Re: High availability

["Don Kendrick" <don () netspys com>]

I've seen/heard of  several different ways to do this...depending on the
vendor and media (Ethernet or Token ring)...The solution should be
configured for whatever interfaces the two boxes share and failover should
occur if any interface fails.

One way to do it is for each box to have it's own IP address but to also
"share" a third address...ie one answers for the address  but if it goes
down the other starts answering. (Cisco HRSP does this as well...)

In the token ring world, I've seen the MAC to IP resolution issue addressed
by using a token ring functional MAC address that both boxes listen for.
However, on either TR or Ethernet, one could also use gratuitous ARP to fix
those ARP caches.

Don
-----Original Message-----
From: Sandy Green <sand232 () yahoo com>
To: firewall-wizards () nfr net <firewall-wizards () nfr net>
Date: Tuesday, July 06, 1999 5:49 PM
Subject: High availability


> How does the HA solution work. ie when there is a
> change over from the primary to secondary, the IP
> addresses are swapped over to the secondary.
>
> which IP addresses are swapped ? the external as
> well as the internal. or only the external.
> what about the arp cache ? what about the mapping
> of MAC address to IP address of the internal IP
> addresses ?
>
> In short I need to understand the working of a
> HA solution. The white papers in the sites like
> stonebeat only talk about it superficially.
>
> I asked this question in the Checkpoint mail list
> but did not get a satisfactory answer as yet.
>
> thanks
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com