Technical data
ServerIron FWLB Overview
May 31, 2012 © 2012 Brocade Communications Systems, Inc. 3 - 7
Figure 3.2 Basic FWLB Topology
As shown in this example, each ServerIron is configured with paths through the firewalls to the other ServerIron.
The ServerIrons use these paths as part of the load balancing mechanism to ensure that traffic for a given IP
source and IP destination always passes through the same firewall. All FWLB configurations require paths.
HA FWLB Topology
For high availability (HA), you can deploy pairs of ServerIrons in active-active configurations on each side of the
firewalls. In an Active-Active configuration, both ServerIrons in a high-availability pair actively load balance FWLB
traffic. Active-Active operation provides redundancy in case a ServerIron becomes unavailable, while enhancing
performance by using both ServerIrons to process and forward traffic.
HA FWLB on ServerIron Chassis devices is always stateful. Each ServerIron sends session information about its
active traffic flows to the other ServerIron. If a failover occurs, the ServerIron that is still active can provide service
for the other ServerIron traffic flows using the session information provided by the other ServerIron.
In an HA topology using ServerIron Chassis devices, both ServerIrons actively load balance traffic to the firewalls.
If one of the ServerIrons becomes unavailable, the other ServerIron automatically takes over load balancing for
the sessions that were on the unavailable ServerIron.
Figure 3.3 shows an example of HA FWLB.
SI-A
SI-C
Layer 3
Firewall-1
Layer 3
Firewall-2
Internet Router
Internal Router