On Thu, 4 Mar 2004, Bob Hinden wrote:
> >coz data from the client may be going thru a different device Y, which is
> >being blocked by the fw on that device. fw Y doesn't have the hole
> >to let the traffic go through.
>
> This won't be caused by the load sharing when the data and control are
> g
On Thu, Mar 04, 2004 at 12:01:51AM -0800, Suresh Satapati wrote:
>
> Disagree. load-sharing or router preferences were/are never a general case
> IMO and hence i disagree with MUST.
I also think the security section of the draft needs a bit of deeper
analysis, e.g. for the rogue router-in-the-mid
Suresh,
coz data from the client may be going thru a different device Y, which is
being blocked by the fw on that device. fw Y doesn't have the hole
to let the traffic go through.
This won't be caused by the load sharing when the data and control are
going to the same destination host. If the da
On Thu, 4 Mar 2004, Bob Hinden wrote:
> Suresh,
>
> >coz data from the client may be going thru a different device Y, which is
> >being blocked by the fw on that device. fw Y doesn't have the hole
> >to let the traffic go through.
>
> This won't be caused by the load sharing when the data and cont
> I have a different set of experience where customers provision two or more
> parallel router+firewalls and wish to divide the traffic between them. The
> specifically do not want the other routers to be unused. They have
> installed multiple routers so if one fails they want the others (using
>
Suresh,
Thanks. That's exactly what's happening.
Changming
-Original Message-
From: Suresh Satapati
To: Dave Thaler
Cc: Changming Liu; [EMAIL PROTECTED]
Sent: 2004-03-03 ¿AEA 11:43
Subject: RE: v6 host load balancing
Dave,
Lemme give this a try..
> > No matter
Dave,
Lemme give this a try..
> > No matter it is active or passive open, the modem stateful will need
> to
> > open
> > the "hole" by listening to the control channel for "port" and "pasv"
> > comamnd.
>
> You lost me here. Since the passive open has the connection initiated
> by the client, th
>Yes I'm aware of both modes. Since you mentioned the server told the
>client
>what server to use, I assumed you were talking about passive mode, which
>is what I was responding to above.
Sorry about not making it clear at the first place. Now we are on the same
page. One minor point: the pass
> -Original Message-
> From: Changming Liu [mailto:[EMAIL PROTECTED]
> Sent: Thursday, March 04, 2004 2:14 PM
> To: Dave Thaler; Changming Liu
> Cc: '[EMAIL PROTECTED] '
> Subject: RE: v6 host load balancing
>
> Hi Dave,
>
> >If the server
Hi Dave,
>If the server is telling the client who to use, then the client is
>connecting out for both the data and the control channels. If they
>go out different exit points on the client side, there's no problem
>since both connections are initiated from the inside, right?
>Can you elaborate m
Changming Liu writes:
> For example, picture a network below:
> a FTP server farm protected a firewall, and a FTP client also behind
its
> firewall and there are multiple firewalls in different locations to
> pretect
> the corporate of the client is in. If the client is doing destination
load
> bal
otocol designers.
Thanks of taking this into consideration. We just need to make a more
thoughtful decision.
Changming
-Original Message-
From: Bob Hinden
To: Changming Liu
Cc: [EMAIL PROTECTED]
Sent: 3/3/2004 5:48 PM
Subject: RE: v6 host load balancing
Changming,
>As we talked this mo
Pekka,
[No hats on, for this and the previous reply to Changming Liu]
The document assumes that it is always desirable to do
load-sharing with the equivalent routers. I don't agree with this
assumption.
If the router's capacity is sufficient so that it can forward all the
traffic sent by its nod
On Wed, 3 Mar 2004, Bob Hinden wrote:
> I would agree with your concern if it worked that way. The load balancing
> being proposed is not load balancing on a per packet basis. It is load
> sharing when the host is about to pick a router when sending to a new
> destination. [...]
Note that Cha
Changming,
As we talked this moning about this issue, we thought that it might be a
good idea to discuss this in the mailing list so that others can express
their opinion too.
As one of the top 3 firewall/NAT/IDP vendors, our experience with load
sharing is very bad. It's only good for router-swit
I agree completely with Pekka.
Tim
On Wed, Mar 03, 2004 at 02:40:03PM +0200, Pekka Savola wrote:
> On Wed, 3 Mar 2004, Changming Liu wrote:
> > As one of the top 3 firewall/NAT/IDP vendors, our experience with load
> > sharing is very bad.
>
> For what it's worth, I've also argued stronlgy host
On Wed, 3 Mar 2004, Changming Liu wrote:
> As one of the top 3 firewall/NAT/IDP vendors, our experience with load
> sharing is very bad.
For what it's worth, I've also argued stronlgy host against load
balancing. I'm copying the major concern below.
==
Date: Sun, 29 Feb 2004 07
Hi Dave,
As we talked this moning about this issue, we thought that it might be a
good idea to discuss this in the mailing list so that others can express
their opinion too.
As one of the top 3 firewall/NAT/IDP vendors, our experience with load
sharing is very bad. It's only good for router-sw
18 matches
Mail list logo
