Firewalls: Re: Redundant Firewall Construction

Firewalls
(October 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Redundant Firewall Construction
From:	alan @ mindvision . com (Alan Hannan)
Date:	Mon, 7 Oct 1996 19:23:43 -0500 (CDT)
To:	dick_mosher @ wstnres . com (Dick Mosher)
Cc:	firewalls @ greatcircle . com
In-reply-to:	<9609078447 . AA844730978 @ cc . wstnres . com> from "Dick Mosher" at Oct 7, 96 04:29:18 pm
Reply-to:	alan @ mindvision . com (Alan Hannan)

 Hi Dick,

>      Has anyone set up a hot firewall backup for their system?  We are 
>      wanting to provide as close to 24x7 access to the Web as we can, 
>      and would like to put in a hot backup for the firewall.  

 I have not installed one, but I've done Proof-of-concept on the
 below, and it works well.

                      World
                        | 
                 Router_To_World
                        |
          ============================
           |                        |
        Firewall_A             Firewall_B
           |                        |
          ============================
                  |         |                     
               Router_A   Router_B ......        
                  |         |                   
              Int_Net_A    Int_Net_B           

  Router_A and Router_B would be your departmental routers, or your
  campus routers, depending on the size of your network.
  Regardless, they're meant to be the "top" or the hierarchical
  network one step below the common meet point or DMZ.

 Router_A is configured to default to Firewall_A.
 Router_A has a less preferable default route to Firewall_B.
 Router_B is configued to default to Firewall_A (just like Router_A)
 Router_B has a less preferable default route to Firewall_B.

 In the situation where Firewall_A were to break, Router_A would
 realize that that route wasn't available, and switch over to
 Firewall_B.  This can be done manually or automatically.

 This sort of construction gives you some very very nifty possibilities, 
 like loadsharing between firewalls from your internal network with
 fully meshed redundancy and such....  Router_A could default
 primary to Firewall_A and secondary to Firewall_B, as well as
 Router_B defaulting primary Firewall_B, and secondary to
 Firewall_A.

>      We have 
>      been unable to resolve IP addressing and routing questions, and 
>      have found no auto-sensing and -switching device to make this 
>      work.  

  Well, certainly the "broked-ness" of the firewall can vary.  The
  above situation can be constructed to fallover automatically when
  a firewall's interface crashes (ie power problem or crash).  If
  this isn't a good enough "broked" then you could script some
  checking from inside and trigger manual fall-over.

 The issue of synchronizing the databases (not logs) is rather
 straight-forward, yet time consuming...

> Has anyone done this sort of thing?  Any suggestions?  Or 
>      people to contact for advice?  Thanks.

 If the above stuffs is interesting, or if you've questions, mail
 me.

 See you,

 Alan

Follow-Ups:

Re: Redundant Firewall Construction
From: alan @ mindvision . com (Alan Hannan)

References:

[no subject]
From: "Dick Mosher" <dick_mosher @ wstnres . com>

Indexed By Date	Previous:	Re: Sniffer detection. From: batie @ aahz . jf . intel . com (Alan Batie)
Indexed By Date	Next:	RE: Sniffer detection. From: Gene Lee <genel @ inforamp . net>
Indexed By Thread	Previous:	Re: From: Shahryar Jahangir <sj @ bear . com>
Indexed By Thread	Next:	Re: Redundant Firewall Construction From: alan @ mindvision . com (Alan Hannan)