RE: Redundant network router setup?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello All: > -Original Message- > From: [EMAIL PROTECTED] [mailto:owner-freebsd- > [EMAIL PROTECTED] On Behalf Of Chuck Swiger > Sent: Monday, August 13, 2007 5:20 PM > To: Modulok > Cc: freebsd-questions@freebsd.org > Subject: Re: Redundant network router setup? > > On Aug 13, 2007, at 4:59 PM, Modulok wrote: > > QUESTION: Is there a way to setup a redundant router, such that I can > > offload traffic from the primary router to another machine, without > > breaking TCP sessions? > > There are several ways of setting up such redundancy; the common case > which Cisco calls VRRP, you can use under FreeBSD as CARP. However, > this approach is limited to pure routing; it does not handle > replicating the NAT state tables: > > > BACKGROUND: I have a FreeBSD machine acting as a gateway, running > > natd(8) through ipfw(8). > > ...which you mention you are using. I don't know of any way to > provide redundancy for existing connections going via natd. > > -- > -Chuck This may require a bit of a modification, but we use two boxes running PF with CARP interfaces and PFSync to maintain state tables in the event of a failure. We use them in a failover setup but you can also set them up to load balance. In either case, PFSync takes care of the state tables quite well. Regards, Mike -BEGIN PGP SIGNATURE- Version: 9.6.2 (Build 2014) wsBVAwUBRsHT/PTXQhZ+XcVAAQjPfQgArkO3G5qh24lJnXtnLetSzrksWJpUKNFH RR5WFcV0lNU6hetY9/q4Y08Tx9Ltpo9foxI7yOrv6lJ7w/qombDOwBXZwhKCtpPu 22i6QQiY8zJcOTKUVJO9DMChaPsxuFj1saPdczZg2jgnFD4GkT91vqBJo0uJLDxd QHGwp4qGpdCml4CW7ZKSo8UwuoQTmHN59im5zZMkP84qUCq8B7PMKMVDRfMYFo/d fCASiWoKAZ0g0a6zilV0qsgNdyLEl3M9YRF9UhXgyQqFlKcv/gEQkCgpAlssftZK n4wSw0g7Rh4GitoM+nKaSrKqCBxrZIx1VRtfscyh2SkrX9UQIorh2g== =QMRw -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Redundant network router setup?
On Aug 13, 2007, at 4:59 PM, Modulok wrote: QUESTION: Is there a way to setup a redundant router, such that I can offload traffic from the primary router to another machine, without breaking TCP sessions? There are several ways of setting up such redundancy; the common case which Cisco calls VRRP, you can use under FreeBSD as CARP. However, this approach is limited to pure routing; it does not handle replicating the NAT state tables: BACKGROUND: I have a FreeBSD machine acting as a gateway, running natd(8) through ipfw(8). ...which you mention you are using. I don't know of any way to provide redundancy for existing connections going via natd. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Redundant network router setup?
QUESTION: Is there a way to setup a redundant router, such that I can offload traffic from the primary router to another machine, without breaking TCP sessions? BACKGROUND: I have a FreeBSD machine acting as a gateway, running natd(8) through ipfw(8). When maintenance time comes, the server is taken offline, causing every client who was dependent on it connectionless until I'm done monkeying around. I could hook up another server with an identical configuration and then just jack the cable from one machine to the other. This disconnects all clients momentarily, until they re-initiate their TCP connections. If we excuse it as a "computer glitch" no one gets too angry. Needless to say, there must be a better solution for high availability. Maybe this happens at the switch level? I don't know. Looking for pointers on how to set something like this up. Pointers, Ideas? -Modulok- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
