[fw-wiz] dual ISP connections

Carson Gaspar carson at taltos.org
Tue Jun 27 20:24:56 EDT 2006


--On Tuesday, June 27, 2006 10:11 AM -0400 James Paterson 
<jpaterson at datamirror.com> wrote:

> We went through this same thing several years back, BGP is a large
> hassle that is really not necessary these days, you can get devices made
> by several vendors that handle this type of high availability / load
> balancing. Radware's LinkProof, F5's Big IP are a couple, and there are
> many more. No need for ASN's no need for a full /24 network, it all
> works via DNS.

As long as you ignore:

- DNS Caching (frequently requiring a client restart - yes, those clients 
are broken - no, we can't make users fix them).
- Existing connections will be dropped
...

Sure. But be _very_ sure you understand what the costs are if you avoid the 
real BGP solution.

-- 
Carson


More information about the firewall-wizards mailing list