On Wed, Dec 21, 2016 at 12:41:43PM +0100, Frank White wrote: > Hi, does 2 nodes clustered openbsd firewall work with squid ? > is there any specific configuration ?
If squid on each node would have its own cache dir, ie. not sharing data, then pointing your clients to squid hostname linked to CARP IP should work, shouldn't it? If squid daemons on both nodes would share cache dir, then you should somehow prevent "failed" node not to continue to mess with storage. Typical solution is STONITH (shoot the other node in the head - ie. power fencing). Then you could maybe use ifstated to monitor CARP interface and start squid daemon if CARP IP is local. I would be also interested in solutions used by various OpenBSD users. j.
