NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] 2 FW interfaces on same network for redundancy?



Thanks to all who have given me advice regarding this issue, I've now got several suggestions and I'm sure I'll be able to make this work.
 
I'll be sure to let you know which solution I've implemented and how I got on.
 
Regards,
Paul.
-----Original Message-----
From: Yin To Chu [mailto:[email protected]]
Sent: Tuesday, May 08, 2001 2:51 PM
To: [email protected]
Cc: ytchucwo
Subject: [FW1] 2 FW interfaces on same network for redundancy?

Hi Paul :

Picked up your email.

This is called host based HA networking.

We use fault tolerant transceivers from www.Auranet.com or www.lancast.com.

One interface on the Sun server is connected to the main port of the transceiver with pri and sec ports connected to two Lan switches connected in ISL or 802.1q vlan trunking.  Two ports on the two switches are in the same Vlan.  It protects the network connection against failure at the NIC port, cable and switch. Here on the server, same IP and same MAC after and before failover. The switching time is very fast. We see no packet loss from one link to another and 3-4 packet loss when switching it back.

We call it layer 1 switching. If you want gigabit UTP/MMF/SMF, you have to wait for another 6 months for Aura to come up with a ft transceiver supporting 10/100/1000BT.

This ft transceiver can be used for any network elements that are not capable of HA networking.

We are also investigating particularly for Sun platforms, say, IP multipathing in Oct 2000 version of Solaris 8 or later, or a customized HANET software from Sun to allow HA failover between two NIC ports. Not sure whether these are compatible with Checkpoint FW-1. I would like to try.

Another possibility is to use third party NIC cards, say, www.syskonnect.com that got a few gigabit NICs with redundancy ports. HA failover is hardware based.  However, we have to wait under Checkpoint can support gigabit NIC including this Syskonnect NIC. Support of third party stuffs is not easy operationally.

Hope this would help.

Yinto Chu

CW Optus and going to be Singtel Optus I guess.

------------

- -----Original Message-----

From: Paul Finlayson [mailto:[email protected]]

Sent: Friday, May 04, 2001 9:29 AM

To: [email protected]

Subject: [FW1] 2 FW interfaces on same network for redundancy?

 

 

Hi,

We've got a checkpoint FW-1 v3.0 firewall on Solaris 2.6 with a Sun Quad

Fast Ethernet installed. We're looking to set up a redundant connection to

a network using 2 ports of the Sun QFE card connected to separate Cisco

Catalyst switches, with the clients on the network also having connections

to both switches.

Does anyone know if it's possible to set up 2 identical interfaces on the

FW/Solaris box to provide this redundant connection? I've tried setting up

2 interfaces (on the same network 10.10.1.0 255.255.255.0) with different

IPs but Solaris only ever uses one of them and doesn't even use the other

one in the event of failure.

You're help would be much appreciated.

Thanks & Regards,

Paul.



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.