Network Router User Manual
Web OS 10.0 Application Guide
326
Chapter 13: Firewall Load Balancing
212777-A, February 2002
Four-Subnet FWLB
The four-subnet FWLB method is often deployed in large networks that require high-availabil-
ity solutions. This method uses filtering, static routing, and Virtual Router Redundancy Proto-
col (VRRP) to provide parallel firewall operation between redundant Web switches.
Figure 13-5 shows one possible network topology using the four-subnet method:
Figure 13-5 Four-Subnet FWLB Topology
This network is classified as a high-availability network because no single component or link
failure could cause network resources to become unavailable. Simple switches and vertical
block interswitch connections are used to provide multiple paths for network failover. Nor-
mally the interswitch link between the primary and secondary Web switches is configured on
port 9 of the Web switch. However, the interswitch links may trunked together with multiple
ports for additional protection from failure.
NOTE – Other topologies that use internal hubs, or diagonal cross-connections between the
Web switches and simple switches are also possible. While such topologies may resolve net-
working issues in special circumstances, they can make configuration more complex and can
cause restrictions on the use of advanced features such as Active-Active VRRP, free-metric
FWLB, or Content Intelligent Switching. Alternate topologies are explored in more detail in
Web OS FWLB white papers, but are not within the scope of this manual.
Subnet 1 Subnet 2 Subnet 3 Subnet 4
Dirty Side Clean Side
Internet
Routers
Simple
Switches
Simple
Switches
Firewalls
Primary
Secondary
Web Switch
Primary
Secondary
Web Switch
Servers