|
|
|
home »
Load balancing and the efficient use of multiple Internet connections
One of Advanced Firewall major strengths is its ability to support multiple simultaneous Internet connections with load balancing of both incoming and outgoing traffic. Load Balancing (Outgoing Traffic): Utilizing multiple Internet connections can offer reliability, performance and provisioning cost benefits. Automatic re-routing of traffic from a failed connection to other alternative connections avoids the risk of a single failure cutting everybody off from the Internet. A DSL connection can be used to backup a leased line such as a T1, or DSL connections could be taken from different ISPs with their own local distribution networks to avoid a single point of failure. There is no need for unused standby connections, all connections can be utilized during normal operation. Distributing traffic across multiple connections on the basis of protocol can be used to separate low volume and interactive traffic from heavy background traffic. A typical example might be routing web browsing and Voice over IP telephony via one connection with file transfers and email using another. This will improve the performance of these interactive services as they will experience far less bandwidth contention. Alternatively traffic can be routed on the basis of its source, with traffic from particular user groups or servers being routed via connections with more available bandwidth. Protocol and source rules can be combined if necessary. Individual IPSec VPN tunnels can be configured to use any of the available network connections. Adding another Internet connection can be less expensive and less disruptive than upgrading one already in use. It may also not be possible to obtain a single higher bandwidth connection at an affordable price, with two or more slower connections being much more economical. Load Balancing (Incoming Traffic): To protect against the risk of a single Internet connection failure causing systems to become unreachable from the Internet, Advanced Firewall can route traffic from multiple Internet connections to a single server in a DMZ. This is achieved by first configuring the DNS entries for the server to use two or more public IP addresses which are presented or separate Internet connections, preferably from different ISPs with their own distribution network. Advanced Firewall is then configured with Port Forward rules to route traffic from these Internet connections to the actual server providing the service. Clients accessing the server will be allocated any one of the available IP addresses by DNS, so traffic will utilize all the Internet connections that have been configured in DNS. However, in the event of one of these Internet connections failing, clients attempting to use the failed connection will be automatically allocated one of the alternate (working) IP addresses by DNS. Advanced Firewall provides a connection failure resilient environment for the hosting of web, email and other Internet servers. Load Balancing (To Multiple Servers): Advanced Firewall can distribute traffic between multiple servers in a DMZ that are all performing the same task using Round Robin load balancing. |
  |
 |
 |
 |
| Home » © 2001-2008 SmoothWall Limited - Read our full sites terms, conditions and legalities » |
