Le mer 12 oct 2005 13:37:55 EDT, David Coulson <david@xxxxxxxxxxxxxxxx>
à écrit :
Sebastien Guay wrote:
> My question is: will enabling proxy_arp on the active firewall and
> disabling it on the inactive be enough to route the traffic through the
> correct(active) firewall?
You use heartbeat and fake for that - It will update the ARP tables with
the new firewall MAC when failover occurs.
Maybe I understand it the wrong way (in that case it will be more a
Linux-HA question) but I will have two fully functionnal firewall.
From the ROUTER pov, a packet destined to SERVER can pass through FW1
as well as FW2. But it should only through FW1 OR FW2 (whichever is
active).
Am I wrong in assuming this?
Sébastien
--
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
