Re: Multiple VLANs in the same subnet on different Routing Domains

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Robert

Subject: Re: Multiple VLANs in the same subnet on different Routing Domains

Date: Thursday, July 22, 2010 - 11:36 am

On Thu, 22 Jul 2010 17:15:00 +0100
sslaytor@iom.com wrote:
quoted text> Ok we have 4 firewalls providing internet connectivity whose internal interfaces 
> are on a single shared subnet, although the IPs are different. Outbound traffic 
> from the various hosts on this subnet are distributed across the firewalls by 
> setting the firewall internal IP's as the various different GW addresses. i.e. 
> Hosts A/B/C/D use FW1 as their GW, hosts E/F/G/H use FW2 as their gateway etc.

This design seems to be too complicated (in my opinion, but maybe you
have a reason for it).

My idea would be to either

a) setup the firewalls with carp and build a fail-over / load balancing
design instead of this "manual" balancing

b) use Nagios, or at least the nrpe tool, and let the firewalls do the
outbound checking (and only "ask" them if the test was successful)

regards,
Robert

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Multiple VLANs in the same subnet on different Routing Domains, sslaytor, (Thu Jul 22, 9:15 am)

Re: Multiple VLANs in the same subnet on different Routing ..., Robert, (Thu Jul 22, 11:36 am)

Re: Multiple VLANs in the same subnet on different Routing ..., Stephane Sezer, (Thu Jul 22, 1:17 pm)

Re: Multiple VLANs in the same subnet on different Routing ..., Michal, (Fri Jul 23, 2:17 am)

Re: Multiple VLANs in the same subnet on different Routing ..., Philip Guenther, (Sat Jul 24, 3:56 am)

Re: Multiple VLANs in the same subnet on different Routing ..., Pete Vickers, (Sat Jul 24, 5:30 am)

Re: Multiple VLANs in the same subnet on different Routing ..., Philip Guenther, (Sat Jul 24, 2:14 pm)

Re: Multiple VLANs in the same subnet on different Routing ..., Pete Vickers, (Mon Jul 26, 1:04 am)


linux-kernel:
Greg KH	Og dreams of kernels
Jens Axboe	[PATCH 31/33] Fusion: sg chaining support
Arnd Bergmann	Re: finding your own dead "CONFIG_" variables
Mark Brown	[PATCH 2/2] Subject: natsemi: Allow users to disable workaround for DspCfg reset
Tony Breeds	[LGUEST] Look in object dir for .config
git:
Brian Downing	Re: Git in a Nutshell guide
John Benes	Re: master has some toys
Matthias Lederhofer	[PATCH 4/7] introduce GIT_WORK_TREE to specify the work tree
Alexander Sulfrian	[RFC/PATCH] RE: git calls SSH_ASKPASS even if DISPLAY is not set
Junio C Hamano	Re: Rss produced by git is not valid xml?
git-commits-head:
Linux Kernel Mailing List	iSeries: fix section mismatch in iseries_veth
Linux Kernel Mailing List	ixbge: remove TX lock and redo TX accounting.
Linux Kernel Mailing List	ixgbe: fix several counter register errata
Linux Kernel Mailing List	b43: fix build with CONFIG_SSB_PCIHOST=n
Linux Kernel Mailing List	9p: block-based virtio client
linux-netdev:
Michael Breuer	Re: [PATCH] af_packet: Don't use skb after dev_queue_xmit()
Michael Breuer	Re: [PATCH] af_packet: Don't use skb after dev_queue_xmit()
David Daney	[PATCH 5/7] Staging: Octeon Ethernet: Convert to NAPI.
Wolfgang Grandegger	[PATCH net-next v4 1/3] can: mscan: fix improper return if dlc < 8 in start_xmi...
Amit Kumar Salecha	[PATCHv3 NEXT 2/2] NET: Add Qlogic ethernet driver for CNA devices
openbsd-misc:
Theo de Raadt	Re: Old IPSEC bug
Tomáš Bodžár	Problem with vpnc connection - check group password !
Insan Praja SW	Mandoc Compiling Error
Carl Roberso	Re: Cannot change MTU of carp interface?
Richard Daemon	Re: booting openbsd on eee without cd-rom