[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Proxy ARP and Stonebeat

To: Alan.Trevillion@BankAmerica.com
Subject: Re: [FW1] Proxy ARP and Stonebeat
From: Lance Spitzner <spitzner@dimension.net>
Date: Tue, 4 May 1999 10:13:12 -0400 (EDT)
Cc: fw-1-mailinglist@lists.us.checkpoint.com


On Tue, 4 May 1999 Alan.Trevillion@BankAmerica.com wrote:

> We have firewall ver 3.0b running on solaris 2.6, we also have just
> installed stonebeat ver 2.1. Everything works fine, But we are using NAT
> and Proxy ARP entries on the primary firewall, now any routing changes are
> done in a file called onlineroutes.sh, but how does one cope with the proxy
> ARP entries in the event of a failover  to the econdary ?,  for the moment
> we have put them in the onlineroutes.sh and this works, but I believe the
> onlineroutes.sh file should only be used for Routing.

That is the beauty of Stonebeat, when the primary fails, the secondary assumes
its identity, including the same MAC addresses.  The only IP/MACs that remain
unique are the Stonebeat NICs used to admin the systems.  So, you should have no
proxy ARP problems, since both will be using the same MACs.

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html
Internetworking & Security Engineer
Dimension Enterprises Inc



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Proxy ARP and Stonebeat
Next by Date: Re: [FW1] How to: Turn off a reporting for broadcasts to *.*.*.255
Prev by thread: Re: [FW1] Proxy ARP and Stonebeat
Next by thread: Re: [FW1] Proxy ARP and Stonebeat
Index(es):
- Date
- Thread