nBSD pf and carp/pfsync to make a ha firewall.
>
> I further want to use an embedded system to reduce heat and power
> consumption in our server room. What hardware would you suggest?
>
> Would a Soekris net6501-30 with two lan1841 be powerful enough to
> route and filter ip traf
Hi,
Adam Thompson wrote,
> At work we have a firewall on two Dell PowerEdge 2940 servers, with
> 10 NIC's in use, which I want to substiute in the near future.
> The second machine act as cold standby.
>
> Err... 10 NICs and Reduce Power & Heat don't usually belong together in the
> s
to use OpenBSD pf and carp/pfsync to make a ha firewall.
>
>I further want to use an embedded system to reduce heat and power
>consumption in our server room. What hardware would you suggest?
>
>Would a Soekris net6501-30 with two lan1841 be powerful enough to
>route and filter
Hi OpenBSD hackers,
At work we have a firewall on two Dell PowerEdge 2940 servers, with
10 NIC's in use, which I want to substiute in the near future.
The second machine act as cold standby.
I would like to use OpenBSD pf and carp/pfsync to make a ha firewall.
I further want to use an emb
I activated ntp at installation time. The time on the two box are
perfectly aligned.
I think the problem should be related to pfsync code.
Indeed disabling pfsync I reduced the log messages by a factor of 30.
Now I have only some BAD state (2-3 in a minutes).
Moreover, with pfsync enabled the u
I used to get similar errors with dhcpd, and noticed the clock was
about 18 hours off.
Setting the time and turning on ntpd seemed to fix that issue.
--Bryan
On 6/27/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> Till now the firewalls seems to be stable. No panic for now. It seems
> the first s
Till now the firewalls seems to be stable. No panic for now. It seems
the first small step was in the right direction...
Thank you Rogier.
Now my last problem regards the pf weird logs. I have two type of
strange logs:
1)
Jun 27 15:51:09 ip-11-53 /bsd: pfsync: ignoring stale update (4) id:
4
ege.com/doc/pfsync-carp/
I already reported a similar bug
(http://thread.gmane.org/gmane.os.openbsd.misc/83948) but until now I
didn't received any reply.
Before report another bug I would like to know if someone else had
similar experiences.
Thanks
Paolo
knitti ha scritto:
On 6/23/
Ok, I replaced syncif with syncdev on both fws.
Waiting for the next panic...
Thanks
Paolo
Rogier Krieger ha scritto:
On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
hostname.pfsync0: up syncif rl0
To start with small steps: how about replacing syncif with syncdev for
the hostname.p
On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> hostname.pfsync0: up syncif rl0
To start with small steps: how about replacing syncif with syncdev for
the hostname.pfsync0 files? IIRC, syncif is deprecated as of 3.7. For
more info, see ifconfig(8).
Cheers,
Rogier
--
If you don't know w
===
Paolo Perrucci ha scritto:
I configured the two firewalls as the basic example described here:
http://www.countersiege.com/doc/pfsync-carp/
I already reported a similar bug
(http://thread.gmane.org/gmane.os.openbsd.misc/83948) but until now I
didn't received any reply
ow if someone else had
similar experiences.
Thanks
Paolo
knitti ha scritto:
On 6/23/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
Hi all,
I'm trying to setup an ha firewall using carp and pfsync.
I tried 3.6 and 3.7 version but both test fails with different kernel panic.
In m
On 6/23/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I'm trying to setup an ha firewall using carp and pfsync.
> I tried 3.6 and 3.7 version but both test fails with different kernel panic.
>
> In my last attempt I used the 3.7 version (-stable) on
Hi all,
I'm trying to setup an ha firewall using carp and pfsync.
I tried 3.6 and 3.7 version but both test fails with different kernel panic.
In my last attempt I used the 3.7 version (-stable) on both the firewall
but after some hours the primary box fails with this kernel panic:
14 matches
Mail list logo
