Four-Subnet Fwlb; Figure 13-5 Four-Subnet Fwlb Topology - Nortel Web OS Switch Software Application Manual

Web OS 10.0 Application Guide

Four-Subnet FWLB

The four-subnet FWLB method is often deployed in large networks that require high-availabil-
ity solutions. This method uses filtering, static routing, and Virtual Router Redundancy Proto-
col (VRRP) to provide parallel firewall operation between redundant Web switches.
Figure 13-5
Internet

Figure 13-5 Four-Subnet FWLB Topology

This network is classified as a high-availability network because no single component or link
failure could cause network resources to become unavailable. Simple switches and vertical
block interswitch connections are used to provide multiple paths for network failover. Nor-
mally the interswitch link between the primary and secondary Web switches is configured on
port 9 of the Web switch. However, the interswitch links may trunked together with multiple
ports for additional protection from failure.
N
OTE
Web switches and simple switches are also possible. While such topologies may resolve net-
working issues in special circumstances, they can make configuration more complex and can
cause restrictions on the use of advanced features such as Active-Active VRRP, free-metric
FWLB, or Content Intelligent Switching. Alternate topologies are explored in more detail in
Web OS FWLB white papers, but are not within the scope of this manual.
n
326 Chapter 13: Firewall Load Balancing
shows one possible network topology using the four-subnet method:
Dirty Side
Subnet 1
Routers
Simple
Switches
Web Switch
–
Other topologies that use internal hubs, or diagonal cross-connections between the
Subnet 2
Primary
Secondary Firewalls
Clean Side
Subnet 3 Subnet 4
Primary
Simple
Switches
Secondary
Web Switch
212777-A, February 2002
Servers