Re: [fw-wiz] GLBP Alternative
- From: Ryan McBride <mcbride@xxxxxxxxxxxxxxxx>
- Date: Mon, 14 Aug 2006 02:35:27 +0000
On Thu, Aug 10, 2006 at 11:45:03AM -0300, Fabio Meneses wrote:
Anyone know any alternative to Cisco's GLBP ?
Its more like an redundancy solution, but provided with Load Balancing
capabilities, for L3 devices.
OpenBSD's CARP protocol (also available on FreeBSD and Linux, among
others) has the same functionality. In fact, CARP's arpbalance feature
seems to predate GLBP, although I've never seen OpenBSD credited for the
idea.
Note that the ARP-based load balancing found in both CARP and GLBP share
the same limitations:
- ARP balancing only works on the local network segment. It cannot
balance traffic that crosses a router, because the router itself will
always be balanced to the same virtual host.
- Secondly, ARP load balancing can lead to asymmetric routing of
incoming and outgoing traffic. If you're using a packet filter that
does state tracking, this may cause problems as state values will be
out-of-sync. Proxies or NAT can be used to avoid this asymetric route
issue.
More information can be found in the OpenBSD carp(4) manual page:
http://www.openbsd.org/cgi-bin/man.cgi?query=carp
Disclosure: I'm one of the primary authors and maintaners of CARP.
-Ryan
--
Ryan T. McBride, CISSP - mcbride@xxxxxxxxxxxxxxxx
Countersiege Systems Corporation - http://www.countersiege.com
PGP key fingerprint = 5A63 31A0 B2E0 4A64 3D16 C474 99A7 BEFE F9BA A8E0
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] GLBP Alternative
- From: Fabio Meneses
- [fw-wiz] GLBP Alternative
- Prev by Date: Re: [fw-wiz] GLBP Alternative
- Next by Date: [fw-wiz] Firewall requirements for VoIP applications
- Previous by thread: Re: [fw-wiz] GLBP Alternative
- Next by thread: [fw-wiz] Firewall requirements for VoIP applications
- Index(es):
Relevant Pages
|
|
