Computer Science and Engineering, Department of

 

Computer Science, Computer Engineering, and Bioinformatics: Conference and Workshop Papers

Date of this Version

2006

Document Type

Article

Comments

Published in ICC '06. IEEE International Conference on Communications, 2006.

Abstract

As more reliance is placed on computing and networking systems, the need for redundancy increases. The Common Address Redundancy Protocol (CARP) protocol and OpenBSD’s pfsync utility provide a means by which to implement redundant routers and firewalls. This paper details how CARP and pfsync work together to provide this redundancy and explores the performance one can expect from the open source solutions. Two experiments were run: one showing the relationship between firewall state creation and state synchronization traffic and the other showing how TCP sessions are transparently maintained in the event of a router failure. Discussion of these simulations along with background information gives an overview of how OpenBSD, CARP, and pfsync can provide redundant routers and firewalls for today’s Internet.

Share

COinS