打印

[網絡] 問: 公司network load balancing / failover 最平既方案

問: 公司network load balancing / failover 最平既方案

今個月頭公司 PCCW 條線死左,一死就死左半日。老細問有無平既解決方案,問左 vendor quote 左個三皮野既 firewall 但 Boss 都話貴。
甘重有無平啲既方法? 其實啲 ISP 有無依啲 friewall / router 租同會幫手 configure 嘛架?
Viva la vida

TOP

引用:
原帖由 backspace-hk 於 2012-4-23 12:20 發表
今個月頭公司 PCCW 條線死左,一死就死左半日。老細問有無平既解決方案,問左 vendor quote 左個三皮野既 firewall 但 Boss 都話貴。
甘重有無平啲既方法? 其實啲 ISP 有無依啲 friewall / router 租同會幫手 configure  ...
平: 買多隻cheap雞router,然後寫定個vbscript改gateway,出事o個時叫咪請全人類手動行script

[ 本帖最後由 rickywk 於 2012-4-23 12:26 編輯 ]

TOP

linux router lor

pfsence / clearos

TOP

引用:
原帖由 rickywk 於 2012-4-23 12:24 發表

平: 買多隻cheap雞router,然後寫定個vbscript改gateway,出事o個時叫咪請全人類手動行script
整個NAT

TOP

引用:
原帖由 rickywk 於 2012-4-23 12:24 發表

平: 買多隻cheap雞router,然後寫定個vbscript改gateway,出事o個時叫咪請全人類手動行script
但個 mail server 都 hold 係公司 server room,夜晚死左線唔通要返黎整
Viva la vida

TOP

引用:
原帖由 lctang 於 2012-4-23 12:27 發表
linux router lor

pfsence / clearos
linux 無玩過,有無啲自己唔洗整既方法? 最好就係 ISP 做晒,分期每個月比都得

[ 本帖最後由 backspace-hk 於 2012-4-23 12:35 編輯 ]
Viva la vida

TOP

Pfsence

Redundancy

CARP from OpenBSD allows for hardware failover. Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active. pfSense also includes configuration synchronization capabilities, so you make your configuration changes on the primary and they automatically synchronize to the secondary firewall.

pfsync ensures the firewall's state table is replicated to all failover configured firewalls. This means your existing connections will be maintained in the case of failure, which is important to prevent network disruptions.
Limitations

    Only works with static public IPs, does not work with stateful failover using DHCP, PPPoE, or PPTP type WANs

Load Balancing
Outbound Load Balancing

Outbound load balancing is used with multiple WAN connections to provide load balancing and failover capabilities. Traffic is directed to the desired gateway or load balancing pool on a per-firewall rule basis.
Inbound Load Balancing

Inbound load balancing is used to distribute load between multiple servers. This is commonly used with web servers, mail servers, and others. Servers that fail to respond to ping requests or TCP port connections are removed from the pool.

TOP

引用:
原帖由 backspace-hk 於 2012-4-23 12:33 發表

linux 無玩過,有無啲自己唔洗整既方法? 最好就係 ISP 做晒,分期無個月比都得
同一個 ISP 同一幢 building 死既機會大過 2個 ISP
不過 MX record 死症 無得搞

TOP

有MAIL SERVER 冇得平,
最貴用BGP? 兩條LINE , MAIL IP 自動ROUTE
2條LINE, 2個IP, 2個MX ,一個去唔到人地SERVER搵第二個IP入,但有風險

至於出街方法好多,ENDIAN FIREWALL 可以自動FAIL OVER (當然多數LINUX FW都應該有)

TOP

引用:
原帖由 lctang 於 2012-4-23 12:35 發表


同一個 ISP 同一幢 building 死既機會大過 2個 ISP
不過 MX record 死症 無得搞
MX records 可以係DNS 整2個MX records, backup 個條set 低D priority 就得.
最大問題其實, 冇人識整. 要平, 就要自己set.

TOP

其真個MAIL係咪大到一定要自己HOST? EXCHANGE? LOTUS NOTE??

TOP

再唔係搵類似 message lab 咁 filter 晒 再同你 route

TOP

引用:
原帖由 1q1q1q 於 2012-4-23 12:38 發表


MX records 可以係DNS 整2個MX records, backup 個條set 低D priority 就得.
最大問題其實, 冇人識整. 要平, 就要自己set.
要平同要人整
老細見到 setup cost 大先肴底,每月陰乾係可行的
Viva la vida

TOP

引用:
原帖由 smallhonhon 於 2012-4-23 12:39 發表
其真個MAIL係咪大到一定要自己HOST? EXCHANGE? LOTUS NOTE??
用某一隻 windows base 的 POP3 mail server
support 300人 到
唔自己 host 轉去 data center?
Viva la vida

TOP

引用:
原帖由 backspace-hk 於 2012-4-23 12:43 發表

用某一隻 windows base 的 POP3 mail server
support 300人 到
唔自己 host 轉去 data center?
轉去 data center 租櫃

TOP