Enterprise LAN network load-balanced analysis of actual combat – firewalls, load
Network single point of failure affecting the operators line maintenance business, bandwidth can not meet the business needs, in recent months, these problems have been difficult for us. Now, we have decided to adopt the load-balancing technology to change all that.
Development of the Internet to the Internet as an increasingly important business needs, enterprises have not only to build an Internet site to promote or to meet the enterprise employees to access the Internet. With the application of higher level, business application of the Internet has already expanded to the e-commerce, mobile workforce VPN dial, the remote system maintenance related to the company day to day running of the application. Therefore, network-building online businesses to consider not only the safety, reliability and availability and must be considered part of the.
In our business, the original local area network using a PIX525 Firewall Connected to the external network through a firewall on the four Ethernet ports to connect with the enterprise network security level related to four different areas: Inside corporate LAN port connection, Outside port connected to the Internet, DMZ1 port to connect enterprise Internet business server cluster region DMZ2 port to connect industry networks. From the reliability point of view, there is a single point of network failure. Exports as the core of the network equipment, all carrying a firewall application, not only the larger load and no redundancy, the event of a failure will affect all applications. Internet access with a link also exists a single point of failure, ISP failure of network connections and Internet access operator to adjust lines, maintenance and other issues will affect the normal operation of enterprise Internet applications. From the usability point of view, 10M Internet bandwidth has been unable to meet the growing enterprise application needs, and ISP's network will use a major ISP gateway as interoperability problems caused by different ISP networks in the application of slow or unstable. To solve the above problem, we have chosen the network load balancing transformation exports to protect the enterprise Internet applications.
Needs analysis For the current problems, and give full consideration to the practical applications, network load balancing export requirements to achieve the following objectives:
1. Key equipment and link load balancing and fault redundancy, and called for the expansion of the network has flexible space, according to the practical application of the future demand growth in the full use of existing Network equipment And network topology where the network expanded exports.
2. Internet access to load balancing and fault redundancy, use two different ISP links, and provide services. Required to establish a certain link between the two traffic management mechanism is reasonable and effective distribution of the two links, resources, and the failure of a link to automatically switch their traffic to other links, automatically and transparent fault tolerance . When the link restored automatically added to the load balancing group, VPN dial to achieve fault tolerance.
3. ISP to provide intelligent management of different network services and optimize all of the ISP link. External access to the data required to ISP1 link out from the ISP1, the returned data is still from the ISP1 link back; the same to the same data ISP2. Internal access requests within the server network address can also map the two ISP's public network address, the Uniform Domain Name, remote access through dynamic DNS to find the most appropriate ISP connection to access the server.
Technology decomposition According to needs analysis, we use a firewall cluster and multi-link load balancing two technical solutions to achieve business online load balancing.
We use two SG-1000 Firewall settings into clusters, firewall load balancing and fault redundancy. The distribution of cluster nodes load the main CPU utilization under the firewall to determine the use of a firewall cluster of multi-link technology of the Internet link load balancing and fault redundancy
I am an expert from chinaslurrypump.com, while we provides the quality product, such as Sludge Pump EZG manufacturer , Sand Pump ES, Mortar pump,and more.
Processing your request, Please wait....
