On 8/2/06, ben <[EMAIL PROTECTED]> wrote:
I'm using a pf to round-robin redirect incoming requests (in this case
http) to a pf address pool.
I'm using pf to perform redirection in this situation instead of using
a proxy specifically to avoid the source addresses in the log files as
being that of the proxy server. I'm aware of tools that process logs
from the proxy and from apache and produce rewritten apache logs with
the correct IPs, but for various reasons it wouldn't be an acceptable
solution.
I need a way to monitor the boxen in the address pool for availablity
and rewrite the pf rules accordingly. In other words, if a box or it's
services die it needs to be removed from the pool.
I'm trying to go for as simple and as generic a solution as possible.
And I intend to use it in the future with other services, not just
http.
CARP comes very close to solving the problem, but it's not specific to
individual tcp ports afaik. So it would help if a box becomes
completely unreachable, but if only the service stops working it's not
that useful.
Essentially I'm looking for a very simple daemon that can monitor
services on several machines and trigger pfctl when the availablity of
the services changes.
It's been suggested to me that the Linux-HA/heartbeat package may have
what I'm looking for, but from what I can tell it's never successfully
run on OpenBSD.
Any thoughts, suggestions or pointers would be very appreciated.
slbd - http://slbd.sourceforge.net/ might be what you're looking for.
The CVS code has numerous fixes that aren't in the 1.2 release.
Disclaimer: I'm the current maintainer (but not the author) of that code.
--Bill
