Hi, i need some suggestions from you. The problem I have is decribed below:
i'm building network as it is drawn on pic http://devnet.pl/~pck/network.jpg . with isp1 and isp2 i have to set up BGP (i've got public AS) and i'm thinking to use openbgpd for this. to connect to ISP1 i have 1.1.1.4/30. .4/30 is IP for my router, .3/30 is for ISP1 router. to connect to ISP2 i have 2.2.2.4/30. .4/30 is IP for my router, .3/30 is for ISP2 router. for DMZ i've got public IPs /24, for example: 3.3.3.0/24. FW3 and FW4 are exactly the same machines, they've got 4 ethernets, for example: e0: 1.1.1.4/30 (ISP1) e1: 2.2.2.4/30 (ISP2) e2: 3.3.3.1/24 (ISP3) e3: for pfsync between FW3 and FW4 i want to set CARP on ISPs and DMZ side. is it possible? I have only one IP for connecting to ISP, so can i set 192.168.0.1/24 and 192.168.0.2/24 on e0 and then make hostname.carp0 with ip address 1.1.1.4/30? and something like this on ISP2 side. and how to compile this with openbgpd? will openbgpd work in master-slave technology? and second question is how can i resolve problem like this: i've got two machines in dmz (on public ip) which do the same (ie.: web servers): 3.3.3.40 3.3.3.41 and one of them dies, so redirect all traffic two the second machine. should i do it with rdr rule? like: rdr on $ext_e0 proto tcp from any to 3.3.3.40 port 80 -> 3.3.3.41 port 80 rdr on $ext_e1 proto tcp from any to 3.3.3.40 port 80 -> 3.3.3.41 port 80 or something else? thanks for any advice, p.
