From: Randall Cruz (ercruzv@gmail.com)
Date: Tue Nov 22 2005 - 23:18:06 EST
Hi Gurus,
I have a question about SunScreen Firewall on Solaris 9. I hope some of you
can give an idea about what to do in this issue.
The topic is about to two SunFireV240 with SunScreen in HA configuration. The
first V240 (node1) is the active node and the second V240 (node2) is the
standby or passive node.
The node2 network interfaces normally in HA configuration copy the MAC address
of the active node interfaces, so it can take over in case that the active
node crash o fails.
Reading the documentation about it, seems that this type of HA configuration
was designed "thinking" in Hub networks devices and not in switches. If I use
a switch instead that a Hub, the switch will detect a duplicated MAC so it
will disable the switch port where the active o passive node is connected.
Here comes the question. Does anybody can give me an idea in how to solve this
disadvantage of the SunScreen Firewall? The temporally solution could be to
place a 100MB Hub, but all the network infrastructure is 1000MB, so this
device will become a bottleneck of the network topology.
Any help will be really welcome!!!
Thanks a lot and have a great day!
Randy
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:37:08 EDT