NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Multiple WAN Links.



To be sure, BGP can be run on a lesser router, but you won't be able to
accept "full routes" from major providers.  By carefully filtering the
routes you receive, you can limit the size of the routing tables, albeit
with some trade-offs.  For many applications, partial views may be
sufficient.  If anyone is interested in more info, Avi Freedman's home page
has a good overview of BGP and it's many configuration options at
http://www.netaxs.com/~freedman/bgp/bgp.html.

> -----Original Message-----
> From: iden fw [mailto:[email protected]]
> Sent: Tuesday, November 07, 2000 7:53 AM
> To: [email protected]; [email protected]
> Cc: [email protected]
> Subject: RE: [FW1] Multiple WAN Links.
>
>
> Andrew,
>    Great information -- so the 36XX series router is not
> necessary.  Brings
> the price-point down... What is the ball-park price of a 2524?
>    I prefer to use BGP for circuit and routing redundancy as
> well.  I still
> think that Rainfinity/Stonebeat definitely has a place -- but
> for load
> balancing/failover/HA of the firewalls.
>
>    As far as DSL, my opinion is that "it depends".  If you're
> close enough
> to the CO to get 768k or better, I say go for it.  Especially
> because DSL
> boxes like Netopia let you bond DSL circuits.
>
>    One thing to consider with DSL is the provider -- does the
> DSL provider
> own the local loop, DSLAM, network, and the router that your
> DSL connection
> terminates on?  I have seen some ISPs that have telco carry
> the circuit to a
> DSLAM owned by Rhytms/Northpoint/Covad/etc.  The DSL carrier
> then carries
> the circuit across their network, where they hand it off to
> the ISP on a
> DS-3 containing many DSL circuits.
>
>
> -iden_fw
>
> >From: "Andrew Bagrin" <[email protected]>
> >To: <[email protected]>, <[email protected]>
> >CC: <[email protected]>
> >Subject: RE: [FW1] Multiple WAN Links.
> >Date: Tue, 07 Nov 2000 09:29:24 -0500
> >
> >
> >I have a 2524 with 14m of processor memory running BGP between two
> >different ISP's, and it works fine.
> >Rainwall is excellent for load balancing firewalls, but for Internet
> >connections, I'd stick with BGP.  I know it work, I've been
> running it for
> >over a year now.  My firewalls have been load balanced
> behind my ISP BGP
> >connection for almost one year.
> >
> >Andrew Bagrin
> >Network Analyst
> >
> >Regal Cinemas, Inc.
> >7132 Commercial Park Drive
> >Knoxville, TN 37918
> >
> >> >
> > >>> "Mark L. Decker" <[email protected]> 11/06/00 05:35PM >>>
> >
> > > The only point that I would make is that you have to have a
> > > router for connectivity -- so the only price increase is
> the additional
> > > RAM, and if you are upgrading from a 26XX series to a
> 36XX series router
> > > (which is not inexpensive, granted).
> >
> >True. Upgrading from the default 32M DRAM to 128M DRAM on a
> 3640 will
> >"only"
> >cost $5,760 per router. ;-) But that assumes you already
> have two 3640s.
> >Most people who have T1 internet access have a single
> lower-end router like
> >a 2600 or 1700 series Cisco.  For them, a move to
> fully-redundant routers
> >running BGP/HSRP means buying two brand new routers.  And, that only
> >addresses the ISP link and router redundancy.  They still haven't
> >eliminated
> >the firewall as a single point of failure.  If you want to
> protect all
> >three, you're looking at some sort of firewall HA solution anyway.
> >
> >So, let's look at total purchase price for a fully redundant
> setup with
> >BGP/HSRP vs. a fully redundant setup using RainWall:
> >
> >Secure, fully redundant T1 access with BGP/HSRP
> >pair of 3640 routers: $30,920 ($15,460 x 2, includes T1 CSU/DSUs)
> >firewall HA solution: $12,000 (based on RainWall with LB)
> >TOTAL LIST PRICE:     $42,920 (does not include firewalls themselves)
> >
> >Secure, fully redundant T1 access with RainWall
> >pair of 1720 routers: $ 4,390 ($2,195 x 2, includes T1 CSU/DSUs)
> >firewall HA solution: $12,000 (based on RainWall with LB)
> >TOTAL LIST PRICE:     $16,390 (does not include firewalls themselves)
> >
> >That's a big price difference.  Plus, if you already have a
> T1 router, you
> >can subtract another $2,195 from the cost of the RainWall
> solution. If
> >transparent failover for inbound connections is worth
> $28,725 to you (and
> >it
> >may be if you're hosting an e-commerce website internally),
> then BGP is
> >still the best answer.  But if you just want increased capacity and
> >automatic failover for regular outbound browsing and email,
> RainWall can be
> >a useful, less-expensive alternative.
> >
> >While we're on the subject of cost, consider this: How much
> could you save
> >on access costs by replacing your T1 with DSL?  Most people
> wouldn't dare,
> >because DSL is typically not quite as fast or reliable as a
> T1.  But if you
> >had multiple redundant DSL links...  Something to think
> about, anyway.  ;-)
> >
> >
> >
> >=============================================================
> ===================
> >      To unsubscribe from this mailing list, please see the
> instructions at
> >                http://www.checkpoint.com/services/mailing.html
> >=============================================================
> ===================
> >
> >
> >
> >=============================================================
> ===================
> >      To unsubscribe from this mailing list, please see the
> instructions at
> >                http://www.checkpoint.com/services/mailing.html
> >=============================================================
> ===================
>
> ______________________________________________________________
> ___________
> Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.