|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] High Availability with different MAC's
While virtually(!) every NIC offers a unique MAC address in the hardware, virtually every OS offers a way for the software to override this -- and generally, no harm can be done if the MAC addresses are unique within each segment/subnet. GLOBAL uniqueness is rarely necessary. There are a number of situations in which it is useful to override the hardware MAC address, including where one wishes to "assume the identity of" another node, without having to refresh everyone else's ARP cache. Several HA solutions depend upon the fail-over gateway being able to suddenly have the MAC address that everyone was using for the gateway that has failed. Aha... This suggests a couple of ways to fix Oswaldo's issue: From the switches' perspective, the MAC address of the gateway has suddenly leapt from one port to another, and the switches need some time to re-converge. (Too long, from the sounds of it.) Short of replacing the switches (...), I think the next best thing is to span/mirror the ports that go to the gateways, or put the gateways on a hub off a single port. The former option is to be preferred; it may or may not be possible if the gateway ports are on different switches. (That could be why convergence is taking so long. It's a nice bit of redundancy, but "If it doesn't have to WORK, we can make it as fast/cheap/robust as you like.") Dave Gillett -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of Zeltser, Roman Sent: Thursday, August 08, 2002 10:45 AM To: [email protected] Subject: Re: [FW-1] High Availability with different MAC's How come you have the same MAC address? It's usually unique to the card, and there are no two NICs in the world that have the same MAC. Correct me if I'm wrong. Are you talking about network cards? ********************************** Roman Zeltser, @National Computer Center, DNE RS Information Systems -----Original Message----- From: Cecoban, S. A. de C. V. - Oswaldo Espinosa Cuervo [mailto:[email protected]] Sent: Thursday, August 08, 2002 11:27 AM To: [email protected] Subject: [FW-1] High Availability with diferent MAC's Hi all. Is posible to configure HA with diferent MAC's? We´re using HA with the same MAC and IP address, but we're having problems with our switches, some of our established sessions cut or have delays to connect. thanks in advanced. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002 ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
