On Tuesday, May 01, 2012 08:08:01 am Robert K Coffman Jr. -Info From Data Corp. wrote: > On 5/1/2012 2:59 AM, Simon Hobson wrote: > > My preference would be to keep at least one of them as a bare metal > > device. > > I agree with Simon. I haven't run Shorewall under Xen but I have run > virtualized routers and it wasn't worth losing internet connectivity if > I needed to take the host down for any reason. > > - Bob Coffman > That was why I was thinking of running 2 of them. For that reason I'm not considering where only 1 xen server is available. It would make a nasty maintenance situation in my situational where most everything is done remotely. Some sort of solid ha would be essential. I'm thinking of something where both are hot on different ips and the "active" one would take over the official addresses. That way if at least one was up I could get in even if ha messed up. Then again one could do the same with 2 pcs.
On down side are those occasional situations where power goes out long enough to drain ups batteries. It would be nice if the router gets up first. Needless to say the best one can do it to configure the router domu to start first. Back to the pluses. Been using small pc's. working Ok. My biggest problem is some times they do not come back up after a long power outage. I think it's some sort of kvm issue. Our budget is small and it's hard to justify the cost of a server grade box and the old servers that are available are getting a bit questionable. The xen boxes are good reliable servers. John ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
