Alcatel Carrier Internetworking Solutions 6600 User Manual
Configuring High Availability VLANs
Release 5.1.6.R02 User Guide Supplement
June 2005
page 3-7
Traditional Firewall Implementation
The figure below shows two high availability VLANs that are used to manage a third-party high availabil-
ity firewall cluster. Unsecure traffic from the Internet comes into the OmniSwitch through the ingress port
1/1 of high availability VLAN 10. This traffic is sent to the high availability cluster through the egress
ports that belong to HA VLAN 10 (2/9, 2/10, and 3/5).
ity firewall cluster. Unsecure traffic from the Internet comes into the OmniSwitch through the ingress port
1/1 of high availability VLAN 10. This traffic is sent to the high availability cluster through the egress
ports that belong to HA VLAN 10 (2/9, 2/10, and 3/5).
Firewall and High Availability Cluster
The third-party high availability firewall cluster sends authorized traffic to ports 4/1, 5/3, and 5/4 that
belong to standard VLAN 20. This traffic is then forwarded on VLAN 20 to the private network.
belong to standard VLAN 20. This traffic is then forwarded on VLAN 20 to the private network.
See
for instructions on how to configure the high
availability VLANs in the example above.
OmniSwitch 7800
Data Flow
Private
Network
Internet
OmniSwitch
HA VLAN 10
2/9
2/10
3/5
Standard VLAN 20
4/1
5/3
5/4
Firewall Port Clusters
Data Flow
Ingress
Egress
1/1