Hi, > > Hi to All! > > > > If I have this example configuration....: > > > > ROUTER1------- FW1-------- > > ----- LAN/Client > > ROUTER2-------FW2 -------- > > > > > > ROUTER1 = 80.0.0.0/29 > > ROUTER2 = 90.0.0.0/29 > > > > FW = Linux > > FW1 (LAN) = 192.168.0.253 > > FW2 (LAN) = 192.168.0.252 > > > > GW Client LAN = 192.168.0.254 (HA) > > > > ....can I use LinuxHA for this solution?
You could, but when you only want to do NAT from inside out, and port redirection from outsinde to internal servers, and want to have two different static routes, I do this with OpenBSD pf firewall and carp. In case of failover it only takes a second, the connection states (tcp, udp, whatever), are synchronized between the two nodes, and if you want to use it as IPsec VPN endpoint, IPsec flows and associations are synchronized too. So in case of a failover, nobody would recognize a broken connection. LinuxHA would take much more time to failover. When you need dynamic routing, OpenBSD comes with OpenBGPd and OpenOSPFd. But LinuxHA should work for that too, with a bit slower failover, and without the synchronized firewall and ipsec states. kind regards Sebastian _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
