lazy mentor wrote:
>
> I've seen where people load balanced two T1's on a per packet
> basis and achieved 1.5 megs on both circuits. Which would give
> them a total of 3Megs, but the provider said that they are load
> balancing 1.5 megs over two T1's. I asked different person same
> provider, that
I've seen where people load balanced two T1's on a per packet basis and
achieved 1.5 megs on both circuits. Which would give them a total of 3Megs,
but the provider said that they are load balancing 1.5 megs over two T1's. I
asked different person same provider, that if I'm load balancing two T1's
What kind of process do you want to balance, ie what layer? Fail-over or
load-balance defined on source/destination/traffic or true server cpu load?
Sometimes you want do watch a
quorum process (or critical application) and monitor that from a
serverfarm instead of doing
a layer
equipment... 6 network segments, 2 switches and 2 firewalls in a clustered
environment.
have networks 1; 2; 3; 4;5 and 6 going into 2 switches (1;2;3 into A and
4;5;6 into B)
A connects to both Firewall C and D which belongs to a clustered firewall
environment.
B connects to both Firewall C and D
load balancing? could u give more details
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72307&t=72295
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure vio
Interesting. I am looking at doing the same thing after my Sprint circuit
was down three times in three business days for ~4 hours each time.
Something that makes my situation difficult is I have control of the 1700 on
my quest circuit but not the sprint router, it is owned by sprint. So I
have t
oes either of these sound feasible?
>
>Hal
>
>> -Original Message-
>> From: Terry Oldham [mailto:[EMAIL PROTECTED]
>> Sent: Monday, March 10, 2003 11:07 AM
>> To: [EMAIL PROTECTED]
>> Subject: Re: Load Balancing and NAT [7:64904]
>>
>>
>>
that will work.
every thing going out will overloaded.
and an inverse NAT is done for the packets coming in.
u will have controll over the traffic getting out, that is on a round robin
fashion, one packet out se0 the next out se1.
the traffic coming in the links will depend on the IP's u use on the
hese sound feasible?
Hal
> -Original Message-
> From: Terry Oldham [mailto:[EMAIL PROTECTED]
> Sent: Monday, March 10, 2003 11:07 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Load Balancing and NAT [7:64904]
>
>
> The T1's are from different providers, Qwe
More Info:
FastEthernet Int0 172.16.100.2/24
Serial0144.228.52.114 255.255.255.252 Sprint
IP Block 65.160.124.193 -65.160.124.222
Serial1 65.123.132.166 255.255.255.252 Qwest
IP Block 65.120.161.161 - 65.120.161.190
Honestly I have bitten
Hi Terry,
I think I have already responded to a similar, if not the same question.
You wont be able to use NAT, as you can have a many-to-one NAT statement on
your router. IE Qwest IP and Sprint IP, both NAT to the same server.
The only way I can see you getting this working is if you get a /3
could u give us more info pls, as far as the IP's that you will be using.
wasn't it u that wanted to assign 2 ip's for each server you have?
if that is so,u can do the following:
creat 2 VLAN's on ur switch.
creat 2 subinterfaces on the router(must have fast ether) for the vlans.
PBR every thing fr
The T1's are from different providers, Qwest and Sprint. And no we will not
be running BGP...
""Troy Leliard"" wrote in message
news:[EMAIL PROTECTED]
> First big question, are your T1's from the same provider, or from a
> different provider, and thus different "public" ip address space? If it
First big question, are your T1's from the same provider, or from a
different provider, and thus different "public" ip address space? If it is
from a different provider, you may well run into some problems with NAT.
Say for example, client A connects to your webserver (via ISP A's public IP
addre
Like you said, if both circuits are the same bandwidth then load balancing
will work. If they are not the same bandwidth, you can still load balance
by manipulating the cost so that it is the same for both circuits, but once
you reach the maximum bandwidth on the lower bandwidth circuit, the route
Hi Kerry,
You are right, OSPF only supports 4 equal cost paths, and doesn't support
unequal load balancing. The easiest way for you to address either of your
options is to manually alter the ospf interface cost.
