Should be straightforward, although I admit I've not done it with CF disks
(but the principle remains the same). We set up two firewalls for a
customer which were reasonably complex (ten Ethernet interfaces, four
OpenVPN [tunX] interfaces), and the whole thing was configured as a
highly-available cluster that would failover if the live firewall died.
Software used:
- Debian Lenny as base OS
- DRBD to synchronise some applications (eg, DNS)
- Heartbeat to monitor the servers
- drdblinks to manage Heartbeat/DRBD
- Shorewall to manage the iptables
Happy to give more details (on or off list) or to answer questions.
Keith
--
Keith Edmunds
+-------------------------------------------------------------------------+
| Tiger Computing Ltd | Helping businesses make the most of Linux |
| "The Linux Specialists" | http://www.tiger-computing.co.uk |
+-------------------------------------------------------------------------+
