On Thu, 22 Jul 1999, Neil Lehrer wrote:
> has anyone load balanced [with fail-over] a pair of firewalls on three
> sides? consider an implementation where there is an inside, outside, and
> dmz. traffic originates:
I have implemented HA with some load sharing in this configuration using
OSPF and ICMP Router Discovery (IRDP). The gateways ran OSPF on the inside
and outside interfaces and then IRDP on the DMZ interface. Machines on the
DMZ ran an IRDP client.
The OSPF could be run in equal-cost-multipath to load share between the
inside to outside, but I don't think I found a method to share the load on
inbound/outbound connections to/from the DMZ.
- brett
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
