Re: [load balancing] Help with Layer-3-transparent firewall load balancing setup!!

From: Ramsurrun Visham <vishamr [izzat]>
Date: Mon Apr 21 2008 - 08:28:43 EDT

Dear Ed,

Many thx for the reply..

Actually, I have no problems setting up the L2 bridging firewall. I
use Ebtables to do that. The thing is that I do not know if a load
balancer, for example FOundry's ServerIron switch, can load balance
traffic without having an IP on itself. The IP gateway address is that
of the router that connects on of the load balancer. I can send you a
picture of the topology if you want.

Btw, do current load balancers support plain Round-robin per-packet
load balancing, i.e. packets forming part of the same connection are
sent to different firewall nodes. I Know of stateful and stateless
load balancing but they use a hash-based method for packet
distribution over different nodes in order to preserve session
persistence. But these are not the ones i want.

The setup I have has two firewall nodes sandwiched between 2 load
balancers. Since the firewall nodes have no IP addresses, I have to
send packets pertaining to the same connection in a round-robin manner
onto the NICs of the firewall nodes connected to the load balancer. Is
this supported by current load balancers?

I badly need these pieces of info :-(

Many thx again..

Warm regards,
