Re: [FW1] Large number of Static Routes on a Sun box

Sun, 16 Jul 2000 21:57:02 -0700 


At one point we were running with ~600-700 static routes (and that is with 
using route summarization) on our Sun U10 and we didn't notice any great 
problems.  We got fed up with adding and deleting static routes that we 
changed the Sun box into a FW + router by adding gated.  The biggest problem 
is identifying internal networks in rules.  It sure would be nice if FW-1 
allowed rules to be put on interfaces or if it was smart enough to 
dynamically figure out what subnets are located internally so we didn't have 
to muck about with adding and deleting networks to the internal networks 
FW-1 group.   <sigh>

Cheers,

./CK


>From: William J Husler <[EMAIL PROTECTED]>

>Date: Sun, 16 Jul 2000 10:32:58 -0700
>
>
>We have a firewall (FW-1 v4) running on a Sun ES450 that connects numerous
>subsidiary networks. As a result of the divergent networks involved (as 
>well
>as address translation in some cases), we have add a number of static
>network routes (and static host routes) to the firewall. We are currently 
>up
>to almost 200 lines in the routing table. This firewall is experiencing
>through-put problems (at least everyone is pointing fingers at it) and the
>vendor (Sun) tech support has stated that it could be caused by this large
>number of static routes. Has anyone else experienced this scenerio or have
>experience with a large routing table on a Sun box? One comment I
>particularly did not like was "It's not a router you know". Just what do
>they think a firewall does anyway?
>Bill
>
>
>
>================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>================================================================================

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to