Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Multiple WAN Links.

To: [email protected], [email protected]
Subject: RE: [FW1] Multiple WAN Links.
From: "iden fw" <[email protected]>
Date: Fri, 03 Nov 2000 14:54:50 GMT
Cc: [email protected], [email protected]
Sender: [email protected]

Regarding the negatives to BGP: 1. uneven load sharing -- If you have 2 circuits with the same ISP, this is not an issue. Otherwise, if you have a circuit with 2 ISPs (as the original poster indicated) -- load sharing becomes uneven, and requires a more complex configuration. And constant tweaking...

How does Rainfinity load-balance incoming traffic?

2. complex configuration -- Depends. If you don't care that your load is balanced, you configuration can be quite simple. Especially if both circuits come into the same router. If the circuits come into different routers, then the configuration gets a little more complex.

3. requires AS number and cooperation from both ISPs -- Requires little effort, and a little $. The only cooperation you need from the ISPs is for them to configure a BGP session with you, which any ISP should be able to do in their sleep. I would not classify this as a negative to a BGP solution.

4. giant routing tables that eat gobs of router CPU and RAM, etc -- ;) A full routing table is in the neighborhood of 88000 network entries. I have recommended, that if you are going to take full feeds from 2 providers on one router that the customer have 128 megs on at least a 36XX Cisco.

What is the list price of a Rainfinity solution? What are the maintenance contract costs?

-iden_fw

From: "Mark L. Decker" <[email protected]> Reply-To: <[email protected]> To: "'CryptoTech'" <[email protected]> CC: "'Gunjan Mathur at 9netave'" <[email protected]>, <[email protected]> Subject: RE: [FW1] Multiple WAN Links. Date: Thu, 2 Nov 2000 20:17:24 -0800

Agreed. If transparent failover is your top priority, BGP is the better solution. If you host web servers internally that need to be reached from the outside world, BGP also prevents you from having to play games with DNS to provide access to those servers in the event of link failure. BGP has plenty of negatives (uneven load sharing, complex configuration, requires AS number and cooperation from both ISPs, giant routing tables that eat gobs of router CPU and RAM, etc.), but it is still the only solution that provides transparent failover for both inbound and outbound sessions in the event of link failure.

RainWall as a multi-homing solution is really most effective as cheap protection and link load balancing for outbound Internet access and email (with multiple MX records). If you don't care so much that connections have to be re-established after failover, it's a viable option. Otherwise, BGP is the way to go.


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at http://profiles.msn.com.

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- RE: [FW1] Multiple WAN Links.
  - From: "Mark L. Decker" <[email protected]>

Prev by Date: RE: [FW1] TACACS+ Problem
Next by Date: [FW1] SecuRemote behind a natted device
Previous by thread: RE: [FW1] Multiple WAN Links.
Next by thread: RE: [FW1] Multiple WAN Links.
Index(es):
- Date
- Thread