cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chiradeep Vittal <>
Subject Re: Ideas for virtual Redundant Router
Date Tue, 21 Aug 2012 16:53:38 GMT
Yes, conntrackd, vrrp are being used. They don't handle the actual
provisioning of the iptables rules though.
There is also non-connection tracking-related configuration (state) that
needs to be beamed down to a freshly started router.
That happens if the router is started by CloudStack (via the API or HA),
but there are other ways (log in and type reboot) that the configuration
state on the VR gets out of sync with the CloudStack database.

On 8/21/12 8:56 AM, "Kelceydamage@bbits" <> wrote:

>We are already using an up tables solution I thought: contrackt
>Sent from my iPhone
>On Aug 21, 2012, at 2:05 AM, Matthew Patton <> wrote:
>> Please let's not reinvent the wheel. See pfsense, vrrp/carp, and pfsync.
>> A redundant iptables solution doesn't spring to mind but it already
>>exists no doubt.

View raw message