On 3/21/07, Jim MacLeod <jmacleod@gmail.com> wrote:
> On 3/20/07, Zachary Grafton <chaotic.chowder@gmail.com> wrote:
> > Well, the greatest thing about the sidewinder is how easy it is to
> > configure things. It does have clustering and nice failover features,
> > which are in my opinion, extremely important. If you are worried about
> > performance with a Sidewinder, just buy another one and cluster them.
>
> Does it support active-active load splitting? Or do you need an
> external load balancer for that?
The Sidewinder G2 does have active-active load-splitting, but many
customers (us included) choose to use an external load-balancer.
One reason we use an external load balancer appliance is because our
LB can do the one load-control approach missing from Sidewinder G2:
limit clients by bandwidth, session rate, and max simultaneous
sessions (Sidewinder has rate limiting only for IP-Filter, and no ToS
or bandwidth controls).
> How destructive is the transition when one fails?
> How extensive is the state sync?
Clusters share IP-filter state and configuration only, any proxied TCP
connections on the failed firewall will abend when a failover event
occurs.
> Will it scale to n+1, or is it limited to 2 firewalls?
The web site states you can have 5 firewalls in a cluster. I believe
they're working towards highly scalable load-sharing, but I don't know
what the current load-sharing options are.
Kevin "Just a (mostly) happy customer" Kadow
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
|