NAT (Network Address Translation)—allows you to use any IP address within your organization while only using legal

IP addresses outside.

This is useful when you have a limited number of legal IP addresses (e.g., for ISPs).

A p p l i c a t i o n 2 — F i r e w a l l L o a d B a l a n c i n g

Firewalls can inherently constitute a bottleneck since they are software-based. There is also the issue of transparent availability: firewalls can act as a single point of failure, causing severe problems with Internet access.

The P333R-LB can be used to load-balance across multiple routers and firewalls and overcome these problems.

Implementing the P333R-LB removes the bottleneck since the load is distributed at hardware speed over multiple firewalls.

To ensure availability, the P333R-LB switches on both sides of the firewall perform continuous health checks on the links to the firewall, the firewall itself, and each other.

The two applications below show firewall load balancing in systems both with and without NAT (Network Address Translation).

No single point of failure. The doubling up of the key components ensures that communication between the LAN and Internet is always maintained.

If one P333R-LB fails, due to VRRP, the second switch can instantaneously take over all load balancing functions. If a firewall fails, then the P333R-LB will transparently redirect all traffic through the second firewall.

“No NAT” Application. In this case, there are pairs of P333R-LB switches on each side of the firewalls. This is necessary since sessions must travel across the same firewall. If the session is sent to the second firewall, it will be disconnected by the “statefull” firewall. It is therefore important to have the same load balancing decisions on both sides of the firewall.

NAT Application. In this case, P333R-LB switches are only required on the LAN side of the firewalls. The session traffic coming from the Internet will have the specific IP address of the firewall from which the session started.

Firewall Load Balancing – no NAT

Gigabit Ethernet

with LAG Avaya P333R-LB

LAN VRRP

Avaya P333R-LB

WAN Router

Avaya P333R-LB

Internet

Firewall Load Balancing – with NAT

Gigabit Ethernet

IPa

 

with LAG Avaya P333R-LB

WAN Router

LAN

VRRP

Internet

 

 

Avaya P333R-LB

IPb

 

 

5

Communication without boundaries

Page 7
Image 7
Avaya P333R-LB manual Lan

P333R-LB specifications

The Avaya P333R-LB is a robust and versatile switch that is part of Avaya's portfolio aimed at enterprise networking solutions. This switch is designed to enhance the performance and scalability of network infrastructure while ensuring high availability and reliability.

One of the main features of the P333R-LB is its Layer 3 switching capability, which allows for efficient routing within an organization's network. This capability is particularly beneficial for organizations with multiple VLANs, as it simplifies the routing process and ensures that data packets are transmitted in the most efficient manner possible.

The P333R-LB is equipped with advanced Quality of Service (QoS) features to prioritize traffic based on the type of application being used. This ensures that critical applications, such as VoIP and video conferencing, receive the necessary bandwidth and low latency required for optimal performance. Additionally, it supports both IPv4 and IPv6 protocols, making it adaptable to a variety of networking environments.

Another important feature of the Avaya P333R-LB is its stackable design. This allows multiple switches to be interconnected, creating a single logical unit. This stacking capability not only simplifies management but also increases overall network capacity and redundancy. In case of a hardware failure, the stack can continue operating without interruption, maintaining network integrity and service continuity.

The switch also integrates advanced security features, including support for MAC filtering, access control lists, and port security. These features help to safeguard network resources from unauthorized access and potential threats. Moreover, the P333R-LB supports 802.1X port-based authentication, which adds an additional layer of security during user access to the network.

The Avaya P333R-LB comes with multiple Gigabit Ethernet ports, allowing for high-speed connectivity to devices such as servers, workstations, and IP phones. This ensures that all devices on the network can communicate effectively, supporting the demands of modern enterprise environments.

For management and monitoring, the P333R-LB offers a user-friendly web interface along with SNMP support, enabling network administrators to easily configure settings and monitor network performance. This simplicity in management is crucial for IT teams that need to ensure optimal network performance while minimizing downtime.

In summary, the Avaya P333R-LB is a feature-rich, scalable, and reliable switch that meets the needs of demanding enterprise networks. With its advanced technologies, QoS support, stackable design, robust security features, and high-speed connectivity options, the P333R-LB is positioned to support a wide range of applications and enhance overall network performance.