On Wed, Aug 19, 2009 at 1:41 PM, Christopher M. Iarocci<[email protected]> wrote: > > > On Tue, Aug 18, 2009 at 9:28 AM, Veiko Kukk<[email protected]> > wrote: >> How should I configure pfsync if I want to use three machines? > > I'm curious why you might want such a setup. > > --Bill > [Christopher Iarocci] > > I was thinking the same exact thing. I could see having a 3rd machine > pre-configured to go in place should 1 fail, but to actively have 3 in > service I don't understand. The chances of 2 going bad at the same time > is probably nothing.
In environments where availability really matters, I run CARP on high end boxes that have redundant power supplies and hardware RAID (with hot spare), and hot swappable fans. The intent is to _never_ fail over, but have the hot spare box available in the event that a disaster really does impact the primary box we only take a small (usually unnoticed) hit during failover. I'm sure there's a good reason to have triple redundancy, but I can't think of a reason for it, where a few thousand dollars on higher end gear won't solve the same problem with less complexity. In running CARP clusters since CARP came out ohhhh 5? years ago or so now, I have yet to run into a situation where having more than two machines in the cluster (firewalls only here, not web servers and the like) would have bought me anything. Anything bad enough to take down the primary and the secondary would have impacted a tertiary (and I've only seen kernel bugs nail primary and secondary - our clusters are separated by about 2 miles of fiber). --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
