtual IP to something.

Just my .02,

Jason Grimm
jason dot grimm at freedomlink dot net

----- Original Message ----- 
From: "Mitch (WebCob)" <mitch at webcob dot com>
To: <Hilton at QuarkAV dot com>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, April 22, 2004 5:46 PM
Subject: RE: [m0n0wall] m0n0 hacking questions


>
>
> > -----Original Message-----
> > From: Hilton Travis [mailto:Hilton at QuarkAV dot com]
> > Sent: Thursday, April 22, 2004 1:22 PM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: RE: [m0n0wall] m0n0 hacking questions
> >
> >
> > Hi Barry,
> >
> > Assign the same IPs to both devices.  I know it can be done, however I
> > don't know how to achieve this successfully.  I have a mate who has done
> > this on a few networks he administers - he uses the same IP on two
> > machines for routing reasons, and configures routing tables so that its
> > not an issue.  This is not because these clients are short of IPs, tho -
> > one in particular owns a /24 and a /30 and uses - in total - two of
> > these IPs.  :)
> >
> > If you wish, I can speak to him and get him to reply.  Linux, tho, but
> > the theory should remain valid regardless of the OS involved.
> >
> > - HiltonT
> >
>
> Take a look for heartbeat for linux - part of the HA project - works for
> FreeBSD too - basically, both devices can have their own IP, and there is
> one or more floaters... the machine which is active issues ARP's for the
> floaters. I've done this for FreeBSD routers as well as web servers -
works
> like a charm - the purists (and I am a closet purist) are looking for
> stateful failover - which means that open TCP sockets would be kept
alive -
> and probably IPSec sessions too - that can be done on OpenBSD using PF and
> Carp - pf has been ported to newer FreeBSD 5.X, and I think carp works
there
> as well - no one I know of has it running on 4.9, which is why no one is
> playing with it on Mono yet (at least why I haven't ;-)
>
> No time yet to work on a backport - does this info help?
>
> Thanks.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>