For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Pawel_Walczak_7's avatar
Pawel_Walczak_7
Icon for Nimbostratus rankNimbostratus
Jul 30, 2008

How to load ballance transparent devices (SMTP transparent proxy)

Hello,     I wonder how to load ballance group of SMTP antispam scanners which are working in transparent bridge mode.     I need to have a solution to transparently scan all SMT...
config
design
Paul_Szabo_9016's avatar
Paul_Szabo_9016
Historic F5 Account
Sep 03, 2008
whups, I see you said "transparent bridge mode". I now think you mean literally then it's not touching the packets, not a transparent proxy. I guess the "bridge" part would be a clue...

 

 

sorry about that, i need to stop posting at midnight.

 

 

I'm generally not fond of completely transparent inspections systems, it's possible to fool them by making headers cross packet boundaries or by finding other holes in the stream reconstruction process used by the transparent device, allowing bad stuff to slip through.

 

 

That critique aside, the previously reply is probably the right way to go (seperate vlans). This avoids bridge loops.

 

 

must.go.to.bed.now.

 

 

Paul