Alexander,

we have built-in support for clusters in fwbuilder 4. Here are links to the chapters of the Users Guide that describe how it works:

http://www.fwbuilder.org/4.0/docs/users_guide/clusters.html

http://www.fwbuilder.org/4.0/docs/users_guide/cluster-cookbook.html

--vk


On Mon, Feb 28, 2011 at 4:04 AM, Alexander Runge <runge@tuxmin.de> wrote:
Hi list,

I'm about to migrate a single FW host setup into
a HA-Cluster.

Studying Michael Schwartzkopff's excellent Howtos I wonder
whether it is really necessary to use up 3 IPs for
each segment (2 for the firewall hosts and one for the cluster).

Isn't it possible to simply set all but the management interfaces
to 0.0.0.0 and then have the cluster move around the real IP?
Maybe I could even shutdown the interfaces on the Slave?

The firewall script will get executed in case of a failover anyway,
so am I missing the obvious?

The background is that my firewall connects 12 segments. Some segments
are /30 nets with only 2 usable IPs which are already used up
(one by the firewall, the other by the next hop router).

So if the 0.0.0.0 solution would work it would save me a lot of
trouble because I don't administrate any of the next hop
routers and thus would like to avoid the necessary network resizing.



And finally: which minimal version of fwbuilder do I need in order
to get best cluster support?
I'm currently stuck with 3.0.7 (Debian Squeeze).


Cheers and thanks in advance for you answers,

alex

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in
Real-Time with Splunk. Collect, index and harness all the fast moving IT data
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business
insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion