Recommended solution for server failover

Just preparing to retire a single point of failure with two new systems. Before I go any futher, i'll explain that each system serves up web content and has a cross connect between each other. The other interface on each box, falls within the same subnet, talks to the same router, which is, for all intents and purposes, outside of my control.

The idea is to set up each system such that data is replicated at regular intervals on the filesystem, which is beyond the scope of this posting. However, I must also have the 3 IP addresses activate within relatively short order of the first system failing, or in any other way, going down. Also, when the system that goes down comes back up, replication of any changes made to the backup while the primary was offline must be synchronized before the primary can take over responsibilities delegated to the backup.

In an idea world, and all things being equal, it would be nice to just transfer ownership of the "Primary" box to the then backup. That is, assuming servers A and B, where A is initially the primary, it fails, B takes over, B then becomes the new primary until B fails, then A becomes the primary and so on.

I'm curious as to what others might suggest for this type of setup, or perhaps, recommending some other behaviour based off of this hardware description.
with carp, he would need an firewall/gw under his control in front of his two web servers...