On 5 November 2014 20:15, Ricardo Klein <klein.rfk@xxxxxxxxx> wrote: > Hi there, > > I need to build a scenario with 2 linux servers (probably CentOS7) > acting as active/active firewall servers. What tools should I use? > I saw some articles with: > - conntrackd + keepalived > - conntrackd + corosync + pacemaker > > But, what is the most used/stable? > I would recommend Debian, corosync + pacemaker. I guess an active-passive cluster will do the job. Setting up an active-active firewall cluster is very difficult and presents some challenges hard to face (like proper statefull filtering in two nodes simultaneously, and a consistent ruleset management between nodes of the cluster). -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
