Re: binding services on carp
I got it, for those who don't know, you have to bind to the carp adresse but with a specific pf entry. rdr on $ExtIf proto tcp from any to carp0 port ftp tag FTPROXY - lo0 port 8021 pass in log on $ExtIf inet proto tcp from any to lo0 port 8021 flags S/SA keep state tagged FTPROXY Works like a charm ! Gotta love OpenBSD ! Nonviolence means avoiding not only external physical violence but also internal violence of spirit. You not only refuse to shoot a man, but you refuse to hate him. Rev. Martin Luther King Jr. On Wed, May 27, 2009 at 8:25 AM, Stephan A. Rickauer stephan.ricka...@ini.phys.ethz.ch wrote: On Tue, 2009-05-26 at 16:18 -0400, uday wrote: Hey guys, A quick question, is there a way to bind services to the carp interface ? You see I have an ftp-proxy running and I wanted to use carp since I'm already doing fail-over with PF. FTP client -- Redundant Firewall w/ftp-proxy -- Internal FTP-SERVER man ftp-proxy, see -a flag.
Re: binding services on carp
On Tue, 2009-05-26 at 16:18 -0400, uday wrote: Hey guys, A quick question, is there a way to bind services to the carp interface ? You see I have an ftp-proxy running and I wanted to use carp since I'm already doing fail-over with PF. FTP client -- Redundant Firewall w/ftp-proxy -- Internal FTP-SERVER man ftp-proxy, see -a flag.
binding services on carp
Hey guys, A quick question, is there a way to bind services to the carp interface ? You see I have an ftp-proxy running and I wanted to use carp since I'm already doing fail-over with PF. FTP client -- Redundant Firewall w/ftp-proxy -- Internal FTP-SERVER HTTP Client -- Redundant Firewall w/ Relayd -- Internal Apache Servers If carp is not suitable, does anyone have any experience implementing something like this ? Thanks for tips. UM Nonviolence means avoiding not only external physical violence but also internal violence of spirit. You not only refuse to shoot a man, but you refuse to hate him. Rev. Martin Luther King Jr.
