Use CARP, it is best and try to set up it on OpenBSD. On linux it is ucarp, but I would recommend OpenBSD + CARP Regards, Elvir Kuric On Mon, May 25, 2009 at 3:35 PM, Eduardo Sachs <edu.sachs@xxxxxxxxx> wrote: > Well!! > > I will create a ambient of firewall active/passive. > > But, what better program to do this? Heartbeat? VRRP? UCARP? Keepalived? > > Thanks! > > 2009/5/25 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>: >> Eduardo Sachs wrote: >>> Hi Friends! >>> >>> I'm looking for firewall solution for active/active, the clients use >>> the firewalls randomly. >>> >>> The conntrackd help me to replicate the state of the connection. >>> >>> What help to "load balance" the firewalls? >> >> Have a look at the "cluster match" in the git tree: >> >> http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=cd958a6c92c84095a439780b53832bb3aae2d512 >> >> It will be available in 2.6.30. I'm still finishing some user-level >> documentation about it. The integration with conntrackd is also on the way. >> >> -- >> "Los honestos son inadaptados sociales" -- Les Luthiers >> -- >> To unsubscribe from this list: send the line "unsubscribe netfilter" in >> the body of a message to majordomo@xxxxxxxxxxxxxxx >> More majordomo info at http://vger.kernel.org/majordomo-info.html >> > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
