Hi, I've opened request based on our discussion and comments by Chiradeep: http://bugs.cloudstack.org/browse/CS-16131
And in a slightly related topic on VRR; VRR in basic zone: http://bugs.cloudstack.org/browse/CS-16132 Please post your comments/suggestion/design/behaviour. Thanks. Regards, Rohit On 21-Aug-2012, at 10:23 PM, Chiradeep Vittal <chiradeep.vit...@citrix.com> wrote: > Yes, conntrackd, vrrp are being used. They don't handle the actual > provisioning of the iptables rules though. > There is also non-connection tracking-related configuration (state) that > needs to be beamed down to a freshly started router. > That happens if the router is started by CloudStack (via the API or HA), > but there are other ways (log in and type reboot) that the configuration > state on the VR gets out of sync with the CloudStack database. > > On 8/21/12 8:56 AM, "Kelceydamage@bbits" <kel...@bbits.ca> wrote: > >> We are already using an up tables solution I thought: contrackt >> >> Sent from my iPhone >> >> On Aug 21, 2012, at 2:05 AM, Matthew Patton <mpat...@inforelay.com> wrote: >> >>> Please let's not reinvent the wheel. See pfsense, vrrp/carp, and pfsync. >>> >>> A redundant iptables solution doesn't spring to mind but it already >>> exists no doubt. >
