[nycbug-talk] pf

michael lists
Fri May 27 13:12:10 EDT 2005


Quick pf question:

I have some independent and some redundant web servers, each with their
own private IP. One group answers http calls for a common, albeit
different, IP though carp. The others answer calls to their own IP. 
This works fine internally.

I am writing pf rules to allow the various webs to be viewed by the
outside world.  By design, the websites currently have DNS entries in
the wild that are different IPs.  

external IP1 -> pf router -> carp IP -> web farm
external IP2 -> pf router -> web server

So, should I use a nat 'n rdr or a binat rule for these?  Also, has
anyone had problems when they write rules to a carp IP?

Michael

-- 
---




More information about the talk mailing list