|
Hi all,
My question is not LVS specific, but if someone can help, it would be great
:)
I use at work a CheckPoint FireWall-1 cluster on 2 Solaris2.6/SPARC hosts +
1 Management console, and the high availibility of both internal and
external network interfaces is made by configuring on the 2 nodes the same
IP address/MAC address couple for the int/ext network interfaces. The
cluster is in a "ACTIVE/PASSIVE" mode when the interfaces are connected to
hubs (it doesn't work on switches because of the identical MAC adresses).
The hearbeat between the 2 nodes is provided by a third, trusted, network
interface with a different IP address on each node.
I don't know how CheckPoint made this, but when a node becomes unavailable
(external interface unplugged for example), the other node "take over"
immediately, without interupting http,https sessions or vpn sessions !
Because of the prohibitive cost of this solution, I have made some searches
on the web to find out how to do this with linux boxes and netfilter,
without success :(
So my question is: has someone already done this, and if yes, which tools
are needed ??
Thx all,
Lionel
|
