Well, this is the misc section and this is what I'm considering at the present time at work.
I designed our data center to have no single point of failure. So, if one thing fails, there is a backup to take over, or it's part of a load balanced cluster anyways. At the front are multiple firewalls. 1 primary and two backups. Now to get the cluster managers to route traffic back to the backups (the primary is the default gateway for the cluster managers), I used static routes that route all packets on a given network to one of the backups. Those "given networks" are NAT addresses assigned by the firewalls to outside traffic heading into the system.
Anyways, everything works great, the sun is shining, the business is picking up, and the 7up is good.
However, there is one little problem that needs to be fixed before our client mark reaches a point beyond the number 254. Take a look at this line from one of my backup firewalls.
Code: Select all
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.50.1-192.168.50.254Does anybody know of a way to increase the solution space?
Oh,... err, I'm using Floppy Firewall and IPTables.
Cheers,
BDKR