Hello all I've built a Bridge Firewall between
Internet and the dmz for the company I work for.
I'd like to make it high available but I don't know
how to do it with Wackamole, or if I can do it.
The real problem is that the two network cards in the
bridge works in "promiscuous" mode, means that every
packet presentet to one interface goes on the other
and only the interface connected with the external
router has a real ip.
I've done this on FreeBSD 4.3 configured as Bridge,
then I use ipfw to filter the packets.
The ting I want to do is to put another identical
machine near the first but If they are available
togheter at the same time I will have duplications of
packets because they listens and pass everything
presented on their interfaces.
What I want is that when one is up and running the
other is not and when the first goes down the other
takes care of traffic.
This the scheme I want:
Internet
|
| 200.200.200.1
Router Cisco 2600
|
|
___________|_________
| |
|200.200.200.3 | 200.200.200.4
FreeBSD FreeBSD
Bridge/FW 1 Bridge/FW 2
| |
| |
|________DMZ__________|
can I do it with wackamole?
Any help would be appreciated,bye
______________________________________________________________________
Iscriviti al Meglio della Settimana, la newsletter di Yahoo!
Per saperne di piĆ¹ vai alla pagina: http://it.docs.yahoo.com/buongiorno.html
Internet and the dmz for the company I work for.
I'd like to make it high available but I don't know
how to do it with Wackamole, or if I can do it.
The real problem is that the two network cards in the
bridge works in "promiscuous" mode, means that every
packet presentet to one interface goes on the other
and only the interface connected with the external
router has a real ip.
I've done this on FreeBSD 4.3 configured as Bridge,
then I use ipfw to filter the packets.
The ting I want to do is to put another identical
machine near the first but If they are available
togheter at the same time I will have duplications of
packets because they listens and pass everything
presented on their interfaces.
What I want is that when one is up and running the
other is not and when the first goes down the other
takes care of traffic.
This the scheme I want:
Internet
|
| 200.200.200.1
Router Cisco 2600
|
|
___________|_________
| |
|200.200.200.3 | 200.200.200.4
FreeBSD FreeBSD
Bridge/FW 1 Bridge/FW 2
| |
| |
|________DMZ__________|
can I do it with wackamole?
Any help would be appreciated,bye
______________________________________________________________________
Iscriviti al Meglio della Settimana, la newsletter di Yahoo!
Per saperne di piĆ¹ vai alla pagina: http://it.docs.yahoo.com/buongiorno.html