212777-A, February 2002 313CHAPTER 13Firewall Load BalancingFirewall Load Balancing (FWLB) with Alteon Web switches allows multiple active firewallsto operate in parallel. Parallel operation allows users to maximize firewall productivity, scalefirewall performance without forklift upgrades, and eliminate the firewall as a single point-of-failure.This chapter presents the following material: “Firewall Overview” on page 314An overview of firewalls and the various FWLB solutions supported by Alteon Webswitches. “Basic FWLB” on page 316Explanation and example configuration for FWLB in simple networks, using two parallelfirewalls and two Web switches. The basic FWLB method combines redirection filters andstatic routing for FWLB. “Four-Subnet FWLB” on page 326Explanation and example configuration for FWLB in a large-scale, high-availability net-work with redundant firewalls and Web switches. This method combines redirection fil-ters, static routing, and Virtual Router Redundancy Protocol (VRRP). “Advanced FWLB Concepts” on page 346o “Free-Metric FWLB” on page 346. Using other load balancing metrics (besideshash) by enabling the Return to Sender (RTS) option.o “Adding a Demilitarized Zone (DMZ)” on page 349. Adding a DMZ for servers thatattach to the Web switch between the Internet and the firewalls.o “Firewall Health Checks” on page 351. Methods for fine-tuning the health checksperformed for FWLB.