[Fedora] Re: Failover setup

Rick Stevens rstevens at internap.com
Tue Apr 17 20:26:57 UTC 2007 

On Tue, 2007-04-17 at 14:09 -0600, Ashley M. Kirchner wrote:
> Rick Stevens wrote:
> > You still have a single point of failure
> > (the Linux box), but you have redundant broadband links.
> >   
>     Guys, the problem isn't the lines going down.  We have a Cisco 
> router handling two T1s coming in and it does just fine whenever some  
> idiot contractor decides to slice a cable somewhere in town.  That's not 
> where my problem is.  My problem is the firewall that sits between the 
> Cisco and our internal network.  That's what I'm trying to figure out 
> some kind of failover setup.

Oh.  Hmmm, that's a different nut to crack.  In almost all networks,
there's one single point of failure, typically the router or the
firewall (or combo).

Again, using Linux you can set up two firewall/routers and they can
monitor each other.  If one goes down, the survivor takes over the IP
addresses of the failed unit and keeps on going.  Do a google search on
"linux +high availability" and you'll see some possible ways to do it.

Now your SPOF becomes the Cisco router and a Linux HA cluster can be
used to address that if needed.  Then again, there comes a point where
the cure is more painful than the illness.  That's a call you have to
make.

> 
> -- 
> W | It's not a bug - it's an undocumented feature.
>   +--------------------------------------------------------------------
>   Ashley M. Kirchner <mailto:ashley at pcraft.com>   .   303.442.6410 x130
>   IT Director / SysAdmin / Websmith             .     800.441.3873 x130
>   Photo Craft Imaging                       .     3550 Arapahoe Ave. #6
>   http://www.pcraft.com ..... .  .    .       Boulder, CO 80303, U.S.A.
> 
----------------------------------------------------------------------
- Rick Stevens, Principal Engineer             rstevens at internap.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-       A squeegee, by any other name, wouldn't sound as funny.      -
----------------------------------------------------------------------

More information about the fedora-list mailing list