Re: RE: Firewall-1 platforms

[Barney Wolff <barney () databus com>]

Nokia may or may not support load balancing, but as I read VRRP,
load-balancing support is very primitive - you get to manually
configure the default-router IP addresses on the hosts behind the
firewall.  I have no live experience with Stonebeat, but I
believe the advertised load-balancing support is fancier.

Barney Wolff

On Tue, Mar 06, 2001 at 07:46:53PM -0600, shawn . moyer wrote:
> "Kalat, Andrew (ISS Atlanta)" wrote:
>
> >         Indeed, VRRP is pretty cool. As fail over goes, I agree, it's pretty
> > easy and elegant. I might have misspoke though. I was referring to not just
> > fail over, but actual true load balancing, where both boxes are passing
> > traffic, rather than having one in hot standby waiting for a failure. Do you
> > know of a way to do that with Nokia? That would indeed rock...
>
> Yeah, actually. VRRP does share load, it's part of the spec, in fact.
> Been awhile since I've done it, but I believe you configure a weight for
> each IP in relation to the shared Virtual IP (VIP) and traffic is shared
> across via that weight metric. 
>
> At the employer where we did this we had four Nokia boxes sharing load
> for 150Mbps of traffic (each box basically was assigned 25% of the
> load), and it was part of our standard configuration do two Nokia's load
> sharing 50% each. 
>
> http://www.networksorcery.com/enp/protocol/vrrp.htm
>
> http://www.networksorcery.com/enp/rfc/rfc2338.txt
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards