Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Does netfilter/iptables support failover/HA?

failover Ha iptables netfilter support
0
Profile photo of LindseyMyer LindseyMyer
Posted

Does netfilter/iptables support failover/HA?

0 CommentsAdd a Comment

1 Answer

0
Profile photo of LindseyMyer LindseyMyer

The answer is a clear ‘yes’ and ‘no’. If you are thinking about a full failover, while all the state information is preserved: Not really. Doing state synchronization between multiple nodes is a difficult process. Harald (of the netfilter core team) has published a paper about this, but not yet found any sponsor to fund the development. Meanwhile, you can try to use our ‘connection pickup’ feature, which [after a failover] tries to pick up already established connections: Might be sufficient depending on the requirements. If you do NAT and want to preserve your NAT mappings: No.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123