On 12 Jul 2000, at 21:19, Kenneth E. Lussier wrote:
> What separates web farms, and most other internet services, from
> firewalls is that most internet servers don't really care what
> there IP address is, and neither does a client of that service.
> With a firewall, IP addresses are extremely important. Sure, you
> can write an IPChains script using domain names for most things,
> but an internal machine needs to know the IP address of the
> firewall, or an internal router needs to know it. So, in order to
> cluster a firewall, you would need one node to assume all IP addresses
> of the hung system, and you would need some way to kill the hung box
> so that there is no way it can come back up unexpectedly. If two
> firewalls suddenly exist on the same network with all of the same IP
> addresses, you have just found the most efficient way of taking down
> both the internal and external networks ;-) Cisco has a box called the
> Local Director that handles this, but as with all things Cisco, it
> costs. As for Open Source systems that do it, the names that I have
> heard tossed around are Ultramonkey (VA), Pirhanna (RedHat), LVS (??),
> and Kimberlite (MCLX).
>
> Kenny
I was going to mention using a Local Director earlier, but hesitated
because of the cost. Retail for a Local Director is ~$25,000!
Chad
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
