Has anybody tried virtualizing their PF and using features of ESXi for example?
On 12 December 2012 09:29, Morris, Andi <[email protected]> wrote: > I'm also very interested in the methods people use for PF HA. At the moment > I just have a spare PF box configured and ready to switch on should the > primary fail, but it's on my to-do list to get a proper HA setup. It's > interesting to ready that people aren't happy with the failover with DRDB. > > Cheers, > Andi > > -----Original Message----- > From: Luca Benassi [mailto:[email protected]] > Sent: 11 December 2012 21:42 > To: [email protected] > Subject: Re: [PacketFence-users] Poll (!): how do you HA your PF? > > On 11/12/2012 22:13, Jan Behrend wrote: >> On 12/11/2012 03:57 PM, Luca Benassi wrote: >>> We're running into production and I'm wondering which solution to >>> choose, so ... if you're running pf with at least some k clients ... >>> how have you achieved HA? >>> Docs says (for active/passive): >>> 1) DB on a remote partition (like a LUN on a SAN) >>> 2) DRDB >>> 3) remote DB server (in HA itself) >>> >>> Do you run one of this? >> >> 2 and 3 here. I am not happy with the failover, though, because while >> failing over, we might miss link down traps related to our floating >> network device setup. That would leave ports unprotected. I'd love >> an active/active setup. > > I'd love it too ... we have no floating device at the moment but > active/active would be great anyway. > I think we'll start via DRDB, so that we can really go into production, and > then we'll begin thinking about an active/active solution ... maybe :) Having > an A/A radius+dhcp+apache stuff is (quite) easy, the pain is always the DB :/ > I'd be glad to hear also the dev team ... maybe they have something in > roadmap, or maybe they "no! we tryed but at the moment it's impossible for > this and this reason". > >> I am not sure if two PF instances could be forced into working with >> the same (replicated) DB. >> I tried to have an external radius server just using the DB to keep >> the status quo on the switches if the PF service fails, but it turns >> out that the radius service heavily relys on a SOAP connection to the >> PF web server, which in turn would be the SPOF then :-( >> >> I am very much open for new ideas related to an active/active PF setup. >> I tried to start threads on this earlier but no input so far. I hope >> this one stays alive ... >> >> Cheers Jan > > I saw your post after writing mine, sorry (searching "HA" in my imbox gave me > a "prrrrrr" result). > > Luca > >> >> >> >> ---------------------------------------------------------------------- >> -------- LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free >> Trial Remotely access PCs and mobile devices and provide instant >> support Improve your efficiency, and focus on delivering more >> value-add services Discover what IT Professionals Know. Rescue >> delivers http://p.sf.net/sfu/logmein_12329d2d >> >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > -- > Dr. Luca Benassi > Laboratori Guglielmo Marconi > Via Porrettana 123, 40037 Pontecchio BO - ITALY > Phone:+39-0516781934 Fax:+39-051846479 e-mail: [email protected] Systems & > Networks Division > > ------------------------------------------------------------------------------ > LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely > access PCs and mobile devices and provide instant support Improve your > efficiency, and focus on delivering more value-add services Discover what IT > Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ________________________________ > > From 1st November 2011 UWIC changed its title to Cardiff Metropolitan > University. From the 6th December 2011, as part of this change, all email > addresses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All > emails sent from Cardiff Metropolitan University will now be sent from the > new @cardiffmet.ac.uk address. Please could you ensure that all of your > contact records and databases are updated to reflect this change. Further > information can be found on the website > here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> > > Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan > Caerdydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost > sy'n cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a > ddanfonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o‘r cyfeiriad > @cardiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich > cofnodion cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o > wybodaeth ar y wefan > yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> > > ------------------------------------------------------------------------------ > LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial > Remotely access PCs and mobile devices and provide instant support > Improve your efficiency, and focus on delivering more value-add services > Discover what IT Professionals Know. Rescue delivers > http://p.sf.net/sfu/logmein_12329d2d > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Primož Marinšek ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
