And the prize goes to our Mystery Guest. If 600-700 static routes caused no
noticeable degradation, the problem must be elsewhere.
Thanks to our our contestants
Bill
Ps. Maybe next time there will be a prize (probably not).
> From: Mystery Guest <[EMAIL PROTECTED]>
> Date: Sun, 16 Jul 2000 21:49:56 -0700 (PDT)
> To: [EMAIL PROTECTED], [EMAIL PROTECTED]
> Subject: Re: [FW1] Large number of Static Routes on a Sun box
>
>
> At one point we were running with ~600-700 static routes (and that is with
> using route summarization) on our Sun U10 and we didn't notice any great
> problems. We got fed up with adding and deleting static routes that we
> changed the Sun box into a FW + router by adding gated. The biggest problem
> is identifying internal networks in rules. It sure would be nice if FW-1
> allowed rules to be put on interfaces or if it was smart enough to
> dynamically figure out what subnets are located internally so we didn't have
> to muck about with adding and deleting networks to the internal networks
> FW-1 group. <sigh>
>
> Cheers,
>
> ./CK
>
>
>> From: William J Husler <[EMAIL PROTECTED]>
>
>> Date: Sun, 16 Jul 2000 10:32:58 -0700
>>
>>
>> We have a firewall (FW-1 v4) running on a Sun ES450 that connects numerous
>> subsidiary networks. As a result of the divergent networks involved (as
>> well
>> as address translation in some cases), we have add a number of static
>> network routes (and static host routes) to the firewall. We are currently
>> up
>> to almost 200 lines in the routing table. This firewall is experiencing
>> through-put problems (at least everyone is pointing fingers at it) and the
>> vendor (Sun) tech support has stated that it could be caused by this large
>> number of static routes. Has anyone else experienced this scenerio or have
>> experience with a large routing table on a Sun box? One comment I
>> particularly did not like was "It's not a router you know". Just what do
>> they think a firewall does anyway?
>> Bill
>>
>>
>>
>> =============================================================================
>> ===
>> To unsubscribe from this mailing list, please see the instructions at
>> http://www.checkpoint.com/services/mailing.html
>> =============================================================================
>> ===
>
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
>
> ==============================================================================
> ==
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================================
> ==
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
