On Mon, Nov 28, 2005 at 08:47:04AM -0800, edgar mortiz wrote:
> hey guys
>
> is there anyone here ever tried to put up a openbsd fail-over fw using 2
> obsd boxes connected to 2 different ISP's ?
> something like:
>
>
> ISP1 (66.77.204.10) ISP2 (207.110.9.10)
> | fxp0 | fxp0
> fwall0(firewall1-master) fwall1 (firewall2-backup)
> | |
> | |
> +------------------------------------+
> | (192.168.0.1) ip gw
> |
> + Internal-LAN +
>
>
> pardon my ascii description but .. it basically looks like that ..
>
> any comments or suggestions would be prettymuch appreciated
Why don't you just put a switch in front of the two firewalls, and then
do CARP (for firewall failover) plus some smart routing tricks (for ISP
failover - search the archives, I forgot the proper keywords)?
Joachim
