nf_ct_tcp_be_liberal and a clustered bridge.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello, I'm working on a cluster of two bridge firewalls.
In many documents that talks about redundant firewalls (that you can
find googling around) you read that it is necessary to enable the option
nf_ct_tcp_be_liberal in the netfilter module to allow a better handling
of the connections takeover between the two nodes of the cluster.
Sure this statement is true for firewall with routing functions but is
also true for firewall with totally transparent bridges (without an IP)?

Thank you in advance.
 
-- 
Michele Codutti
Centro Servizi Informatici e Telematici (CSIT)
Universita' degli Studi di Udine
via Delle Scienze, 208 - 33100 UDINE
tel +39 0432 558928
fax +39 0432 558911
e-mail: michele.codutti at uniud.it

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux