From: Thomas Jacob <jacob@internet24.de>
To: Elvir Kuric <omasnjak@gmail.com>
Cc: Eduardo Sachs <edu.sachs@gmail.com>, netfilter@vger.kernel.org
Subject: Re: Firewall in Load Balance - Active/Active
Date: Wed, 27 May 2009 01:04:21 +0200 [thread overview]
Message-ID: <20090526230421.GA31716@internet24.de> (raw)
In-Reply-To: <1814bfe70905261139o3dfa9e65ue51626a61d0f4641@mail.gmail.com>
Danger. Possible flame bait ahead.
On Tue, May 26, 2009 at 08:39:02PM +0200, Elvir Kuric wrote:
> Use CARP, it is best and try to set up it on OpenBSD. On linux it is
> ucarp, but I would recommend
> OpenBSD + CARP
Given that the OP was looking for an active/active solution and thus is presumably
interested in performance as well, I wonder why you would recommend
OpenBSD's pf+carp. In the last performance comparison I read some years back
pf was almost an order of magnitude slower than iptables at the time.
We for instance run a pair of OpenBSD boxen on some old 933 GHz P3s with
4 ste/Sundance ST201-NICs each and they basically don't even manage data
transfers at the full 100mbit/s.
Stability?
Features?
Security?
Just curious...
prev parent reply other threads:[~2009-05-26 23:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-25 11:46 Firewall in Load Balance - Active/Active Eduardo Sachs
2009-05-25 12:13 ` Marek Kierdelewicz
2009-05-25 12:29 ` Eduardo Sachs
2009-05-25 14:57 ` Marek Kierdelewicz
2009-05-25 13:04 ` Pablo Neira Ayuso
2009-05-25 13:35 ` Eduardo Sachs
2009-05-25 13:57 ` Покотиленко Костик
2009-05-25 14:13 ` Choices for virtual IP failover (was Re: Firewall in Load Balance - Active/Active) Thomas Jacob
[not found] ` <000b01c9dd44$c81bf5c0$5853e140$@bourke@mobileinternet.com>
2009-05-25 14:31 ` Thomas Jacob
[not found] ` <000001c9dd57$5f2ae630$1d80b290$@bourke@mobileinternet.com>
2009-05-25 17:47 ` Thomas Jacob
2009-05-25 14:58 ` Tore Anderson
2009-05-25 15:27 ` Thomas Jacob
2009-05-26 18:39 ` Firewall in Load Balance - Active/Active Elvir Kuric
2009-05-26 23:04 ` Thomas Jacob [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090526230421.GA31716@internet24.de \
--to=jacob@internet24.de \
--cc=edu.sachs@gmail.com \
--cc=netfilter@vger.kernel.org \
--cc=omasnjak@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.