RE: [fw-wiz] External Load Balancing
From: Wes Noonan (mailinglists_at_wjnconsulting.com)
Date: 01/06/05
- Previous message: Dave Wiley: "RE: [fw-wiz] External Load Balancing"
- In reply to: Peter Trembath: "RE: [fw-wiz] External Load Balancing"
- Next in thread: Dave Breiland: "Re: [fw-wiz] External Load Balancing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <trembath.peter@sbcglobal.net>, "'Richard St John'" <Richard.StJohn@gbe.com>, <firewall-wizards@honor.icsalabs.com> Date: Thu, 6 Jan 2005 11:55:09 -0600
It's so rare to be home and able to reply for a change...
Just wanted to throw a log on this fire. F5 seems to be everywhere I go...
Wes Noonan
mailinglists@wjnconsulting.com
http://www.wjnconsulting.com
Hardening Network Infrastructure - A concise how to guide
Available Now!!
Order at http://tinyurl.com/5852c
> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com [mailto:firewall-wizards-
> admin@honor.icsalabs.com] On Behalf Of Peter Trembath
> Sent: Thursday, January 06, 2005 09:38
> To: Richard St John; firewall-wizards@honor.icsalabs.com
> Subject: RE: [fw-wiz] External Load Balancing
>
> Hey Richard,
>
> No direct experience but when I was with Concord Communications (Network,
> Systems and Apps Mgmt/Reporting Software) as an SE, I called on hundreds
> of
> the Fortune 1000 companies. I'd venture to say 70% of them had at least
> one
> F5.
>
> So... a.) they are all sheep or b.) the box must have had something
> going
> for it.
>
> One drawback from the mgmt/reporting side. F5 took a shortcut when it
> came
> to implementing SNMP. It's basically still just a server, albeit a
> specialty one, right? So rather than actually write a Mib for it they
> just
> used the old UC-Davis (now net-snmp) Mib. http://net-
> snmp.sourceforge.net/
> This was a freeware mib that used to be distributed by the Univ. of Calf.
> at
> Davis. It was actually a pretty good server Mib and covered a lot of
> platforms. And F5 did extend the Mib with F5 specific variables.. So
> what's the problem?
>
> The problem is that F5 did not change the enterprise ID from (UC Davis
> Agent - 2021) to F5 (F5 - 3775) of the Mib on most of the versions of
> their
> software. This give network management systems that use the enterprise ID
> as part of their auto-discovery a lot of heartburn. They think the box is
> just a plain old server running the UCD agent when in reality it's an F5
> Big
> IP box and you miss all the "good" statistics.
>
> So my advice is to call F5 before you buy and make sure they a.) give you
> all the current Mibs for your particular box/code and b.) they use their
> OWN
> enterprise ID. They have known about this problem for a long time and may
> have fixed it by now.
>
> Regards,
>
> - Peter (ex-Concord now un-employed) Trembath
>
> Peter Trembath
> 30524 Barlow
> Farmington Hills, Michigan 48334
> Home Phone: 248-851-3672
> Personal Cell: 248-760-6871
> Primary email: trembath.peter@sbcglobal.net
> Secondary email: ptrembath@hotmail.com
>
> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com
> [mailto:firewall-wizards-admin@honor.icsalabs.com]On Behalf Of Richard
> St John
> Sent: Thursday, January 06, 2005 9:21 AM
> To: firewall-wizards@honor.icsalabs.com
> Subject: [fw-wiz] External Load Balancing
>
>
> Good morning list,
>
> We are currently running in an outbound load balanced setup. A packet
> from inside has a one in four chance of hitting a specific firewall.
>
> We are beginning to look at load balancing the external side of our
> network so that a packet from the outside has a one in four chance of
> hitting a specific firewall.
>
> A quick search of the internet turned up:
>
> Resonate Central Dispatch
> Radware Web Server Director
> Alteon ACE director 2
> F5 Big/ip
> Coyote Point Equalizer E250
> Holon Tech Hyper Flow 2
> IBM WebSphere Perf. Pack
> Hydra Web Hydra
> Ipivot Intelligent Broker 4000
>
> Anyone have comments about these?
>
> Richard St. John
> Graybar Electric Company
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Dave Wiley: "RE: [fw-wiz] External Load Balancing"
- In reply to: Peter Trembath: "RE: [fw-wiz] External Load Balancing"
- Next in thread: Dave Breiland: "Re: [fw-wiz] External Load Balancing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
