Avatar of osloboy
Flag for United Kingdom of Great Britain and Northern Ireland asked on

Load Balancer Devices Disadvantages

what are the main disadvantages of using Load Balancers like CISCO between/for 2 Switches and two firewalls.

i.e Load balancer devises for Network traffic manipulation.
Network ArchitectureCiscoRouters

Avatar of undefined
Last Comment

8/22/2022 - Mon

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

what is the MADE OFF purpose of CISCO LOAD Balnacers, to be use with

web servers?

Load balancing device failover

Load balancing is often used to implement failover — the continuation of a service after the failure of one or more of its components. The components are monitored continually (e.g., web servers may be monitored by fetching known pages), and when one becomes non-responsive, the load balancer is informed and no longer sends traffic to it. And when a component comes back on line, the load balancer begins to route traffic to it again. For this to work, there must be at least one component in excess of the service's capacity. This is much less expensive and more flexible than failover approaches where a single "live" component is paired with a single "backup" component that takes over in the event of a failure. Some types of RAID systems can also utilize hot spare for a similar effect.

how then a CISCO load balancer will work with 2 Switches?

how it come to know the switch it down
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck

I am not fully understanding how your setup looks with 2 switches - where are the switches located?

Generally speaking, hardware failures can be detected in several ways:
- link failure: port goes down
- logical link failure: port no longer passes any traffic
- logical flow failure: port no longer passes traffic at a specific threshold
- logical protocol failure: specific protocols being monitored are no longer present or do not respond to service queries/requests

Depending on the devices involved, these options can be configured to suit your needs.

have a look in to this design, i have received from a tech consultant.
why should in all the world he want to use the Cisco LB (Load Balancer ACS 4700) LB

His diagram is certainly interesting. However, since you are the client, I would press him for an explanation/description of his design, and reasons for his choices. He obviously has something in mind, which we are not aware of here. Perhaps your enterprise size dictates the use of multiple switches, load balancers?

I would have the following comments:
- There definitely seems to be an excess of switches in the diagram (he seems to front each perimeter firewall with one. There may not be a need to do this.
- Why so many perimeter firewalls? Are all of the DMZs in different physical locations which cannot be handled by a couple of firewalls? Are these just virtual instances?
- The core switches shown on the diagram may be able to accept a ACE blade inside of them (potential to coalesce multiple services into a single device).
- Do you already have multiple core switches, or are they something new?

I am trying to extract as much information as I can from this diagram, but I have no knowledge on your specific needs, nor your services, enterprise size, etc. Thus, please keep this in mind when reading my comments as well!
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

Try this one now,  any Ring!!!!

well very simple use, few webservers which r connecting to APP and DB rest a normal corporate can have, 3

There is no reason why this would not work. Although the diagram bears no indication as to whether the switches, firewalls, load balancers are one device or many. I suspect they are multiples - but that's just an assumption.

Please keep in mind, that the current diagram as it stands is very conceptual - it shows very little detail on the actual implementation. In my opinion, you will still require routers (outside for handling your redundant internet connections), and on the inside to route all of the traffic between your DMZ regions or server pods.

Depending on the choice of core switch hardware, you could actually use 6500 switches as the base layer of your network and equip them with ACE blades and firewall (ASA) blades. It keeps the entire infrastructure compact, and easy to manage for failover (two identical devices!).

Looks like this is moving in the right direction for you.

you right.

but can we us any other appropriate/feasible/alternative Device instead of  LOAD BALANCERS
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck

As explained above by @hollowkido, load balancers fit a very specific functions of the network infrastructure. There are devices out there which combine some features of load balancers with things like routers and firewalls.

As soon as you start combining devices, you lose some flexibility and features. I do not believe (other experts may correct me on this one) that any devices exist out there which do it "all in one" as well as any standalone products.

Depending on whether the services you are offering run on Microsoft software, their load balancing solutions do work quite well. External applications, or servers (Unix, IBM z/OS) would not be serviced well by this kind of solution.

If you need to save costs, you could always rely on some open-source solutions. I believe that Linux solutions exist, and have been proven in the field for some time. This article is very old, but might give you some thoughts on how to attack your problem from a different standpoint: