Redundant Failover Firewalls

[John Brooks]

I am needing to build two identical failover firewalls 
with openbsd, pf, pfsync, and carp. So far simple enough, 
with so many articles and examples available. All of these
are using NAT.

However, I am needing to use public IP's out of a /25 
allocation, without NAT. I have not been able to find any 
articles or examples that discuss doing this in a routed 
manner.

Two articles on redundant bridging firewalls seem to
be workable, but either need expensive switches or have
extended failover times of greater than 1 minute.

Can anyone point me towards articles or examples of
non-nat routing on OpenBSD?

--
John Brooks
[EMAIL PROTECTED] 

Re: Redundant Failover Firewalls

[Francisco Valladolid Hdez.]

hi, I hope will be usefuel for you.

http://www.kernel-panic.it/openbsd/carp/index.html

Best Regards.


--- John Brooks [EMAIL PROTECTED] wrote:

 I am needing to build two identical failover
 firewalls 
 with openbsd, pf, pfsync, and carp. So far simple
 enough, 
 with so many articles and examples available. All of
 these
 are using NAT.
 
 However, I am needing to use public IP's out of a
 /25 
 allocation, without NAT. I have not been able to
 find any 
 articles or examples that discuss doing this in a
 routed 
 manner.
 
 Two articles on redundant bridging firewalls seem to
 be workable, but either need expensive switches or
 have
 extended failover times of greater than 1 minute.
 
 Can anyone point me towards articles or examples of
 non-nat routing on OpenBSD?
 
 --
 John Brooks
 [EMAIL PROTECTED] 
 
 spamassassinexception
 



Fco.Valladolid Hdez.
[EMAIL PROTECTED]

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com