Re: Linux Firewall Active/Active - Michael Schwartzkopff

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Michael Schwartzkopff <ms@sys4.de>
To: Ricardo Klein <klein.rfk@gmail.com>
Cc: netfilter <netfilter@vger.kernel.org>
Subject: Re: Linux Firewall Active/Active
Date: Wed, 05 Nov 2014 20:57:43 +0100	[thread overview]
Message-ID: <3816734.MmmqxbeP6W@nb003> (raw)
In-Reply-To: <CADuigkUu8wRJa-CqRNczJ009PPeDbnsu4jAarx2GuvwJygenPQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1076 bytes --]

Am Mittwoch, 5. November 2014, 17:50:05 schrieb Ricardo Klein:
> Michael,
> 
> thanks for your repply, I forgot to mention that each one are in
> different places, so I wanted to set each local network to use the
> nearest firewall. And yes, I will have a hardware that can handle the
> whole network.

Do you have a layer 2 connection between both locations? Or do you do some 
dynamic routing changes in the case of a failover?
 
> But, why not active/active?  (sorry for the silly question, if you can
> just point me to any good source I can read about, its ok, no need to
> waste your time with this)

Source: Common sense.

A load-balancing firewall makes things complicated. Keep it simple, so it will 
work reliable.


Mit freundlichen Grüßen,

Michael Schwartzkopff

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 230 bytes --]

next prev parent reply	other threads:[~2014-11-05 19:57 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-11-05 19:15 Linux Firewall Active/Active Ricardo Klein
2014-11-05 19:40 ` Michael Schwartzkopff
2014-11-05 19:50   ` Ricardo Klein
2014-11-05 19:57     ` Michael Schwartzkopff [this message]
2014-11-05 20:06       ` Ricardo Klein
2014-11-05 20:40 ` Arturo Borrero Gonzalez
2014-11-05 21:45   ` shawn wilson
2014-11-05 22:43     ` Paul Robert Marino
2014-11-05 23:55       ` Pablo Neira Ayuso
2014-11-06 14:37         ` Paul Robert Marino
2014-11-06 15:53           ` Pablo Neira Ayuso
2014-11-06 12:43   ` Robert Sander
2014-11-06 13:21     ` Arturo Borrero Gonzalez
2014-11-06 15:10       ` Paul Robert Marino

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3816734.MmmqxbeP6W@nb003 \
    --to=ms@sys4.de \
    --cc=klein.rfk@gmail.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.