I'm looking at putting a pair of EdgeRouter 8s in my office as Internet-facing firewalls, and using VRRP for failover / redundancy. I have a couple of questions:
- How quickly can I expect failover to occur if one device unexpectedly dies?
- These routers will also be doing IPv4 NAT for the local network to the Internet; do they share NAT tables or will TCP connections fail when the routers fail over?
My other option is to go for a full pacemaker / conntrackd stack on Linux boxes, but if I can save myself the hassle I will!
Tuesday - last edited Tuesday
search the forums you may find a third party package to sync conntrack.