12 Feb
2009
12 Feb
'09
3:27 p.m.
Fabian Arrotin napsal(a):
I've already used Heartbeat between two centos machines acting as gateway/iptables firewall and it worked perfectly. The only 'problem' is that iptables connection status is of course not shared between the two nodes. Never used shorewall though.
Fabian, there's a way to share - conntrackd. http://fs12.vsb.cz/hrb33/el5/hrb-fw/stable/i386/repodata/repoview/conntrack-... But I'd prefer BSD CARP like pfSense, see http://blogfranz.blogspot.com/2008/12/is-conntrackd-really-pfsynccarp-for.ht... Regards, David Hrbáč