Hi, On Fri, 05.01.2007 at 02:15:34 +0100, Ingo Schwarze <[EMAIL PROTECTED]> wrote: > Toni Mueller wrote on Thu, Jan 04, 2007 at 10:50:01PM +0100: > > These are my main concerns: Will the hardware raid do any good in the > > x2200 series, and/or what's the current status with respect to the > > serial console? SAS is ok if that makes a difference. > > When building a firewall, also consider that RAID might not be > useful at all, that it might even be better avoided. > > If you really need to avoid downtime caused by hardware failures, you > ought to have two carp(4)ed machines, anyway - the disks are not the > only part prone to failure, after all.
this all was not my idea but the idea of the person who wants to have this machine. I'm interested in whether it works anyway because I might be interested in such a box later, too, albeit perhaps for other applications. > When one of the machines fails, switch it off, swap out the (single) > hard disk, install a new one, reinstall the system and go back to > carp. Ok, but experience shows that disks actually are the most common point of failure. Also, the prospective user has a weird setup that makes using CARP impossible (also not my idea). > What else could it be required for? Minimizing reinstallation time? > Installing a firewall should be done in less than half an hour, This is not my experience. Also, some travel would be incurred which significantly increases your "half an hour". > And how often do you expect you will have to do that? Frankly, my recent experiences with contemporary SATA disks (at least) suggest that I should expect such a thing to happen every 2-3 months. > In particular, how often compared to routine upgrades which have to > be done a few times in each year, anyway? Routine upgrades in this case are only done once per year unless there's a patch to add. > Hopefully, there is none, even if you plan some kind of "combo > style" - you should probably not combine your firewall with any > server processes handling valuable user data. You assume that I have full control over what's happening there, and/or unlimited budget, but I don't. Otherwise, there'd be quite a different setup. Best, --Toni++