Under the interface, add
ip ospf cost xxx
Mkae this the same as the other interface
At 11:36 PM + 1/12/03, Emilia Lambros wrote:
>Basically any changes to the sticky/persistent part are not options :( the
>hardware that's in and performing the load balancing won't be changed
>because it works - the NAT portion just needs some ... horrible kludges? :)
But isn't NAT itself, ind
PROTECTED]]
Sent: Sunday, 12 January 2003 10:35 AM
To: [EMAIL PROTECTED]
Subject: Re: Load balancing & NAT [7:60663]
Could you change the persistence to use cookies instead of source IP address
(assuming it is a browser based connection)? That would allow you to still
load balance across th
a little harder to play and test
with,
> without a guarantee that it will work :)
>
>
>
> -Original Message-
> From: The Long and Winding Road
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 9 January 2003 11:24 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Load balanc
Doug,
I used the term "horrible kludge" several hours before I saw your post.
The multiple NAT pool kludge is horrible because it is neither scalable
nor maintenance-free, nor does it include any dynamic distribution of
load across the resultant multiple (outside local) addresses in use. It
almos
At 10:12 PM + 1/10/03, Doug S wrote:
>I liked the comment and definitely agree that some of the authors of Cisco
>training material should be named and publicly humiliated, although the
>sheer volume of mistakes could make this a somewhat overwhelming task for
>the public doing the humiliating.
nt: Friday, January 10, 2003 5:13 PM
To: [EMAIL PROTECTED]
Subject: Re: Load balancing & NAT [7:60663]
I liked the comment and definitely agree that some of the authors of Cisco
training material should be named and publicly humiliated, although the
sheer volume of mistakes could make t
I liked the comment and definitely agree that some of the authors of Cisco
training material should be named and publicly humiliated, although the
sheer volume of mistakes could make this a somewhat overwhelming task for
the public doing the humiliating. Still, I want to add my opinion that Cisco
d
ubject: Re: Load balancing & NAT [7:60663]
""Doug S"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The way PAT works when overloading multiple addresses is to overload the
> first address in the pool until ALL port numbers are used up
""Peter Walker"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> This does NOT match my previous experience. My experience has been that
> IOS seems to use NAT (not overloaded) until all pool addresses are used
> then start overloading the last one. I dont know what happens once
""Doug S"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The way PAT works when overloading multiple addresses is to overload the
> first address in the pool until ALL port numbers are used up. I can't
point
> you to any publicly available documentation on this, but cut and past
This does NOT match my previous experience. My experience has been that
IOS seems to use NAT (not overloaded) until all pool addresses are used
then start overloading the last one. I dont know what happens once all
when this address gets maxed out.
The only reason we noticed this was due to t
2003 6:45 AM
To: [EMAIL PROTECTED]
Subject: RE: Load balancing & NAT [7:60663]
The way PAT works when overloading multiple addresses is to overload the
first address in the pool until ALL port numbers are used up. I can't point
you to any publicly available documentation on this, but
The way PAT works when overloading multiple addresses is to overload the
first address in the pool until ALL port numbers are used up. I can't point
you to any publicly available documentation on this, but cut and pasted from
Network Academy curriculum:
"However, on a Cisco IOS router, NAT will
o its a little harder to play and test
with,
> without a guarantee that it will work :)
>
> -Original Message-
> From: The Long and Winding Road
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 9 January 2003 11:24 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Load balancin
e-
From: The Long and Winding Road
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, 9 January 2003 11:24 AM
To: [EMAIL PROTECTED]
Subject: Re: Load balancing & NAT [7:60663]
if you have a CCO customer account, there are a lot of articles in the TAC
database
this one is a good start, I believe
oops - forgot where I was going
here is a jump page
http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking:NA
T
requires CCO customer login.
and this one for more detail in design and operation
http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking:NA
T&s=I
if you have a CCO customer account, there are a lot of articles in the TAC
database
this one is a good start, I believe.
http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note0
9186a0080093fca.shtml
watch the wrap.
HTH
--
TANSTAAFL
"there ain't no such thing as a free lunch
Zeitz
> Sent: Friday, December 13, 2002 2:02 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Load Balancing Firewalls [7:59183]
>
> Actually, management change the diagram on me :(
>
> T1--->3640--->515UR with failover
> T1--->3640--->^
>
> Both T1s going into
offline, these scenarios are getting
really complex. My next task is figuring how to take two T1s and make
them act as a single unit while providing redundancy.
