On Mon, February 7, 2005 3:32 pm, srg said: > Hello: > > I am thinking about writing a small program in order to "copy" the > connections table from one machine to another machine. > The final purpose is configure the second machine as a "backup" machine > with linux-ha and if the primary fails then the backup will assume the > traffic WITHOUT LOOSING CONNECTIONS (the purpose is that from the point > of view of the clients and servers before/after the linux machines do > NOT need to reestablish the connections they have established before the > failure). > > What do you think that is the best way to do this? Well, my first guess is you are looking for ct_sync, that's _the_ netfilter-ha currently developped by Kristzian KOVACS and Harald Welte. Take a look at : http://svn.netfilter.org/cgi-bin/viewcvs.cgi/trunk/netfilter-ha/ Perhaps you'll get interested in giving some help on there. (Instead of reinventing the wheel) > > In the other hand... It is possible to do the same with IKE SA & IPSEC > SA (using pluto + kernel 2.6 built in ipsec) ? I don't know anything about it. > > Thanks and best regards > > Have a good day! Samuel
