Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

EE NLB + 803.2ad

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> EE NLB + 803.2ad Page: [1]
Login
Message << Older Topic   Newer Topic >>
EE NLB + 803.2ad - 3.Oct.2006 3:16:11 PM   
Scalepoint

 

Posts: 2
Joined: 3.Oct.2006
Status: offline 		In order to prevent any single point of failure I'm thinking about deploying this type of configuration, but will it work?

(this is a sample for the external network, but configuration should by applied on any side of the firewall e.g. DMZ, internal, and so on)

Intel 1000MT Dual port server NIC configured with 803.2ad (link aggregation), where each of the ports in the NIC are connected to 1 Cisco 3560 switch.

The 2 Cisco switches are connected by a single uplink
Both are switches are connected (redundant) to 2 routers (2 uplinks pr. switch)
The switches are running BGP4 in an active/passive configuration.

NLB is enabled on ISA2006 EE.

Question:
Does the virtual MAC address from the 802.3ad conflict with the unicast MAC from ISA2006.?
Would the 802.3ad cause the converging of NLB nodes across the uplink between the switches?

_____________________________

Best regards
Carsten Vienberg
Post #: 1
RE: EE NLB + 803.2ad - 3.Oct.2006 3:35:24 PM   
tshinder

 

Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Carsten,

I've heard many problems with link aggregation. Give it a try and see if it works for you and let us know.

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Scalepoint)
Post #: 2
RE: EE NLB + 803.2ad - 3.Oct.2006 4:22:08 PM   
Scalepoint

 

Posts: 2
Joined: 3.Oct.2006
Status: offline 		Hi Tom

Not the answer I was hoping for .
I'll try it out, but I think we'll upgrade the switch to 3750 because it can be stacked as 1 big virtual switch, in order to ensure that the trunk can work across two units.

I'll get on this thread when I have more information. (this might take a while)

_____________________________

Best regards
Carsten Vienberg

(in reply to tshinder)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> EE NLB + 803.2ad Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts