Recovering helper The feature of fault-tolerant firewall is the ability to recover connections. But if it loses the helper, the connection recovering fails. When conntrackd injects a conntrack whose inherent helper into the kernel conntrack table, the netlink subsystem creates helper for it. Unfortunately, the work of NAT later took the helper away (don't use … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: expectation: part 2: expectation

Some application protocols such as FTP, H.323 and SIP divide transaction into two flows with two separate connections. The first connection is the control connection followed by data connection. In the FTP case with passive mode, the first connection to port 21 of the file server is the control connection. After the user has logged … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: expectation: part 1: helper

Going hand in hand with high availability (HA) is the load balancing technique. Two servers srv-1 and srv-2 to be added to the network topology The omarine server running keepalived acts as a virtual server that distributes connections equally to the real servers srv-1 and srv-2. All service access to the virtual server is routed … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: Load balancing