02-21-2003 12:24 AM
I have a customer who are using CSS as a firewall load balancer.
by the way he have two firewall with fast-ethernet interfaces and two with Gigabit ethernet interfaces.
Now the load is 1:1:1:1.
Can I give a load to firewall path on CSS?
Then, what command it is?
02-22-2003 12:37 AM
There is currently no way to give a weight to a firewall.
However, you could play with the static routes so that more routes point to the
GigE Firewalls.
You would do something like this
ip route 0.0.0.0/0 firewall 1
ip route 0.0.0.0/0 firewall 2
ip route 0.0.0.0/0 firewall 3
ip route 0.0.0.0/0 firewall 4
ip route 128.0.0.0/1 firewall 1
ip route 128.0.0.0/1 firewall 2
This is just an example. But you can see that firewall 1 and 2 will get all traffic to 128.0.0.0 -255.255.255.255 and the traffic from 0.0.0.0 to 127.255.255.255 wil be loadbalanced over the 4 firewalls.
Gilles.
02-23-2003 11:59 PM
One more
If CSS know the path which firewall the packets comes from, then your method looks no problem.
Internet ----- CSS_out--------four firewalls--------CSS_in------Servers(A.B.C.0/24)
CSS_out
ip route A.B.C.0/24 firewall 1
ip route A.B.C.0/24 firewall 2
ip route A.B.C.0/24 firewall 3
ip route A.B.C.0/24 firewall 4
ip route A.B.C.0/25 firewall 1
ip route A.B.C.0/25 firewall 2
CSS_in
ip route 0.0.0.0/0 firewall 1
ip route 0.0.0.0/0 firewall 2
ip route 0.0.0.0/0 firewall 3
ip route 0.0.0.0/0 firewall 4
ip route 128.0.0.0/1 firewall 1
ip route 128.0.0.0/1 firewall 2
How about this? Is it OK?
Even if CSS know the information of session flow, It looks have a risk of problem.
02-27-2003 03:55 AM
this should be ok as well.
This method is not new.
Big ISP's used to do this in the past to do BGP loadbalancing (before the invention of BGP multipath).
I believe a lot of people are still using this method.
So, it should work for the CSS as well.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide