Please keep in mind that if the cluster should fail over while you are
logged in via ssh, you will stop being logged in.
On 2013 Jan 30 (Wed) at 15:50:14 -0500 (-0500), System Administrator wrote:
:Thank you Alexander (and Johan) for confirming what I kinda suspected --
: use shared keys if it i
On Wed, Jan 30, 2013 at 2:03 PM, Jiri B wrote:
> On Wed, Jan 30, 2013 at 09:29:42AM -0800, Johan Beisser wrote:
>> Don't monitor SSH on the CARP address.
>
> Doesn't it depend on the purpose of this SSH service?
> If it is to manage individual boxes, then sshd should not listen
> on CARP ip addres
On Wed, Jan 30, 2013 at 09:29:42AM -0800, Johan Beisser wrote:
> On Wed, Jan 30, 2013 at 8:56 AM, System Administrator
> wrote:
> > I finally got to deploy a CARP firewall cluster (HA failover for now).
> > Using only the official OpenBSD.org documentation, everything went very
> > smoothly even
Thank you Alexander (and Johan) for confirming what I kinda suspected --
use shared keys if it is a published (ie. failover required) service,
otherwise bind only to dedicated address(es) using dedicated keys.
On 30 Jan 2013 at 18:33, Alexander Hall wrote:
> On 01/30/13 17:56, System Administra
On 30 Jan 2013 at 9:29, Johan Beisser wrote:
> On Wed, Jan 30, 2013 at 8:56 AM, System Administrator
> wrote:
> > I finally got to deploy a CARP firewall cluster (HA failover for now).
> > Using only the official OpenBSD.org documentation, everything went very
> > smoothly even though the setup
On Wed, Jan 30, 2013 at 9:44 AM, System Administrator wrote:
> On 30 Jan 2013 at 9:29, Johan Beisser wrote:
>
>> > While testing the failover and trying to ssh to a carp address I got
>> > hit with the server key mismatch; hence this email. What is considered
>> > best practice wrt ssh keys in a
On 01/30/13 17:56, System Administrator wrote:
I finally got to deploy a CARP firewall cluster (HA failover for now).
Using only the official OpenBSD.org documentation, everything went very
smoothly even though the setup is not quite trivial (14 carp addresses
on 6 active interfaces). I even got
On Wed, Jan 30, 2013 at 8:56 AM, System Administrator wrote:
> I finally got to deploy a CARP firewall cluster (HA failover for now).
> Using only the official OpenBSD.org documentation, everything went very
> smoothly even though the setup is not quite trivial (14 carp addresses
> on 6 active int
I finally got to deploy a CARP firewall cluster (HA failover for now).
Using only the official OpenBSD.org documentation, everything went very
smoothly even though the setup is not quite trivial (14 carp addresses
on 6 active interfaces). I even got system replication going using
rdist(1).
Whi
9 matches
Mail list logo
