|
I'm planning to make a Linux Firewall Cluster running iptables.
I've some doubt, It's the first time for me to make a cluster.
My firewall box is for first a router, wich control routing between
different DMZs and LAN.
So I must keep routing for first, then firewalling.
I've found that an only heartbeat cluster, is not a REAL H.A. solution,
beacause if a selected interface goes down (there are many reason) the
heartbeat doesn't make the hypotetical second node to keep services. This
beacuse is hard to realize if a route goes down, not only interface... If
was only interface I've made a simple SNMP script that checks the interface,
but I must keep routing.
I've tough this way, and I wanna discuss them with yours.
A load balancing Firewall-Iptables-Cluster, so If an interface of one node
goes down, the second interface keeps routing to other nets.
Now I wanna now your opinions and if Virtual Server can help me to build
this kind of cluster.
Thank you in Advance
|
