[Ukfreebsd] load balancing

O'Connor, Kevin KevinO'Connor at merseyfire.gov.uk
Thu Jan 6 10:03:41 GMT 2011


> -----Original Message-----
> From: ukfreebsd-bounces at uk.freebsd.org [mailto:ukfreebsd-
> bounces at uk.freebsd.org] On Behalf Of Pete French
> Sent: 05 January 2011 17:10
> To: ukfreebsd at uk.freebsd.org
> Subject: [Ukfreebsd] load balancing
> 
> So, has anybody got any experinece of using FreebSD as a
> firewall/loadbalancer at all ? I currently have a lot of boxes behind
a very nice
> set of Coyote Equalisers (irnoncly, FreebSD based themselves), but I
am
> wanting to move to a situation where I just have a pair of BSD boxes
running
> carp and doing the load balancing. Mainly so when I go to some nice
people
> to rent some rackspace I dont have to pay for an extra 6 U!
> 
> I found relayd in ports - has anybody tried using that ?

I'd say go with pfsense, mostly because I believe that a dedicated
firewall version of FreeBSD is safer than altering a vanilla version to
act as a firewall. 
Pfsense 2 is very close to RC1 status and we've been stress testing it
here with full internet routing tables via OpenBGP and snort (This is
very much improved in this version) Carp failover tests have been
extremely fast with no discernable drop for the end users and it has
relayd builtin.  
HAProxy is also packaged for it and seems to work well in tests. 
I admit the boxes we are running it on are perhaps a little over kill
though, DL360 G7 2x12 core processors with 14 gig of ram but they still
work out a lot cheaper than an ASA5020 and depending on the amount of
work you need it to do you can vary the hardware right down to embedded
devices.
The only down side is that FreeBSD is not certified to EAL4 but that may
be of no concern to you.

Regards

Kevin


> cheers,
> 
> -pete.
> 
> _______________________________________________
> Ukfreebsd mailing list
> Ukfreebsd at uk.freebsd.org
> http://mailman.uk.freebsd.org/mailman/listinfo/ukfreebsd
> UK BSD Groups http://www.bsdgroups.org.uk Hosted by EXOnetric
> http://www.exonetric.net

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

This e-mail and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this e-mail in error please notify the originator of the message. 

Any views expressed in this message are those of the individual sender,
except where the sender specifies and with authority, states them to be
the views of Merseyside Fire & Rescue Service, (MFRS).

Incoming and outgoing emails may be monitored in line with current legislation.

Steps have been taken to ensure that this email and attachments are 
free from any virus.  In keeping with good computing practice the 
recipient should ensure they are actually virus free.

http://www.merseyfire.gov.uk/




More information about the Ukfreebsd mailing list