I am looking into setting up a failover pair of firewalls under OpenBSD and want them to be stateful. But I want to synchronize states between them so that failover can be seamless. It appears that PF can do this by using pfsync. I have seen a reference which claimed IPFILTER can do this as well using user space daemons to perform the sync, but it gave no clue as to what to use or what to do to make that work. Does anyone know a) if this is possible; b) if so, what to use for sync daemons; and c) any documentation on setting it up to actually work? The version of OpenBSD I am trying to use is 6.6 and the hosting hardware is an Intel 64 bit chip. OpenBSD runs its heart out on that machine, but this configuration has eluded me for several weeks now, Extensive web searches returned only the reference I made above, which is not TOO helpful ( but it IS hopeful ).
Red Flag Submitted
Thank you for helping keep Tek-Tips Forums free from inappropriate posts. The Tek-Tips staff will check this out and take appropriate action.
Reply To This Thread
Posting in the Tek-Tips forums is a member-only feature.