[PLUG] HA configuration

Ameet Tirodkar ameet.61 at gmail.com
Wed Oct 10 22:28:42 PDT 2007


Hi Pranav,

Thanks for your reply.

Actually i am working in GajShield Infotech. We have already developed
firewall. In our Firewall there is one option HA. For HA we are using
keepalived.

I am not having much idea about working of HA. I have to do some
modification in existing configuration of HA. That's why i would like
to know is the exact working of HA.

Can you provide me any documentation on HA with keepalived of
heartbeat and drbd?

Thanks,

Ameet Tirodkar.

On 10/11/07, Pranav Peshwe <pranavpeshwe at gmail.com> wrote:
> On 10/10/07, Ameet Tirodkar <ameet.61 at gmail.com> wrote:
> >
> > I want to configure two linux based firewall in HA
> > (High-Availability). Can anybody tell me what are the requirements for
> > the same.
>
>
> Hi Ameet,
>              Hardware or software requirements ?
> Considering software - heartbeat and drbd are widely used for software HA.
> They work well on popular linux distros.
> For a reliable HA config, you'll need <ideally> two exactly identical
> machines</ideally>, with either, two NICs each or one NIC and a serial port.
> Machines with only a NIC are _not_ enough for a serious HA deployment. A
> quorum device is recommended for critical deployments. Since its a firewall,
> IMHO, you'll be okay with ethernet (and not need gigabit eth or IB etc)
>
> Some questions (dont mind :) ) -
> Why exactly are you going for HA ? What do you think might fail ? How
> reliable are the other elements in your network ? How apart are you planning
> to install the two HA boxes(peers) ? same room ? different rooms ? different
> buildings ? different cities ? ..
> The configuration of your machines and their interconnection will depend
> upon what choice you make for the above questions.
>
> HTH.
>
> Best regards,
> Pranav
>
> ---------------------------------------------------------------------------------------
> Holding on to anger is like grasping a hot coal with the intent of throwing
> it at someone else.
> --
> ______________________________________________________________________
> Pune GNU/Linux Users Group Mailing List:      (plug-mail at plug.org.in)
> List Information:  http://plug.org.in/cgi-bin/mailman/listinfo/plug-mail
> Send 'help' to plug-mail-request at plug.org.in for mailing instructions.
>


-- 
TVD



More information about the plug-mail mailing list