[Shorewall-users] Shorewall and Keepalived

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi Shorewall and Tom,

I have a two node setup with shorewall of course.

Each node has both public and private interfaces, and there is a public
and private VIP (virtual ip) that goes back and forth based on
keepalived.

I also have a br0 device on each node which are connected by a vpn tap0
device. (Creating a big layer-2 network). The br0's are 192.168.123.1
and 192.168.123.2, with a VIP of 192.168.123.253 (that goes back and
forth too).

The problem I'm having is that the VIP gets added to an interface
usually after shorewall has already started, and things on that
interface don't work properly until I do a shorewall reload or restart.
Naturally I could get my keepalived script to run this in a script, but
I was hoping there was a shorewall setting.

Thanks in advance,

James