Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
305
Views
0
Helpful
1
Replies

CSS - Bridged vs Routed

mamoss
Level 3
Level 3

‎04-27-2006 03:29 AM

I'm at the design stage and have a choice of going either way for the solution. Has anyone got any critical reasons why 1 method should be chosen over the other - Bridged vs Routed?

I haven't found any specific things that won't work in each scenario, so just looking for some pointers. Thanks.

Labels:
0 Helpful
1 Reply 1

tim.metzinger
Level 1
Level 1

‎04-27-2006 06:37 AM

Since the CSS needs to be in the path between the client host and the service host, you have to take care to ensure that all the service hosts will always be "behind" the CSS when you run it as a bridge.

I got bitten by this charateristic (CSS is not a proxy) when my network changed from:

WAN-Firewall-CSS-Services

to

WAN-Firewall-CSS-Services

_______|_________________

______TEST---Services

And the client expected me to balance the services hosted in the test network. Fortunately we use SSL and the Sonicwall SSL accelerators we have ARE proxies, so I was still able to make it work, since the SSL accelerators are directly connected to the CSS and the two flows are Customers-SSL and SSL-Services and the CSS is in the middle of each flow.

If all you've got "behind" the CSS are services that the CSS balances - then using the CSS as a router makes some sense. If you've got lots of networks behind the CSS and only a few of them have services on them, using it as a bridge and letting a router do the routing may make more sense.

Best wishes,

Tim

0 Helpful
Customers Also Viewed These Support Documents