I agree fully with Hugh on the weight distribution based on the rule
(meaning distributed by protocol) however my concern was why 50Mbs when the
link was 100Mbs?
Roger Herr
WhyNot? Consulting Services
24165 IH 10 West Suite 217-183
San Antonio, Texas 78257
210-860-3990
Some men see things as they are and say why?
I dream things that never were and say "Why Not?"
-Robert F. Kennedy
Or the original
You see things; and you say "Why?" But I dream things that never were; and I
say "Why not?"
George Bernard Shaw
(1856-1950)
----- Original Message -----
From: "Hugo van der Kooij" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, September 04, 2007 11:51 AM
Subject: Re: [FW-1] Question about Floodgate
On Tue, 4 Sep 2007, cisco4ng wrote:
I have a question for checkpoint flood-gate gurus in the forum.
I have NG AI R55 with HFA_20 running on SPLAT enforcement
module. This module is being managed from a Provider-1 NG
AI R55 with HFA_20. I have single firewall at the moment
but I configure ClusterXL on this firewall because I will
add a second firewall for Active/Active very soon. Everything
is working so far.
I also have Floodgate on the SPLAT enforcement. I have
3 floodgate rules (including the default rule):
1) Any Any ssh weigh_70
2) Any Any FTP weigh_15
3) Any Any any weigh_10
I have this setup "per rule" ONLY.
Isn't weight done based on the rules? So you had 3x 16Mb/s = 48Mb/s on
rule 1.
When you started ftp the balance becomes:
SSH: 3x 10Mb/s = 30 Mb/s
FTP: 1x 20Mb/s = 20 Mb/s
So SSH as set still outweighs FTP as set.
Can you test this again with equal numbers of FTP and SSH sessions? Say 3
or 5 ssh and as many ftp sessions.
Hugo.
--
[EMAIL PROTECTED] http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for this quote of George Bernard Shaw.)
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