Thanks :)
-Original Message-
From: Brian Zeitz
Sent: Friday, December 13, 2002 2:02 PM
To: [EMAIL PROTECTED]
Subject: RE: Load
Actually, management change the diagram on me :(
T1--->3640--->515UR with failover
T1--->3640--->^
Both T1s going into a single 515UR with a standby unit.
I figured out the first scenario, I just thought of it as it as being in
different locations and use global load balancing on the LBs.
This
Hi David,
U r correct regarding HSRP interaction with OSPF.
How r the 2 T1's going to be terminated? One T1 on Router C and other on
Router D i suppose. If one of the T1 link connecting to the remote office
breaks, then the connectivity to that office from main office is down as
there is no o
I don't know how current this Product Bulletin is but you'll get the general
idea:
http://www.cisco.com/warp/public/cc/pd/iosw/iore/prodlit/768_pb.htm
Setting up load splitting/balancing when HSRP is present generally requires
that there be at least two subnets or VLANs. One subnet/VLAN has rou
You can also use CEF, much less CPU intensive.
Dave
Patrick Ramsey wrote:
>
> I believe as long as you have route cache disable, the router will load
> balance per packet...if route cache is enabled then it goes per
destination.
>
> Of course I have only used this config with OSPF and not st
The router will load balance between equal-cost
routes. So, if you have 2 static routes going to a
different next hop with a metric of 0, these 2 will be
load balanced. The max is 6 equal-cost routes. This
applies to most routing protocols. EIGRP has a
variance command that lets you load balance u
I believe as long as you have route cache disable, the router will load
balance per packet...if route cache is enabled then it goes per destination.
Of course I have only used this config with OSPF and not static routes...
>>> "to cisco new" 01/24/02 05:10PM >>>
can anyone answer this question
Picciani,
Here are a couple
Option 1
You can configure Dual HSRP and have 1/2 of clients point to each HSRP
address. That
will load balance out bound traffic. Return traffic will have the same
issue and so you
would have to do the same at the other end.
Option 2
If you are in a big network and
It's documneted under HSRP and load balancing. The gist of it is set up two
HSRP
groups, half the clients default to one group, half the other.
Dave
Picciani Francesco Saverio wrote:
> The default gateway of some clients is the IP of two routers in HSRP.
> Each of the router have a link to a
Thanks George I'll watch out for that,
""George Murphy CCNP, CCDP"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just an FYI, last week our server guys at the campus fired up a Win2k
> load balancing scenario and it was spewing multicasts like a bat out of
Thanks George I'll watch out for that,
""George Murphy CCNP, CCDP"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just an FYI, last week our server guys at the campus fired up a Win2k
> load balancing scenario and it was spewing multicasts like a bat out of
> hell and made par
Just an FYI, last week our server guys at the campus fired up a Win2k
load balancing scenario and it was spewing multicasts like a bat out of
hell and made parts of the network inaccessible, like printers, an ISDN
128k link, etc. We were using Observer to sniff. Now we have put the
little
Patrick Donlon wrote:
> had a look on the CCO, m'soft and HPs site but I can't see much relevant
> info, can any provide some info or experience on this
Really? I searched www.microsoft.com/technet with the phrase "network
interface load
balancing" and came up with quite a few hits discussing lo
BGP does not care. It all depends on routing policies you set up. This is
called
Asymmetrical routing. It is extremely common all over the internet.
About the Satellite link.
I would think long and hard about using a satellite link in the scenario
mentioned
below. Especially if there is inter
sorry it should be can't
--- Wojtek Zlobicki wrote:
> > it means a down-link , it receives data but can
> > transmit data
> >
> > thanks for your reply
>
> Is this to be can or can't ?
[EMAIL PROTECTED]
__
Do You Yahoo!?
Make a great connection
you are right but I have a terrestrial return path for
the return traffic so BGP TCP connection can be
established
regards,
suaveguru
--- Wojtek Zlobicki wrote:
> I was under the impression that BGP did not work on
> unidirectional links.
> Can someone correct me if I'm wrong ?
>
> > hi ,
> >
I was under the impression that BGP did not work on unidirectional links.
Can someone correct me if I'm wrong ?
