Hi everyone,
I'm seeking some recommendations about a topology intended for deployment in an end-user environment.
From the topology, one ImpervaGW (NGRP mode) will have:
Networking:
- 2 pairs of interfaces, each pair will create alias mapping accordingly.
- Alias1: Eth10-Eth11
- Alias2: Eth12-Eth13
- Both aliases will be on the same subnet for WAN (inbound) and LAN (outbound) traffic. More specifically:
- Eth10-Eth12 will be on subnet: 192.168.15.x/24
- Eth11-Eth13 will be on subnet: 192.168.1.x/24
- From the WAN, the A10 will process load balancing to the ImpervaGW.
Routing:
- Each interface will be configured with a next-hop IP on each subnet. For example:
=> Eth10-Eth12: next-hop IP is 192.168.15.254
=> Eth11-Eth13: next-hop IP is 192.168.1.254
Based on the information above, I have some questions:
1- Will the proposed topology work well?
2- Are there any ARP issues related to the proposed topology? Meaning, will the switch/load balancing device learn the same MAC address for each IP on each interface?
For example, will the A10 learn the same MAC address for both IPs on Eth10-Eth12?
3- Any other comments or recommendations?
Thank you!
#On-PremisesWAF(formerlySecuresphere)------------------------------
Khoa
------------------------------