On Fri, 9 May 2003 04:31 pm, Jonathan Oxer wrote: > So, the reason for posting: has anyone here done anything like this, or > have alternative ideas about how it could be set up? Does my plan make > sense? Is there a way to set this up without requiring 6 ethernet cards > per firewall? > > Did I make an enormous blunder and should now retreat back under a rock?
First thought : your upstream routers, are they to seperate providers? The way we have ours setup is to have one provider as the primary, and a backup provider that essentially sees no traffic unless provider 1 falls over - and so we save a bit of money on bandwidth by having the plans set up appropriately. Now, if you have a similar setup, then you may have issues if Border router 1 dies and you need to rely on Provider 2 for all your bandwidth. Second thought : You could probably combine those three internal switches into one by using a smart switch with VLAN support. This would also mean you can set up a second switch as a failover at that point too, and eliminate the need for so many ethernet points on the firewalls. Third thought : There are multi-port enthernet cards avalable, we're presently trialing a 4-port card for a similar setup in our firewall. Google keywords : "adaptec starfire", although I'm sure there are others out there. t -- GPG : http://n12turbo.com/tarragon/public.key
