-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello All:
> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-freebsd- > [EMAIL PROTECTED] On Behalf Of Chuck Swiger > Sent: Monday, August 13, 2007 5:20 PM > To: Modulok > Cc: email@example.com > Subject: Re: Redundant network router setup? > > On Aug 13, 2007, at 4:59 PM, Modulok wrote: > > QUESTION: Is there a way to setup a redundant router, such that I can > > offload traffic from the primary router to another machine, without > > breaking TCP sessions? > > There are several ways of setting up such redundancy; the common case > which Cisco calls VRRP, you can use under FreeBSD as CARP. However, > this approach is limited to pure routing; it does not handle > replicating the NAT state tables: > > > BACKGROUND: I have a FreeBSD machine acting as a gateway, running > > natd(8) through ipfw(8). > > ...which you mention you are using. I don't know of any way to > provide redundancy for existing connections going via natd. > > -- > -Chuck This may require a bit of a modification, but we use two boxes running PF with CARP interfaces and PFSync to maintain state tables in the event of a failure. We use them in a failover setup but you can also set them up to load balance. In either case, PFSync takes care of the state tables quite well. Regards, Mike -----BEGIN PGP SIGNATURE----- Version: 9.6.2 (Build 2014) wsBVAwUBRsHT/PTXQhZ+XcVAAQjPfQgArkO3G5qh24lJnXtnLetSzrksWJpUKNFH RR5WFcV0lNU6hetY9/q4Y08Tx9Ltpo9foxI7yOrv6lJ7w/qombDOwBXZwhKCtpPu 22i6QQiY8zJcOTKUVJO9DMChaPsxuFj1saPdczZg2jgnFD4GkT91vqBJo0uJLDxd QHGwp4qGpdCml4CW7ZKSo8UwuoQTmHN59im5zZMkP84qUCq8B7PMKMVDRfMYFo/d fCASiWoKAZ0g0a6zilV0qsgNdyLEl3M9YRF9UhXgyQqFlKcv/gEQkCgpAlssftZK n4wSw0g7Rh4GitoM+nKaSrKqCBxrZIx1VRtfscyh2SkrX9UQIorh2g== =QMRw -----END PGP SIGNATURE-----
_______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"