Firewall Wizards mailing list archives
Re: BigIP controller - any issues?
From: Adam Shostack <adam () homeport org>
Date: Sat, 2 Oct 1999 13:36:57 -0400
On Fri, Oct 01, 1999 at 01:11:39PM -0400, Joseph S D Yao wrote:
| ...
| > IP forwarding on BigIP has to be specifically enabled. Out of the box
| > it is setup as default DENY. In other words, only those IPs and services
| > setup with VIPs will get traffic. Also ICMPs are not passed, except for
| > Fragment/Dont Fragment. ...
|
| Ah. This might explain why a dual firewall with a BigIP in front of it
| might be able to talk to some hosts, but fail with large mail messages
| to certain MSW-NT servers. No packet size negotiation? This is
| important when going through a tunnel, since the tunnel envelope would
| take up some of what would otherwise be the usual packet size.
|
| Sound about right?
Don't know about that, but I'd like to ask a related question, which
is, has anyone looked at these things for UDP based traffic? I have
some VPN-esque technology which encapsulates in UDP, and and wondering
if the F5 boxes can help me with load balancing.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Current thread:
- Re: BigIP controller - any issues? Stan Scalsky (Oct 01)
- Re: BigIP controller - any issues? Joseph S D Yao (Oct 02)
- Re: BigIP controller - any issues? Adam Shostack (Oct 04)
- <Possible follow-ups>
- RE: BigIP controller - any issues? Victor Granic (Oct 02)
- RE: BigIP controller - any issues? Hardcastle, Kevin (Oct 02)
- Re: BigIP controller - any issues? Unknown (Oct 04)
- RE:BigIP controller - any issues? Craig Woods (Oct 05)
- Re: BigIP controller - any issues? Gregory Blake (Oct 05)
- Re: BigIP controller - any issues? Kevin Steves (Oct 18)
- Re: BigIP controller - any issues? Ejovi Nuwere (Oct 19)
- Re: BigIP controller - any issues? Joseph S D Yao (Oct 02)