Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 110
- Page / 188
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ServerIron ADX Firewall Load Balancing Guide 99
53-1002436-01
Configuration examples with Layer 3 routing
4
DRAFT: BROCADE CONFIDENTIAL
Zone2-SI-A(config)# server fw-group 2
Zone2-SI-A(config-fw-2)# fw-name fw1
Zone2-SI-A(config-fw-2)# fw-name fw2
Zone2-SI-A(config-fw-2)# sym-priority 255
Zone2-SI-A(config-fw-2)# fwall-info 1 4/1 10.10.1.111 10.10.2.1
Zone2-SI-A(config-fw-2)# fwall-info 2 4/11 10.10.1.111 10.10.2.2
Zone2-SI-A(config-fw-2)# fwall-info 3 4/1 10.10.1.112 10.10.2.1
Zone2-SI-A(config-fw-2)# fwall-info 4 4/11 10.10.1.112 10.10.2.2
Zone2-SI-A(config-fw-2)# fwall-info 5 4/1 10.10.3.111 10.10.2.1
Zone2-SI-A(config-fw-2)# fwall-info 6 4/11 10.10.3.111 10.10.2.2
Zone2-SI-A(config-fw-2)# exit
Zone2-SI-A(config)# vlan 1
Zone2-SI-A(config-vlan-1)# static-mac-address 00e0.5201.a180 ethernet 4/1
priority 1 router-type
Zone2-SI-A(config-vlan-1)# static-mac-address 00e0.5207.9742 ethernet 4/11
priority 1 router-type
Zone2-SI-A(config-vlan-1)# exit
Zone2-SI-A(config)# server fw-group 2
Zone2-SI-A(config-fw-2)# fw-predictor per-service-least-conn
Zone2-SI-A(config-fw-2)# exit
Zone2-SI-A(config)# access-list 3 permit 10.10.3.0 0.0.0.255
Zone2-SI-A(config)# server fw-group 2
Zone2-SI-A(config-fw-2)# fwall-zone zone3 3 3
Zone2-SI-A(config-fw-2)# exit
Zone2-SI-A(config)# server real-name rs1 10.10.2.40
Zone2-SI-A(config-rs-rs1)# port http
Zone2-SI-A(config-rs-rs1)# exit
Zone2-SI-A(config)# server real-name rs1 10.10.2.42
Zone2-SI-A(config-rs-rs2)# port http
Zone2-SI-A(config-rs-rs2)# exit
Zone2-SI-A(config)# server virtual www.rs.com 10.10.2.10
Zone2-SI-A(config-vs-www.rs.com)# port http
Zone2-SI-A(config-vs-www.web.com)# bind http rs1 http rs2 http
Zone2-SI-A(config-vs-www.web.com)# exit
Zone2-SI-A(config)# server fw-slb
Zone2-SI-A(config)# write memory
Commands on zone 2’s standby ServerIron ADX (Zone2-SI-S)
ServerIronADX> enable
ServerIronADX# configure terminal
ServerIronADX(config)# hostname Zone2-SI-S
Zone2-SI-S(config)# vlan 1
Zone2-SI-S(config-vlan-1)# always-active
Zone2-SI-S(config-vlan-1)# no spanning-tree
Zone2-SI-S(config-vlan-1)# router-interface ve 1
Zone2-SI-S(config-vlan-1)# exit
Zone2-SI-S(config)# interface ve 1
Zone2-SI-S(config-ve-1)# ip address 10.10.2.223 255.255.255.0
Zone2-SI-S(config-ve-1)# exit
Zone2-SI-S(config)# ip route 0.0.0.0 0.0.0.0 10.10.2.2
Zone2-SI-S(config)# no ip icmp redirects
Zone2-SI-S(config)# vlan 10
Zone2-SI-S(config-vlan-10)# untagged ethernet 4/9 to 4/10
Zone2-SI-S(config-vlan-10)# exit
Zone2-SI-S(config)# trunk switch ethernet 4/9 to 4/10
Zone2-SI-S(config)# server fw-port 4/9
Zone2-SI-S(config)# trunk switch ethernet 4/11 to 4/12
Zone2-SI-S(config)# server partner-ports ethernet 4/11
- ServerIron ADX 1
- Document History 2
- Contents 3
- About This Document 8
- Document conventions 9
- