Multiple Firewalls with ipfilter?
Eric L Howard
elh at outreachnetworks.com
Wed Mar 26 21:37:28 PST 2003
At a certain time, now past [Wed, Mar 26, 2003 at 03:57:18PM -0500], Michael Richards spake thusly:
> We're supposed to provide redundant firewall service. I'm wondering
> if anyone has ever tried to do this and if it's realistic. Basically
> 2 firewall machines hooked up so if one fails the other will
> transparently step in. I've googled it to death without much luck.
>
> The security issue here lies in that the 2 firewalls can't talk to
> each other. So if I'm keeping state on a connection then the second
> firewall has to know about that connection otherwise it will close if
> that firewall dies.
[admin at zechariah ports]# make search key=freevrrpd
Port: freevrrpd-0.8.4_1
Path: /usr/ports/net/freevrrpd
Info: This a VRRP RFC2338 Compliant implementation under FreeBSD
Maint: spe at bsdfr.org
Index: net
B-deps:
R-deps:
http://redundancy.redundancy.org/fbsd_lb.html
Though I've used VRRP quite a bit, I have not used the freevrrpd
implementation.
~elh
--
Eric L. Howard e l h @ o u t r e a c h n e t w o r k s . c o m
------------------------------------------------------------------------
www.OutreachNetworks.com 313.297.9900
------------------------------------------------------------------------
JabberID: elh at jabber.org Advocate of the Theocratic Rule
More information about the freebsd-security
mailing list