[Seattle-SAGE] VRRP or CARP on a bridge interface?
atom.powers at gmail.com
Wed Dec 7 12:50:38 PST 2005
I want a firewall between the 'net and my dmz, but I don't want to put
another router in there. So I figured I would use a bridge, but I
would like to have some redundancy in there.
CARP, with pfsync, should be able to do firewall redundancy quite nicely.
Actually, I may have to use routers; or static routes on all the servers (ick).
On 12/7/05, Cere Davis <ceremona at gmail.com> wrote:
> I like the nature of your question but have a hard time answering it without
> understanding the motivation for it. Could you explain what you are trying
> to do? Two firewalls (for failover/loadbalancing) with CARP?
> On 12/7/05, Atom Powers <atom.powers at gmail.com> wrote:
> > Does anybody have experience with CARP and/or VRRP to make bridging
> > firewalls redundant?
> > Would spanning-tree be sufficient to prevent a broadcast storm? (With
> > or without CARP/VRRP.)
> > --
> > --
> > Perfection is just a word I use occasionally with mustard.
> > --Atom Powers--
> > _______________________________________________
> > Members mailing list
> > members at lists.seattle-sage.org
> > http://lists.seattle-sage.org/mailman/listinfo/members
> Cere Davis
> ceremona at gmail.com
> GPG Key: http://staff.washington.edu/cere/pubkey.asc
> GPG fingerprint (ID# 73FCA9E6) : F5C7 627B ECBE C735 117B 2278 9A95 4C88
> 73FC A9E6
Perfection is just a word I use occasionally with mustard.
More information about the Members