[clue-tech] routing / load-balancing help
Angelo Bertolli
angelo at freeshell.org
Tue Jul 1 09:36:48 MDT 2008
David L. Willson wrote:
> I have three DSL lines, three DSL brouters, two full servers, and miscellaneous ethernet
> gear. What is the most manly and effective way to get fully load-balanced redundancy
> here? Feel free to direct me to a man page, or any jumping-off point. Ideally, I want
> logging, auditing, and filtering of every byte the firewalls pass.
>
So this is a failover firewall? First, I'm thinking you need to get a
NAT and make sure you can get both servers using all three DSL lines.
Depending on how much bandwidth you have and what kind of NICs you have,
you may want to bind multiple etherfaces so you can get the max
throughput from your lines. (Bonded ethernet works great.) Then you
probably need some kind of monitoring tool, maybe Ganglia or just some
netcat scripts. Once you set up something that can safely detect that
the main firewall has gone down, you can invoke a script on the
secondary firewall to bring up the interfaces, effectively replacing the
first firewall.
Angelo
More information about the clue-tech
mailing list