[thelist] Cheap Tricks - was Re: Firewalls vs. Web Databases
Hassan Schroeder
hassan at webtuitive.com
Thu Sep 20 14:14:27 CDT 2001
Glenn Hunt wrote:
> 3. Use two firewalls and round-robin DNS. The biggest issue with this
> that the DNS would have to be updated if a firewall went down.
... which is a very bad situation, since change propagation takes
an indeterminate time -- but here's a trick I've used in the past
when I had no budget for fancy hardware.
This was for three round-robined Web servers, not firewalls, but
the principle's the same, assuming it's a *nix-based firewall.
Call 'em A, B and C. A cron job on each box pings the next machine
[ A -> B, B -> C, C -> A ] at relatively short intervals.
If, say, A gets no response from B, it waits for a small period of
time (in case the machine's rebooting for some reason), tries again,
and if no response this time ifconfigs up a virtual interface with
the missing machine's IP address (and sends an alert to someone's
pager, of course!).
No fuss, no muss, and the checkbook never left the desk drawer :-)
--
H*
Hassan Schroeder ----------------------------- hassan at webtuitive.com
Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com
-- creating dynamic Web sites and applications since 1994 --
More information about the thelist
mailing list