Re: cluster on firewall?
On Thu, Feb 06, 2003 at 03:09:34AM +0200, Haim Ashkenazi wrote:
> Now, since the firewall is the most critical host, I want to setup some
> kind of failsafe, so even if that host dies all the traffic will go
> through another host.
>
> Since I don't even have an idea where to start, I'll appreciate any
> ideas/comments/pointers to documentations, etc...
What you are looking for is called a High-Availability Cluster (HAC).
I don't maintain one myself, but have recently written a paper about HAC (only
in Polish, sorry), and it looks like there is some really nice software for
that.
Below are the links from my paper -- some dates are in Polish, but that
shouldn't be a problem.
[1] High-availability linux project, pazdziernik 2002. http://linux-ha.org/.
[2] Harald Milz (hm AT seneca.muc.de). Linux high availability HOWTO, grudzien
1998. http://www.ibiblio.org/pub/Linux/ALPHA/linux-ha/
High-Availability-HOWTO.html.
[3] Rudy Pawul (rpawul AT iso ne.com). Getting started with Linux-HA (heartbeat),
2000. http://linux-ha.org/download/GettingStarted.html.
[4] Alan Robertson (alanr AT unix.sh). Linux-ha APIs. Talk given at LWCE/NYC in
February, 2001. http://linux-ha.org/heartbeat/LWCE-NYC-2001/index. html.
[5] Alan Robertson (alanr AT unix.sh). Implementing HA servers on Linux a brief
tutorial on the Linux-HA heartbeat software. http://linux-ha.org/
heartbeat/DevDen2002.pdf.
[6] Steve Blackmon (steve.blackmon AT transtech.cc). High-availability file server
with heartbeat, 2001. http://www.samag.com/documents/s=1146/sam0109c/
0109c.htm.
[7] Ram Pai. Heartbeat API. http://linux-ha.org/heartbeat/heartbeat_api. html.
[8] Horms (Simon Horman) (horms AT verge.net.au). Fake home page, 2002. http:
//www.vergenet.net/linux/fake/.
[9] Alan Robertson (alanr AT suse.com). Linux-HA heartbeat system design, 2000.
http://www.linuxshowcase.org/2000/2000papers/papers/robertson/.
[10] Richard Ferri (rcferri AT us.ibm.com). Conversations: Introducing the open
clu-ster framework, wrzesien 2002. http://www.linuxjournal.com/article.php?
sid=6143.
[11] Ip load balancing (piranha), 2002. http://www.redhat.com/software/
advancedserver/technical/piranha.html.
[12] Linux virtual server home page. http://www.linuxvirtualserver.org/.
[13] Joseph Mack (jmack AT wm7d.net). LVS-mini-HOWTO, listopad 2002.
http://www.linuxvirtualserver.org/Joseph.Mack/mini-HOWTO/ LVS-mini-HOWTO.html.
[14] mon home page, 2002. http://www.kernel.org/software/mon/.
[15] Keepalived home page, 2002. http://keepalived.sourceforge.net/.
[16] RFC2338 virtual router redundancy protocol. http://www.ietf.org/rfc/
rfc2338.txt.
[17] Alexandre Cassen (acassen AT linux vs.org). Keepalived user guide, 2002.
http: //keepalived.sourceforge.net/pdf/UserGuide.pdf.
[18] Horms (Simon Horman) (horms AT verge.net.au). Creating linux web farms (linux
high availability and scalability), listopad 2000. http://verge.net.au/linux/
has/.
[19] Horms (Simon Horman) (horms AT verge.net.au). Ultra monkey project home page,
2002. http://www.ultramonkey.org/.
[20] Inc Mission Critical Linux. Mission critical linux website, 2002.
http://www. missioncriticallinux.com/.
[21] Mission critical linux to deliver the first clustering solution
specifically developed for e-commerce, marzec 2002.
http://linuxpr.com/releases/1488.html.
[22] Motorola Computer Group. Advanced high availability services for linux,
2002. http://mcg.motorola.com/cfm/templates/swdetail.cfm?PageID=
682&PageTypeID=10&SoftwareID=6&ProductID=202.
[23] Charles de Tranaltes. The road to six nines (6NINES) availability, luty
2002. http://mcg.motorola.com/wp/index.cfm?pagetypeid=35&source=6.
[24] HP high-availability software, 2002. http://www.hp.com/products1/unix/
highavailability/.
[25] Global filesystem home page. http://www.globalfilesystem.org/.
[26] Alan Robertson (alanr AT us.ibm.com). Resource fencing using STONITH. http:
//linux-ha.org/heartbeat/ResourceFencing_Stonith.html.
[27] Non-stop authentication with linux clusters. http://www-1.ibm.com/
servers/esdd/articles/linux_clust/index.html.
[28] Coda filesystem home page, 2002. http://www.coda.cs.cmu.edu/.
[29] Inter Mezzo filesystem home page, 2002. http://inter-mezzo.org/.
[30] Bill von Hagen (vonhagen AT vonhagen.org). Using the InterMezzo distributed
filesystem getting connected in a disconnected world, 2002. http://www.
linuxplanet.com/linuxplanet/reports/4368/1/.
[31] OCF. Open Cluster Framework project home page, 2002. http://opencf. org/.
[32] VA Cluster Manager project home page, 2002. http://vacm.sourceforge. net/.
[33] Philipp Reisner (philipp.reisner AT gmx.at). DRBD home page, 2002. http:
//www.complang.tuwien.ac.at/reisner/drbd/.
[34] Pavel Machek. NBD project home page. http://nbd.sourceforge.net/.
[35] Peter Breuer. Enhanced NBD project home page. http://www.xss.co.at/
linux/NBD/.
Marcin
--
Marcin Owsiany <porridge@debian.org> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Reply to: