[nzlug] Redundant Linux based firewall hardware?
Anton
anton.list at gmail.com
Mon Jun 30 15:51:48 NZST 2008
2008/6/30 Ian Beardslee <ian at karearea.gen.nz>:
> I'm on the lookout for a setup that is something like a couple of via c3
> motherboards in a 1U rack unit that can act as a redundant firewall setup.
> Low power, low $$ and 'decent' redundancy.
>
> Yeah I could go for a couple of small cisco or other proprietary devices,
> but I'd rather keep it simple and linux based.
Have you seen these...
http://www.yawarra.com.au/hw-alix2.php
They have a 1U case (only 190mm deep) that holds two PC Engines Alix 2
machines for about a grand (including the 2 machines). Not the
absolute cheapest solution but not too bad, and no moving parts.
Buying two machine with separate case is a bit cheaper.
The Alix2-3 has 3 10/100 ports. eg one for the LAN, one for the WAN,
and (if you use OpenBSD or pfsense etc) one for CARP/pfsync
connections to handle failover during patching or CF card replacement.
I haven't used them myself, but I'm very tempted to. I just need to
work out if that is compatible with Citylinks one MAC address per port
restriction. I think CARP uses a multicast MAC address, so some more
research is in order first.
Note: I'm not sure what the Linux equivalent of CARP/pfsync is, but
welcome suggestions.
--
Cheers
Anton
More information about the NZLUG
mailing list