Some application protocols such as FTP, H.323 and SIP divide transaction into two flows with two separate connections. The first connection is the control connection followed by data connection. In the FTP case with passive mode, the first connection to port 21 of the file server is the control connection. After the user has logged … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: expectation: part 1: helper

Going hand in hand with high availability (HA) is the load balancing technique. Two servers srv-1 and srv-2 to be added to the network topology The omarine server running keepalived acts as a virtual server that distributes connections equally to the real servers srv-1 and srv-2. All service access to the virtual server is routed … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: Load balancing

Once the network topology has been established, configuring the HA and conntrackd becomes simple. HA ConfigurationKeepalived uses VRRP (Virtual Router Redundancy Protocol) protocol to provide HA system. We use the sample configuration file keepalived.conf in the doc/sync directory of the conntrack-tools package, copy it to the /etc/keepalived directory and modify the parameters accordingly. The actual … Đọc tiếp Building a fault-tolerant firewall system with virtual machines: Configuring HA and conntrackd