[TriLUG] BSD/Linux firewall with multiple ISP and failover?

Jon Carnes jonc at nc.rr.com
Sat Jan 28 12:47:40 EST 2006


Good for you!

Maybe we can talk the SC into routing up someone (like Jason) to give us
a CARP talk - and include other Failover routines as well.

Jon

On Fri, 2006-01-27 at 14:38, Greg Brown wrote:
> That's what I'm hoping.  There is a lot of chatter on the M0no lists about
> supporting failover and it appears I do have a bit of time before I have to
> do something.  But just in case I'll think I'll be throwing OpenBSD on a
> machine this weekend..
> 
> Greg
> 
> On 1/27/06, Matt Pusateri <mpusateri at wickedtrails.com> wrote:
> >
> > Greg,
> >
> > A little more googling, and it appears carp was also ported to FreeBSD
> > in 2/05.  Since monowall is based on freebsd, and you already have
> > familiarity with that, you may be able to do it on FreeBSD instead of
> > OpenBSD.
> >
> > Matt
> >
> > On Fri, January 27, 2006 2:14 pm, Greg Brown wrote:
> > > Well, it's starting to look like an excellent opportunity to learn
> > > OpenBSD.
> > > Now if I could only get it to mount read-only from flash on a small,
> > > fanless
> > > four port box.  Mike Johnson, where are you?!?!? :)
> > >
> > > Greg
> > >
> > > On 1/27/06, David A. Cafaro <dac at trilug.org> wrote:
> > >>
> > >> I've got a friend Jason who does a lot of fail over firewall work
> > >> using
> > >> OpenBSD and carp/pf.  Check it out here:
> > >>
> > >> http://conferences.oreillynet.com/cs/os2005/view/e_sess/6475
> > >>
> > >> They have shown very good performance in a corporate environment.
> > >>
> > >> As for hardware, you might want to check out these people for the
> > >> machines to base your system off of:
> > >>
> > >> http://ironsystems.com/
> > >>
> > >> You should be able to get a couple of pretty beefy 1U systems to
> > >> build
> > >> up your redundant system with here. Take a look at the A-Class
> > >> iServers.
> > >>
> > >> -David
> > >>
> > >>
> > >> On Fri, 2006-01-27 at 11:13 -0500, Greg Brown wrote:
> > >> > Hey all.  I think I finally hit a dead-end with M0n0wall.  My
> > >> outer
> > >> banks
> > >> > client now requires fail over from the DSL Internet connection to
> > >> a 2nd
> > >> ISP,
> > >> > probably a cable modem.  My research indicates that M0n0 doesn't
> > >> support
> > >> > this yet.
> > >> >
> > >> > What are my options here besides something like a Cisco 2621xm
> > >> (WAY too
> > >> > expensive for this client)?  Does anyone know of an inexpensive
> > >> appliance
> > >> > that they have tested for fail over Internet?  Or can a BSD/Linux
> > >> box be
> > >> > built for this purpose?
> > >> >
> > >> > Greg
> > >>
> > >> --
> > >> TriLUG mailing list        :
> > >> http://www.trilug.org/mailman/listinfo/trilug
> > >> TriLUG Organizational FAQ  : http://trilug.org/faq/
> > >> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> > >>
> > > --
> > > TriLUG mailing list        :
> > > http://www.trilug.org/mailman/listinfo/trilug
> > > TriLUG Organizational FAQ  : http://trilug.org/faq/
> > > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> > >
> > >
> >
> >
> > --
> > TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ  : http://trilug.org/faq/
> > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> >




More information about the TriLUG mailing list