SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 05:28 AM
| ||||
| ||||
 Re: Firewall Failover with pfsync and CARP Hi, we are using carp + pfsync + vlan in order to realize a cluster of firewall and to prevent also the eventual breach of one net card. A system has been revealed much stable although it has not still released in stable version. Andrea. Daniel Hartmeier wrote: > OpenBSD developer Ryan McBride <mcbride@openbsd.org> explains the new > firewall redundancy features in the upcoming OpenBSD 3.5 release[1] > in his article > > Firewall Failover with pfsync and CARP > http://www.countersiege.com/doc/pfsync-carp/ > > CARP (Common Address Redundancy Protocol) is a free alternative to the > patent-encumbered VRRP, responsible for electing masters in a firewall > cluster, while pfsync syncronizes packet filter state information among > nodes. > > The combination allows to replace single-point-of-failure firewalls with > clusters of two (or more) nodes, which continue to filter ongoing and new > connections when nodes fail. Additional features like arpbalance allow to > share a single IP address for multiple servers, transparently balancing > load among them, and adapting to servers failing. > > Pre-order[2] for OpenBSD 3.5 has started, CDs will ship May 1st. > > Daniel > > [1] http://www.openbsd.org/35.html > [2] http://www.openbsd.org/orders.html -- ++++++++++++++++++++++++++++++++++++ Scoobynux - scoobynux(AT)virgilio.it Powered by SuSE Linux 9.0 Linux Registered User #286651 Linux Registered Machine #168409 ++++++++++++++++++++++++++++++++++++      |
Linear Mode
