Iptables, Best choice in H.A.
Federico
egopfe at hotmail.com
Mon Nov 12 14:34:34 GMT 2001
----- Original Message -----
From: "Joseph Mack" <mack.joseph at epa.gov>
To: <lvs-users at LinuxVirtualServer.org>
Sent: Monday, November 12, 2001 3:12 PM
Subject: Re: Iptables, Best choice in H.A.
> Federico wrote:
>
> > A load balancing Firewall-Iptables-Cluster, so If an interface of one
node
> > goes down, the second interface keeps routing to other nets.
>
> I'm assuming you want an LVS'ed firewall with HA in orswe to handle
> the situation where 1 NIC goes down on a host, but otherwise
> the host (and the other NICs on it) are still functional.
Yes, I was meaning this "case" but, not only for nic problems, also devices
problems and many other.
>
> The chances of this happening I would expect small.
> Current computer hardware is reliable now and the items
> that fail the most are disks with moving parts. Even
> these are reliable nowadays, all failing near the end
> of their warantee period. I suggest changing out 3yr
> disks after 2yrs.
>
> The main use of HA is not for hardware failure but
> to allow planned maintenance without interruption to service.
Yes, also for this, if I want to change my firewall rules, and for anycase I
made an error, the "second" node will keep routing and firewalling.
> You will get more network interruptions than hardware failures
> until you reach a cluster with several 100nodes.
>
> Joe
>
> --
> Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> contractor to the National Environmental Supercomputer Center,
> mailto:mack.joseph at epa.gov ph# 919-541-0007, RTP, NC, USA
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
More information about the lvs-users
mailing list