Cluster Software for HA/LB FreeBSD IPFilter Firewalls

Matthew Swinbourne m.swinbourne at
Mon Aug 4 22:06:08 PDT 2003

Hi All,

I've been looking around for a HA/Load Balancing solution for my FreeBSD
based ipfilter firewalls.  I would like to have two (or more) physically
separate servers performing filtering on multiple networks.  All systems
(nodes) in this cluster would have a common ipfilter rule set, and would be
able to bring up and down vlan interfaces as the cluster state dictated.

After a little net trawling I came across Andy Sporner's FreeBSD cluster
software. (Thanks Andy if you're listening)  I've had this running for a
while now and it works almost perfectly.  However, with one caveat, that is,
it only appears to allow Active/Passive cluster setups.

In the ultimate solution to my problem, the cluster would be Active/Active.
Obviously for load, and bandwidth balancing reasons.

The question therefore is, has anybody either grown their own solution to
this problem, found other open source software to do so, or hacked up Andy
Sporner's code to do so.  The later is what I'm thinking of doing.

Many thanks


Matthew Swinbourne
Manager, Network Services
University of Queensland Cybrary
St Lucia, QLD 4072
m.swinbourne at

More information about the freebsd-cluster mailing list