Hi! Should work as described. i don't see why not... ;-)
Good luck... :-) - Mart�n. On Sun, 20 Feb 2005 11:18:33 +0000, Richard Turner <[EMAIL PROTECTED]> wrote: > Martin > Thank you for your reply > > I haven't looked at 3.8.1 yet - looks like i have some > reading / playing to do! > > I wasn't going as far as fully meshed. The issues here > are that there aren't enough interfaces to allow for > the doubling up and the switches are on different > floors (running cables from from the first floor nokia > to the second floor switch is not going to be allowed > by the client - inter-floor traffic goes via the > expensive Cisco core switches). > > I was intending to have a switch for each Nokia (they > are on different floors) , using VLANS to separate the > different interfaces and networks. The VLANS would run > across the 2 switches > > Floor 1 Floor 2 > | > | > --------- ---------- > | SW A |---------------| SW B | > --------- ----------- > | > | > --------- ---------- > | FW A | | FW B > | > --------- ----------- > | > | > --------- ---------- > | SW C |---------------| SW D | > --------- ----------- > | | > > Switch ports A and C and B and D are VLANs on the 2 > core switches. > The firewall sync and Cluster Sync networks also vlans > on the switches - sync goes from FW A to SW C to SW D > to FW B > > Thus if a switch or a firewall goes down, the other > core takes the full load - normally the pair are in a > IP cluster. > > From the replies so far, I need to get the client's > cisco bods to create a VLAN across the switch pair and > set the "multicast MAC to unicast ip" arp and CAM > entries so that the packets to the cluster multicast > address are sent out of both switches > > I think? :-) > > Richard > > --- Martin Hoz <[EMAIL PROTECTED]> wrote: > > If I understood it correctly, and what you want is > > to use a "full > > meshed scenario" where each Nokia has connected the > > same network to 2 > > swtiches at the same time for high reselience, > > Another opton you have with Nokia, is to use 3.8.1 > > and use 802.3AD > > (A.K.A. Etherchannel or Link Agreggation) > > > > The beauty of it, is that you have 2 physical > > interfaces that look as > > 1 interface to both the firewall and the IPSO > > operating system. If the > > interface or the switch is gone for any reason, you > > still have both > > Nokia gateways working... beautiful... > > > > You've detailed documentation in IPSO 3.8.1 > > documentation. Also, you > > would need to establish te Etherchannel recognition. > > CIsco's web site > > has good information on it. I tested it with > > Catalyst 2900 switches > > running IOS 12 something, and Nokia IP380 hardware > > with IPSO 3.8.1 - > > like a charm... > > > > HTH. > > - Mart�n > > > > > > On Fri, 18 Feb 2005 08:34:33 +0100, Steinecke, Sven > > <[EMAIL PROTECTED]> wrote: > > > Hello Richard, > > > you can do it with portbased VLANs. We do it with > > our Checkpoints and they > > > work fine. > > > > > > Regards Sven > > > > > > -----Urspr�ngliche Nachricht----- > > > Von: Richard Turner > > [mailto:[EMAIL PROTECTED] > > > Gesendet: Freitag, 18. Februar 2005 00:17 > > > An: [email protected] > > > Betreff: [FW-1] NG AI/Nokia IP Cluster across 2 > > switches > > > > > > Hi, > > > > > > Has any one configured an NG AI/ Nokia IP Cluster > > over > > > 2 switches per virtual interface? I have setup > > many > > > clusters with the nokia's plugged in to one switch > > per > > > network but the customer wants to split the 2 > > nokias > > > across 2 floors with ciscos for maximum > > resilience. I > > > can't see why there should be an issue - the 2 > > ciscos > > > have a gig link, but is there something special to > > > configure to get this 2 work > > > > > > TIA > > > > > > Richard > > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
