Hi Paul
:
Picked up your
email.
This is called host
based HA networking.
We use fault
tolerant transceivers from www.Auranet.com or www.lancast.com.
One interface on the
Sun server is connected to the main port of the transceiver with pri and sec
ports connected to two Lan switches connected in ISL or 802.1q vlan
trunking. Two ports on the two switches are in the same Vlan. It
protects the network connection against failure at the NIC port, cable and
switch. Here on the server, same IP and same MAC after and before failover.
The switching time is very fast. We see no packet loss from one link to
another and 3-4 packet loss when switching it back.
We call it layer 1
switching. If you want gigabit UTP/MMF/SMF, you have to wait for another 6
months for Aura to come up with a ft transceiver supporting
10/100/1000BT.
This ft transceiver
can be used for any network elements that are not capable of HA
networking.
We are also
investigating particularly for Sun platforms, say, IP multipathing in Oct 2000
version of Solaris 8 or later, or a customized HANET software from Sun to
allow HA failover between two NIC ports. Not sure whether these are
compatible with Checkpoint FW-1. I would like to try.
Another possibility
is to use third party NIC cards, say, www.syskonnect.com that got a few gigabit
NICs with redundancy ports. HA failover is hardware based. However, we
have to wait under Checkpoint can support gigabit NIC including this
Syskonnect NIC. Support of third party stuffs is not easy
operationally.
Hope this would
help.
Yinto
Chu
CW Optus and going
to be Singtel Optus I guess.
------------
- -----Original Message-----
From: Paul Finlayson
[mailto:[email protected]]
Sent: Friday, May 04, 2001 9:29 AM
To:
[email protected]
Subject: [FW1] 2 FW interfaces on same network for
redundancy?
Hi,
We've got a checkpoint FW-1 v3.0 firewall on
Solaris 2.6 with a Sun Quad
Fast Ethernet installed. We're looking to set up a
redundant connection to
a network using 2 ports of the Sun QFE card
connected to separate Cisco
Catalyst switches, with the clients on the network
also having connections
to both switches.
Does anyone know if it's possible to set up 2
identical interfaces on the
FW/Solaris box to provide this redundant
connection? I've tried setting up
2 interfaces (on the same network 10.10.1.0
255.255.255.0) with different
IPs but Solaris only ever uses one of them and
doesn't even use the other
one in the event of failure.
You're help would be much appreciated.
Thanks & Regards,
Paul.