> hi ,
>
> I am currently running on 2 fibre links to two
> different providers . The utilisation of these two
> links are getting very high and they are getting
> congested . I am thin
> it means a down-link , it receives data but can
> transmit data
>
> thanks for your reply
Is this to be can or can't ?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23635&t=23478
--
FAQ, list archives, and subscription info:
it means a down-link , it receives data but can
transmit data
thanks for your reply
regards,
suaveguru
--- Chuck Larrieu wrote:
> by "receive only" I trust you mean that you can send
> acks but not initiate
> other kinds of traffic... :->
>
> -Original Message-
> From: [EMAIL PROTECT
by "receive only" I trust you mean that you can send acks but not initiate
other kinds of traffic... :->
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
suaveguru
Sent: Thursday, October 18, 2001 8:29 PM
To: [EMAIL PROTECTED]
Subject: Load Balancing Via B
What is the real address, I understand if your reticent to provide it
but is it part of a larger CIDR block from the other provider? If so
and the satellite provider is announcing a more specific /24 then all
traffic will come over the satellite link.
there is much info missing to really help
Most of the traffic is arriving via the provider your
doing BGP with and is via this one block of ip with a
/24 e.g 1.1.1.0/24
I am seeing almost 100% utilisation via the satellite
down-link (1st provider running BGP) and very minimum
traffic at the second provider( terrestrial) running
default
gt; Troll Alert
> >
> > - Original Message -
> > From: "Farhan Ahmed"
> > To:
> > Sent: Monday, September 10, 2001 9:30 PM
> > Subject: RE: Load Balancing using BGP challenge
> > problem [7:19339]
> >
> >
> > > then u
A prepend will surely influence the inbound traffic. Is most of your
traffic currently arriving via the provider your doing BGP with? What
exactly are you seeing?? Why are you even doing BGP with a private AS
that is incoming only?? With the info you provided it's hard to give a
good answer.
do you think having them change private AS to public
AS number then do AS-PREPEND will be able to do some
kind of influencing?
regards,
suaveguru
--- MADMAN wrote:
>
> You have no way of influencing via BGP the inbound
> routes since your
> using a private AS on one link and default on the
>
what do you mean by this?
--- Brian wrote:
> Troll Alert
>
> - Original Message -
> From: "Farhan Ahmed"
> To:
> Sent: Monday, September 10, 2001 9:30 PM
> Subject: RE: Load Balancing using BGP challenge
> problem [7:19339]
>
>
> > t
You have no way of influencing via BGP the inbound routes since your
using a private AS on one link and default on the other. You need to
work with your providers if you wish to have incoming traffic to your
network influenced one way or the other.
suaveguru wrote:
>
> hi all
>
> I have been c
I can't put static routes because one provider is
down-link only and the other is two-way
regards,
suaveguru
--- Farhan Ahmed wrote:
> then u should think abt running 2 static routes
> and forget abt bgp cuz its really doesnt exsist
>
> -Original Message-
> From: suaveguru [mailto:[EM
Troll Alert
- Original Message -
From: "Farhan Ahmed"
To:
Sent: Monday, September 10, 2001 9:30 PM
Subject: RE: Load Balancing using BGP challenge problem [7:19339]
> then u should think abt running 2 static routes
> and forget abt bgp cuz its really doesnt exsist
&
then u should think abt running 2 static routes
and forget abt bgp cuz its really doesnt exsist
-Original Message-
From: suaveguru [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 4:53 AM
To: [EMAIL PROTECTED]
Subject: Load Balancing using BGP challenge problem [7:19339]
hi
thanks tony
With regard to this question , my load balancing
solution is of this type with incoming traffic
dual-homed with the same provider with one edge router
what solution will you use for this ?
regards,
suaveguru
--- Tony Medeiros wrote:
> Many ways: And it all depends on your
HSRP and interface tracking seems viable to me
*** REPLY SEPARATOR ***
On 8/21/2001 at 6:06 PM Kim Quang Vo wrote:
>I am using 2 routers of 2610. (router A og B)
>router A and B in the same LAN.
>
>serial interface of A og B connection to two others ISP routers.
>
>LAN using d
You could run load balancing by pointing two default routes on router A,
onde to it's ISP and another to router B. Make sure both have the same
administrative distance. To make router B take over when router A fails, use
HSRP (Hot Standby Routing Protocol) so router B will become your default
gate
thanks for your advice I will research on the areas
that I have mentioned
regards,
suaveguru
--- "Howard C. Berkowitz" wrote:
> >Hi all,,
> >
> >wonder if anyone knows how to do load-balancing
> across
> >2 unequal links using bgp ?
