44 ServerIron ADX Firewall Load Balancing Guide
53-1002436-01
Configuring HA active-active FWLB
3
DRAFT: BROCADE CONFIDENTIAL
Configuring the router port
Do not configure the router-port in an active-active FWLB. Router-port configuration is a trigger
(Router-cnt) that changes the FWLB status without the active-active HA configuration.
High-availability FWLB configurations require that you identify the ports on the ServerIron ADX that
are attached to the routers. To identify the router port, enter the following command.
ServerIronADX(config)# server router-ports 4/12
Syntax: [no] server router-ports <portnum>
To define multiple router ports on a switch, enter the port numbers separated by blanks. You can
enter up to eight router ports in a single command line. To enter more than eight ports, enter the
server router-ports command again with the additional ports.
If the link is a trunk group, specify the port number of the primary port. The primary port is the first
port in the trunk group.
Configuring the firewalls
To configure a firewall, enter a name for the firewall and the IP address of its interface with the
ServerIron ADX. Optionally, you also can enter the following information:
• The TCP or UDP application ports on the firewall
• The health check state (enabled by default)
• The maximum total number of sessions
• The maximum new session rate
Adding the firewalls
To configure the IPv4 firewalls on ServerIron ADX SI-Ext-A in Figure 10, enter the following
commands.
ServerIronADX(config)# server fw-name FW1 10.10.10.1
ServerIronADX(config-rs-FW1)# port http
ServerIronADX(config-rs-FW1)# exit
ServerIronADX(config)# fw-name FW2 10.10.10.2
ServerIronADX(config-rs-FW2)# port http
ServerIronADX(config-rs-FW2)# exit
ServerIronADX(config)# server fw-group 2
ServerIronADX(config-fw-2)# fw-name FW1
ServerIronADX(config-fw-2)# fw-name FW2
Syntax: [no] server fw-name <string> <ip-addr>
This command adds a firewall.
Syntax: [no] port <tcp/udp-port> [no-health-check]
Comments to this Manuals