Re: LVS and fault-tolerant Firewall.

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: LVS and fault-tolerant Firewall.
From:	Joseph Mack <mack.joseph@xxxxxxx>
Date:	Tue, 16 Sep 2003 09:44:31 -0400

Kjetil Torgrim Homme wrote:

> >   Has anyone attempted/is currently running LVS as a pair of
> >   fault-tolerant firewalls?

> (Julian Anastasov is working on making LVS integrate with Netfilter.
> LVS passes on the packets before firewall rules are applied.  if the
> code is completed, Netfilter integration will be an option since the
> performance penalty is quite noticable.)

Currently running a firewall doesn't fit well with being a director.

http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO.patches.html#firewall_on_director

However as Kjetil says, I will be an option sometime.

There are people who believe that firewalls should be modular and not
run on machines doing other jobs

Joe

-- 
Joseph Mack PhD, High Performance Computing & Scientific Visualization
SAIC, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
LVS and fault-tolerant Firewall., mb Re: LVS and fault-tolerant Firewall., Kjetil Torgrim Homme Re: LVS and fault-tolerant Firewall., Joseph Mack <= Re: LVS and fault-tolerant Firewall., mb RE: LVS and fault-tolerant Firewall., James Miller Re: LVS and fault-tolerant Firewall., Joseph Mack Re: LVS and fault-tolerant Firewall., Justin Kreger

Previous by Date:	Re: LVS and fault-tolerant Firewall., Kjetil Torgrim Homme
Next by Date:	Re: Expected Failover Time and Configuration Limits., pb
Previous by Thread:	Re: LVS and fault-tolerant Firewall., Kjetil Torgrim Homme
Next by Thread:	Re: LVS and fault-tolerant Firewall., mb
Indexes:	[Date] [Thread] [Top] [All Lists]