NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Nokia or Sun to run Firewall-1



Ryan,

Either StoneBeat FullCluster or Rainfinity's RainWall will do the load
balancing you describe across two Sun boxes (Naturally, I recommend
RainWall ;-).  I hesitate to recommend doing this with Nokia's VRRP.
Although you can theoretically set two boxes up in a reciprocal
arrangement where both machines are both master and slave, I hear the
configuration is awkward and can cause problems for certain kinds of
traffic due to asymmetric routing.  Also, it results in static load
sharing, where you must manually divide your traffic among the two
machines at the source.  A load-shared VRRP setup won't do intelligent
dynamic load balancing like RainWall does, and doesn't support using a
single IP address for the firewall.

Have a look at HAnetworks.com for some more ideas.

HTH,

Mark L. Decker
Rainfinity - High Availability for [email protected]


-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of
Ruiyuan Jiang
Sent: Tuesday, July 24, 2001 1:22 PM
To: [email protected]
Subject: [FW1] Nokia or Sun to run Firewall-1



Hi, all

I saw some discussion about the platform to run Firewall-1 but I don't
know
whether there are discussions about load balancing requirements.

We are in the pilot test to outsource our e-mail system to AOL through
minimum
two T1 lines may be two T3 lines to support about 4,500 users. We will
add
Firewall-1 behind those T1 line after CISCO routers. We'd like to have
these two
firewalls to be load balanced besides failover capacity. I know that
using two
Sun servers with NT (may be Sun also) management server running
Stonebeat can do
that. I don't know whether two Nokia boxes can do the same failover +
load
balance and what we need besides Nokia boxes to accomplish this. Thanks
in
advance.

Ryan Jiang
Senior UNIX administrator
Liz Claiborne, Inc.


========================================================================
========
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.