Re: [fw-wiz] router with 2 redundant inferfaces



Simple answer ... NO

Long answer:
This is wrong on so many levels ...
1) If you have 2 lines you can make load balancing
2) What happens if a cpu or disk or ram blows out? ... You are down on both
lines ...
3) Two machines are kinda better security if one is compromised you can turn
it down and let the other take the hitting while you analyze what's happened.
4) You can keep the state of the connections with some black magic

Of course there are some downsides:
1) More money for hw ... but with current prices you will be good for less
than 400$ (if price is of such a concern)
2) standard software solution can't properly keep the conection state over 2
machines so if one router goes down all statefull connections/protocols break
and need to be reestablished
3) fail detection takes some time

Observation from real life (built by a friend and for some time taken care by
me)
2 machines (supermicro boards with ich7r) 3 nics on each machine, 1G ram, no
disk (network booting). Both machines were doing load balancing, failover to
the other, vpn connections to remote site, trunking, traffic accounting, some
filtering. They ran pretty fine. Time for a complete failover was between 11
and 15 secs. TCO was about 800$ 2 years ago (at least). They were pushing
combined traffic from the both lines in excess of 30 Mbit and th load was
zilch

Hope this answers the question pretty completely
On Sunday 13 April 2008 23:18:21 shadow floating wrote:
Hi guys,
my company is having 2 leased lines internet connections and they were
about to buy two routers to make them standby to each other, each with
one of the internet connections, as they were discussing with some
network consultant...he convinced them to reduce cost and put 2 wics
in one router only each connected to the each internet connection
instead of buying 2 routers....is that appropriate??

thanks alot

Nad
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

--
BOFH excuse #255:
Standing room only on the bus.
--
Regards
Vladimir Vitkov

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • Re: Using Two ADSL Internet Connections Simultaneously
    ... > connections to the internet and use these connections to provide ... > internet access to several wireless laptop computers. ... Try a quick Google search using "load balancing router" ... pick does load balancing as well as failure mode switching. ...
    (comp.dcom.telecom)
  • Re: Encoder On Wireless Network
    ... see the information for "URL For Internet Connections", ... Detect".I believe this is why we cannot stream our content. ... Connections" has the name of our computer listed and we are using port "8080". ... You did not disable to firewall unless you logged into your wireless router ...
    (microsoft.public.windowsmedia.encoder)
  • Re: [fw-wiz] router with 2 redundant inferfaces
    ... Two machines are kinda better security if one is compromised you can turn ... You can keep the state of the connections with some black magic ... machines so if one router goes down all statefull connections/protocols break ... my company is having 2 leased lines internet connections and they were ...
    (Firewall-Wizards)
  • Re: [fw-wiz] dual ISP connections
    ... I had BGP links at my last job. ... Load balancing is ... If the connections are through 2 separate ISP's then you need to run BGP ... You must have /24 as the internet routing tables do not support routes ...
    (Firewall-Wizards)
  • Re: Oracle 10g R2 RAC server side load balancing
    ... In Oracle 10g r2, Oracle provides a load balancing advisory to ... If my application is using PRO*C instead of OCI, then connections ... made by the application cannot utilize server side load balancing. ...
    (comp.databases.oracle.server)