|
Posted by mikael.kermorgant.nospam@gmail on April 12, 2008, 1:15 pm
If you were Registered and logged in, you could reply and use other advanced thread options > On 12.04.2008 15:32 mikael.kermorgant.nos...@gmail.com wrote
>
>
>
> > Hello,
>
> > This is the current situation
>
> > ------------> |||||||||||||||||| -----------------> Firewall
> > F.O. switch copper
>
> > I'd like to introduce high availability in this scheme by having 2
> > firewalls.
>
> > What would it take to avoid the SPOF keeping the switch introduces ?
> > Said differently, how could I "split" the optic fiber so that each
> > firewall would be plugged ?
>
> > The complete schema of my future setup is here
:http://kgt.free.fr/objectif-net2.png
>
> Just add a 2nd gateway to the internet. I.e.
>
> / The Internet \
> | |
> 1st gw-----------2nd gw
> |\ /|
> | \ / |
> | \ / |
> | \ / |
> | \ / |
> | \ / |
> | \ / |
> | \/ |
> | /\ |
> | / \ |
> | / \ |
> 1st firewall--2nd firewall
>
> Arnold
Please forgive my ignorance but my question is just about technical
details as I don't know how to handle a fiber connection.
The trick now used is to put a switch with a SFP connector for this
fiber.
Given I replace the actual firewall with 2 new with SFP connectors,
I'd like to know if there's some passive way to mirror the incoming
traffic to the second firewall (which is sleeping, ready to takeover).
Or at least, what would the best way to handle this situation ? If
I'll have to keep that switch, I'll be able to sleep with it :)
Thanks,
Mikael
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map