[c-nsp] Dual-homing without BGP
Gert Doering
gert at greenie.muc.de
Thu Feb 16 15:04:29 EST 2006
Hi,
On Thu, Feb 16, 2006 at 04:16:01PM +0100, Elmar K. Bins wrote:
> BGP will handle balancing the incoming traffic, and - this is the
> best part of it - the Netscreen will push the response packets to
> exactly the interface where the request came in. The packet filter
> saves the ingress interface in its session table and consults that
> table when the response has to be routed outwards.
Yep, this is quite fascinating, and permits a lot of tricks :)
> Btw, this also works (I tested it, and I was quite surprised) if
> you omit the default routes, but I'd rather put them there anyway.
For incoming traffic, yes. For outbound traffic (no session yet), you
need the routes.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list