Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Load Balancing using the Firewall

From: "Andrew J. Luca" <andrewluca () mediaone net>
Date: Mon, 13 Jul 1998 20:23:39 -0400
Exactly.  A couple of months ago, I got into a rather length discussion
which involved everything but round-robin.  Round robin will allow you to
push some traffic over each link.  However, I would still advocate using a
BGP configuration if you are dual-homed to the Internet.  Most ISP's would
prefer this also, since that can help to minimize some problems that occur
between ISP's when you mis-configure routing.

Drew

-----Original Message-----
From:   Diego P. Vasquez B. [mailto:dvasquez () marc-harris com]
Sent:   Monday, July 13, 1998 10:32 AM
To:     'firewall-wizards () nfr net'
Cc:     'Andrew J. Luca'
Subject:        FW: Load Balancing using the Firewall

Do you mean a router in the company's side of the ISPs routers?
How would I accomplish the load balancing of incoming traffic without
using BGP?  The outgoing traffic will be balanced by the router using
round-robin I assume.
BTW, thank you for your response.


-----Original Message-----
From:  Andrew J. Luca [SMTP:andrewluca () mediaone net]
Sent:  Thursday, July 09, 1998 8:12 PM
To:    Diego P. Vasquez B.; firewall-wizards () nfr net
Subject:       RE: Load Balancing using the Firewall

One of the options for this would be to install a router of your own in
front of the ISP's routers.  This would allow the same level of load
balancing to occur without the ISP's running BGP or OSPF with you.  You
would still be able to install n+1 routers so that you could be comfortable
with a level of redundancy.  However, this will only provide round-robin
type of load balancing (or slightly better) in most cases and is still
sub-optimal.

      The best configuration that you can achieve is to run BGP with your
provider.  If you are dual-homed on the Internet, most providers of any
reasonable size will configure BGP with you.  I would suggest that you go
back to your provider(s) and push harder.  Usually they will charge some
nominal fee ($1k-$3k) for the setup of the service but that is worth the
extra level of performance and bandwidth usage that you would achieve.  The
other thing to note is that you would want to control the router(s) on

which

the BGP is run since these will need to be pretty beefy boxes (>64Mb

memory,

fast processor -- e.g. not a 250x router).  This is an important
consideration that most larger ISP's will have placed into their contracts
before agreeing to run BGP with you.

Just my thoughts.
Drew
Previous By Date Next
Previous By Thread Next

Current thread: