Am Mittwoch, 5. November 2014, 17:15:23 schrieben Sie: > Hi there, > > I need to build a scenario with 2 linux servers (probably CentOS7) > acting as active/active firewall servers. What tools should I use? > I saw some articles with: > - conntrackd + keepalived > - conntrackd + corosync + pacemaker Why? There is not reasonable cause to build an active/active firewall from two nodes. Any single hardware is fast enough to filter the speed of a WAN connection you can afford. No need for load balanceing. If one server breaks, the other has to bear the whole load. So you have to design your hardware for the whole load. So please build an active/passive system. keealive makes the things very simple. If you have just the firewall, go for it. If you waht a little bit more, i.e. conntrackd and a squid with dependencies amongst all resources, go for pacemaker. > But, what is the most used/stable? > > > AND, if there is a chance, I have 4 lan networks (each one in a > different VLAN) and it should be good if I can set something like > "preffered master" to each one for load distribution, because I will > run SQUID in those servers too. > > I just need to know which way to go, so, I can learn the tools and > configure it all here. Mit freundlichen Grüßen, Michael Schwartzkopff -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Attachment:
signature.asc
Description: This is a digitally signed message part.
