In a message dated: Wed, 12 Jul 2000 23:07:17 EDT
Jeffry Smith said:
>LVS was developed by Wensong Zhang <wensong at iinchina.net>, homed at
>www.linuxvirtualserver.org, and is the basis of Ultramonkey and
>Piranha. It's designed for doing redirection of web requests (let's
>see how good my text drawing is):
>
> ------------
> | firewall|
> ------------
> |
> ------------
> | |
> ------------- -------------
> |lvs director1||lvs director2|
> ------------- -------------
> | |
> ---------------------------------
> | | |
> ------------- -------------- ---------------
> |web server 1| |web server 2 | |web server 3 |
> ------------- -------------- ---------------
This is the way things are usually done with LVS, though I don't see why you
couldn't do:
I
------
| R |
------
|
|
------------- -------------
| Firewall | | Failover FW |
------------- -------------
|
--------------
Internal LAN
You'd have 3 IP addresses involved:
1. The Virtual IP that gets arped to the router
2. The Real IP of the Active FW
3. The Real IP of the Passive/Failover FW
In the case of the primary failing, the secondary should take over, and
provide a gratuitous arp to the router advertising the Virtual IP of the
firewall.
I can't see any reason why this wouldn't work. I've done similar things here
using LVS, just not for firewalls.
--
Seeya,
Paul
----
"I always explain our company via interpretive dance.
I meet lots of interesting people that way."
Niall Kavanagh, 10 April, 2000
If you're not having fun, you're not doing it right!
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************