>
> BGP isn't designed to load-balance. That being
> said, y
>Hi all,,
>
>wonder if anyone knows how to do load-balancing across
>2 unequal links using bgp ?
BGP isn't designed to load-balance. That being said, you may be able
to get some reasonable degree of load splitting using more-specific
addresses, communities, MEDs, etc. It is _not_ a beginner's
Many ways: And it all depends on your exact setup, dual homed with same
provider, two providers, one edge router or two, etc.
Incoming traffic:
MEDS (you control if provider excepts them)
AS-PATH stuffing for certain networks.
Outgoing traffic:
Weight.
Local preference.
Statics
All of these re
- Original Message -
From: "Santosh Koshy"
To:
Sent: Sunday, August 05, 2001 4:06 AM
Subject: Re: Load Balancing... [7:14865]
> Peter,
>
> Here is the "problem i am trying to solve"
>
> - I am located in Canada
> - We have a data center
How about Inverse Mux?
Santosh Koshy wrote:
> Hi All,
>
> I have a slight dilemma to which I cannot seem to find a definitive
> answer.. We have 4 circuits going from Canada to the US...
>
> Is it necessary to terminate all the circuits into one router to do
> "per-packet" load balancing.
>
ou're
getting may not be as redundant as you think. Something else to check on in
your quest for a solution...
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Santosh Koshy
Sent: Saturday, August 04, 2001 6:07 PM
To: [EMAIL PROTECTED]
Subject: Re: Load
-
From: Santosh Koshy
To:
Sent: Saturday, August 04, 2001 5:06 PM
Subject: Re: Load Balancing... [7:14865]
> Peter,
>
> Here is the "problem i am trying to solve"
>
> - I am located in Canada
> - We have a data center in US. All our users use SAP, Web, FTP, a
Peter,
Here is the "problem i am trying to solve"
- I am located in Canada
- We have a data center in US. All our users use SAP, Web, FTP, and other
such applications across the border
- We currently have one T1 circuit running to the US
- After monitoring Traffic flow and Utilization we
Since Howard is in London, allow me to ask "What problem are you trying to
solve?"
*** REPLY SEPARATOR ***
On 8/3/2001 at 10:07 PM Santosh Koshy wrote:
>Hi All,
>
>I have a slight dilemma to which I cannot seem to find a definitive
>answer.. We have 4 circuits going from C
You could also, I suppose, make use of Multilink Multichassis PPP. But that
is almost certainly overkill.
""Chuck Larrieu"" wrote in message
news:[EMAIL PROTECTED]...
> yes.
>
> well, let me qualify that by saying you could terminate on four routers,
and
> then have those four connect to a si
HSRP is run on the Ethernet interface of both routers in one subnet. You
want to create two HSRP groups, not two subnets. Use priority to influence
which router is primary for which HSRP group.
CM
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: 10 July 2
If you have two serial links, you can configure them both with the same
bandwidth and delay statements (assuming IGRP here), and the router will see
them as equal routes. You can do this even if one is 512k and the other is
128k.
Message Posted at:
http://www.groupstudy.com/form/read.php?f
I think ip load-sharing per-packet command only work on serial port.
Since it is "IP" load sharing, it should only work on layer 3 interface.
You can implement Ethernet load sharing by " FastEther Channel (
FEC). How does FEC choose a way to go? It calculate the XOR
between the destination MA
Assuming that you have a router at home that you can plug both the cable
modem and DSL in. If you only need to get hold of a specific IP (game
server ) throught the DSL while everything else through the Cable, you could
simply configure default route for the Cable while adding a static route for
t
I'd have to agree. I don't think the Cisco will win on price, but in most
areas I've found them to be better. I've done more Foundry than Cisco, so I
would naturally be more biassed towards Foundry but I have to say the Cisco
does the business and more.
Gaz
"John Neiberger" <[EMAIL PROTECTED]> wr
I can only speak for the Cisco 11000 series (formerly Arrowpoint) switches.
They're really designed for more than load sharing, but they are seriously
cool devices. It's better that you read about their capabilities first
hand, though. Just go to CCO and read up on the 11050 and 11150, one of
w
I can only speak for the Cisco 11000 series (formerly Arrowpoint) switches.
