Four-subnet fwlb, Four-subnet fwlb 326, Figure 13-5: four-subnet fwlb topology 326 – Nortel Networks WEB OS 212777 User Manual

Web OS 10.0 Application Guide

326

n

Chapter 13: Firewall Load Balancing

212777-A, February 2002

Four-Subnet FWLB

The four-subnet FWLB method is often deployed in large networks that require high-availabil-
ity solutions. This method uses filtering, static routing, and Virtual Router Redundancy Proto-
col (VRRP) to provide parallel firewall operation between redundant Web switches.

Figure 13-5

shows one possible network topology using the four-subnet method:

Figure 13-5 Four-Subnet FWLB Topology

This network is classified as a high-availability network because no single component or link
failure could cause network resources to become unavailable. Simple switches and vertical
block interswitch connections are used to provide multiple paths for network failover. Nor-
mally the interswitch link between the primary and secondary Web switches is configured on
port 9 of the Web switch. However, the interswitch links may trunked together with multiple
ports for additional protection from failure.

N

OTE

–

Other topologies that use internal hubs, or diagonal cross-connections between the

Web switches and simple switches are also possible. While such topologies may resolve net-
working issues in special circumstances, they can make configuration more complex and can
cause restrictions on the use of advanced features such as Active-Active VRRP, free-metric
FWLB, or Content Intelligent Switching. Alternate topologies are explored in more detail in
Web OS FWLB white papers, but are not within the scope of this manual.

Subnet 1

Subnet 2

Subnet 3

Subnet 4

Dirty Side

Clean Side

Internet

Routers

Simple

Switches

Simple

Switches

Firewalls

Primary

Secondary

Web Switch

Primary

Secondary

Web Switch

Servers