This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

sizing HA links

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

sizing HA links

fvanlancker
Not applicable

‎01-02-2013 10:08 AM

Hi all,

I would like to know what the requirements are on HA1, HA2 and HA3 links in an active/active deployment. Is there a formula to calculate this ?

Labels:
0 Likes Likes
3 REPLIES 3

sdurga
L6 Presenter

‎01-02-2013 12:45 PM

Can you please elaborate what do u mean by requirements, Is it the band width, or the latency between the interfaces or something else ? Which software and hardware are you using ?

Tx,

Sandeep T

0 Likes Likes

fvanlancker
Not applicable
In response to sdurga

‎01-02-2013 12:49 PM

Assuming that we want to create an active-active cluster with X Gbps troughput.
The first packet arriving will be the session owner and using ip-modulo to decide L2-4 processing.
What would be the bandwidth requirements on the HA1, HA2 and HA3 links.
There must be a way to calculate this, in order to properly size the links.

HW: 2 x 5020

PANOS: 5.0.1

0 Likes Likes

sdurga
L6 Presenter
In response to fvanlancker

‎01-02-2013 01:42 PM

Hi,

I believe the amount of traffic traversing through the HA3 is hard to predict. Because it varies on a lot of factors like the type of traffic/sessions (short lived sessions will cause more traffic to go through on the HA3). The mode in which the HA active/active is setup that is whether Vwire-mode or L3-mode. And also whether you are implementing arp load sharing or floating ip's. All these factors directly or indirectly affect the amount of packets that flow through the HA3 interface. In general I have seen customers using aggregate interfaces as HA3 interfaces so that one can add or decrease the band width accordingly. I have see customers using HA3 interfaces with 4-8 gbps of bandwidth with all of the 10 gig interfaces of the firewall connected to upstream and downstream. Again it varies from case to case. I believe you can start of with 8 gbps and monitor the HA3 interface for a while for the throughput and eventually you can adjust the size of this if you want the port badly. Regarding HA2 and HA1 you can use the dedicated interface which are sufficient.

Tx,

Sandeep T

  • 2559 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks