* Conntrack and high avaibility
@ 2003-09-16 15:26 Diego Woitasen
2003-09-17 15:04 ` Alex Ongena
0 siblings, 1 reply; 3+ messages in thread
From: Diego Woitasen @ 2003-09-16 15:26 UTC (permalink / raw)
To: netfilter-devel
I need a firewall with HA, transparent to the user, but i have the
problem of conntrack. When the stand-by firewall become active the
conntrack is started from zero (all connection must be establish again).
Exists a project to transfer conntrack information between firewalls?
If not? This is feasible to do it? If this is feasible i want to start
working on it.
Thanks!
--
Diego Woitasen
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Conntrack and high avaibility
2003-09-16 15:26 Conntrack and high avaibility Diego Woitasen
@ 2003-09-17 15:04 ` Alex Ongena
2003-09-17 15:22 ` Kovacs Krisztian
0 siblings, 1 reply; 3+ messages in thread
From: Alex Ongena @ 2003-09-17 15:04 UTC (permalink / raw)
To: diegows; +Cc: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 616 bytes --]
Hi,
We have the same problem and have not yet found a fix.
Are we the only ones ?
Alex
On Tue, 2003-09-16 at 17:26, Diego Woitasen wrote:
> I need a firewall with HA, transparent to the user, but i have the
> problem of conntrack. When the stand-by firewall become active the
> conntrack is started from zero (all connection must be establish again).
> Exists a project to transfer conntrack information between firewalls?
> If not? This is feasible to do it? If this is feasible i want to start
> working on it.
>
> Thanks!
--
Security check on this e-mail has been done by aXs GUARD
(http://www.axsguard.com)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Conntrack and high avaibility
2003-09-17 15:04 ` Alex Ongena
@ 2003-09-17 15:22 ` Kovacs Krisztian
0 siblings, 0 replies; 3+ messages in thread
From: Kovacs Krisztian @ 2003-09-17 15:22 UTC (permalink / raw)
To: Alex Ongena; +Cc: diegows, netfilter-devel
Hi,
Alex Ongena wrote:
> Hi,
> We have the same problem and have not yet found a fix.
> Are we the only ones ?
> Alex
> On Tue, 2003-09-16 at 17:26, Diego Woitasen wrote:
>
>>I need a firewall with HA, transparent to the user, but i have the
>>problem of conntrack. When the stand-by firewall become active the
>>conntrack is started from zero (all connection must be establish again).
>>Exists a project to transfer conntrack information between firewalls?
>>If not? This is feasible to do it? If this is feasible i want to start
>>working on it.
No, you're not alone at all. The need for a failover solution for
Netfilter is well known and understood. If you're interested in the
current state of design and development, take a look at
http://lists.netfilter.org/pipermail/netfilter/2003-September/046837.html
--
Regards,
Krisztian KOVACS
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-09-17 15:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-09-16 15:26 Conntrack and high avaibility Diego Woitasen
2003-09-17 15:04 ` Alex Ongena
2003-09-17 15:22 ` Kovacs Krisztian
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.