They're really designed for more than load sharing, but they are seriously
cool devices. It's better that you read about their capabilities first
hand, though. Just go to CCO and read up on the 11050 and 11150, one of
w
At 04:18 PM 3/21/01, James Haynes wrote:
>Provided these paths are equal metrics in the routing table you will have
>load balancing. However, if you have fast switching on the load balancing
>will be on a destination by destination basis.
True. This is especially bad news if all the traffic is de
That is correct assuming that the Port Speed and CIR for both T-1s it the
same. If it is not, you will have to use the "variance" command to
compensate for this.
Chris Lemagie
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Rizzo Damian
Sent: Wednesday,
Correct. However, make sure that your bandwidth and delay perameters are
equal for the paths over which you want to load share or else it will not
load share by DEFAULT. However, with EIGRP, you can force it to
unequal-cost load share with the variance command.
Heather Buri
CSC Technology Se
Provided these paths are equal metrics in the routing table you will have
load balancing. However, if you have fast switching on the load balancing
will be on a destination by destination basis. To achieve load balancing on
a packet by packet basis you need to turn fast switching off.
Jim
"Rizz
Yes,
and IOS 11.2(14) on both routers.
Regards,
Phil.
--- info <[EMAIL PROTECTED]> wrote: > Each of
your 4 serial interfaces has
> ip route-cache applied to them?
>
> Do both routers have the same IOS version?
>
> Phil Barker <[EMAIL PROTECTED]> wrote in
> message
>
[EMAIL PROTECTED]">news:[
Each of your 4 serial interfaces has
ip route-cache applied to them?
Do both routers have the same IOS version?
Phil Barker <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Group,
> This has been nagging at me for about a week now.
> I have 2 x 2500 rout
Greetings,
I was in this type of senerio. To load balance the firewalls
2-Nokia-Checkpoint) we used 4 Cisco (Arrowpoint) 11000. They are in
failover mode with identical configs. One and two are in front of the
firewalls. Three and four are below the firewalls. The trick is to make
the conve
That is a rediculously overpriced solution to the problem at hand!
- Original Message -
From: Wayne & Therese Lawson <[EMAIL PROTECTED]>
Newsgroups: groupstudy.cisco
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 08, 2001 11:51 AM
Subject: Re: Load Balancing Across Mul
If you're looking for optimal load balancing across firewalls look
at the CSS product line (Cisco of course). You're going to want
to take advantage of the multiple "sticky session" options and
the performance advantage over the LD.
- Wayne, CCIE # 5244,
CCNA, CCDA, Nortel NCSE,
MCSE, CNE, CNX E
Would he run into any problems with persistence?
For example apacket enters firewall #1, and gets routed out firewall two? I
could see some potential problems with asymetric routing occuring.
I know with Checkpoint you can sync the state tables, which takes at a
minimum of around 50-100 ms. O
You would be far better off manipulating the routes (routing protocol) in
your network with the routers on the inside of the PIX, and then just
letting the the traffic flow through the PIX as usual. You will find this
solution much easier to implement and far more forgiving on your pocketbook!
Of
Resources
> Network Operations Control Center
> Norfolk Naval Shipyard
> Bldg 33 NAVSEA NCOE
> 757-393-9526
> 1-800-626-6622
>
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 16, 2001 3:57 PM
>
there is a specific example in the IOS 12.1(5a)E release notes-
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
limit/121e/121e5/iosslb5e.htm
you end up back-ending the PIXen on the inside ;-) with a
multiple-interface router.
-e-
- Original Message -
From
val Shipyard
Bldg 33 NAVSEA NCOE
757-393-9526
1-800-626-6622
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 16, 2001 3:57 PM
To: '[EMAIL PROTECTED]'; Rossetti, Stan
Subject: Re: Load Balancing Across Multiple PIX
Stan,
As pointe
Stan,
As pointed out by others, your best bet for load-balancing across
multiple PIX boxes is an external load-balancer ala local-director,
arrowpoint, foundry, etc.
However, in regards to throughput, Cisco claims 1Gbps cleartext
throughput on the new PIX 535. At that speed, its doubtful you
AM
To: Rossetti, Stan; [EMAIL PROTECTED]
Subject: Re: Load Balancing Across Multiple PIX
They won't load balance natively. The problem with getting a load balancer
before the PIX is that you either have it on the inside balancing outbound
traffic or outside balancing inbound traffic. The P
1 - 100 of 150 matches
Mail list logo
