From owner-freebsd-cluster@FreeBSD.ORG  Mon Aug  4 22:06:08 2003
Return-Path: <owner-freebsd-cluster@FreeBSD.ORG>
Delivered-To: freebsd-cluster@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 134DA37B401
	for <freebsd-cluster@freebsd.org>;
	Mon,  4 Aug 2003 22:06:08 -0700 (PDT)
Received: from lib-mail.library.uq.edu.au (lib-mail.library.uq.edu.au
	[130.102.42.79])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0384243F3F
	for <freebsd-cluster@freebsd.org>;
	Mon,  4 Aug 2003 22:06:07 -0700 (PDT)
	(envelope-from m.swinbourne@library.uq.edu.au)
Received: by lib-mail.library.uq.edu.au with Internet Mail Service
	(5.5.2650.21)	id <QHCTWBDV>; Tue, 5 Aug 2003 15:06:05 +1000
Message-ID: <2032706C9DA722478E91AB825B6695A95388@lib-mail.library.uq.edu.au>
From: Matthew Swinbourne <m.swinbourne@library.uq.edu.au>
To: "'freebsd-cluster@freebsd.org'" <freebsd-cluster@freebsd.org>
Date: Tue, 5 Aug 2003 15:06:05 +1000 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain
Subject: Cluster Software for HA/LB FreeBSD IPFilter Firewalls
X-BeenThere: freebsd-cluster@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Clustering FreeBSD <freebsd-cluster.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-cluster>,
	<mailto:freebsd-cluster-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-cluster>
List-Post: <mailto:freebsd-cluster@freebsd.org>
List-Help: <mailto:freebsd-cluster-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-cluster>,
	<mailto:freebsd-cluster-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Aug 2003 05:06:08 -0000

Hi All,

I've been looking around for a HA/Load Balancing solution for my FreeBSD
based ipfilter firewalls.  I would like to have two (or more) physically
separate servers performing filtering on multiple networks.  All systems
(nodes) in this cluster would have a common ipfilter rule set, and would be
able to bring up and down vlan interfaces as the cluster state dictated.

After a little net trawling I came across Andy Sporner's FreeBSD cluster
software. (Thanks Andy if you're listening)  I've had this running for a
while now and it works almost perfectly.  However, with one caveat, that is,
it only appears to allow Active/Passive cluster setups.

In the ultimate solution to my problem, the cluster would be Active/Active.
Obviously for load, and bandwidth balancing reasons.

The question therefore is, has anybody either grown their own solution to
this problem, found other open source software to do so, or hacked up Andy
Sporner's code to do so.  The later is what I'm thinking of doing.

Many thanks

Matt

Matthew Swinbourne
Manager, Network Services
University of Queensland Cybrary
St Lucia, QLD 4072
AUSTRALIA
m.swinbourne@library.uq.edu.au
http://www.library.uq.edu.au