It's been years since I dabbled in FW-1 myself, so I turn to you gurus for assistance :)
Some of our servers run HP Teaming on their NICs, mainly for fault tolerance. However, in the last few versions of their teaming drivers, HP has "Transmit Load Balancing" (TLB) as the default teaming method, instead of one called "Network fault tolerance". TLB works by dividing outbound traffic between all NICs, while only receiving on one. I.e. packets leaving our server can have different source MAC addresses, while all inbound packets must be directed at one particular NIC. This ensures that remote hosts will only see one MAC for one IP when doing ARP lookups. This works fine as long as all hosts communicating with the server does an ARP lookup on the server's IP, and receives the MAC we expect it to (only the correct NIC will answer). But when we send this traffic through our firewall, it seems that return traffic is always directed to the original sending MAC. So, my question is: Is this expected behaviour in FW-1? Can this be changed? Should it (not)? I don't manage our firewalls, and our FW-guys didn't know... Any hints appreciated. Cheers, Anders :) ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
