You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In case a cluster does use storage there might be situations where the storage is located in one zone/datacenter and the firewall is located in another.
Then the storage traffic needs to cross datacenter boundaries to reach the storage VRF done by the route leak on the firewall and from there the datacenter boundary needs to be crossed again to reach the storage.
This is bad for storage latency.
To avoid this, we could spin up multiple firewalls, one for each zone/datacenter and prolong the path other destinations than storage in the storage VRF as we already do for the default routes in the internet VRF.
We can either define one firewall as "master" for the default routes and one firewall as "master" for the storage, or set the firewall which is nearest to the storage as "master" for both destinations.
The text was updated successfully, but these errors were encountered:
In case a cluster does use storage there might be situations where the storage is located in one zone/datacenter and the firewall is located in another.
Then the storage traffic needs to cross datacenter boundaries to reach the storage VRF done by the route leak on the firewall and from there the datacenter boundary needs to be crossed again to reach the storage.
This is bad for storage latency.
To avoid this, we could spin up multiple firewalls, one for each zone/datacenter and prolong the path other destinations than storage in the storage VRF as we already do for the default routes in the internet VRF.
We can either define one firewall as "master" for the default routes and one firewall as "master" for the storage, or set the firewall which is nearest to the storage as "master" for both destinations.
The text was updated successfully, but these errors were encountered: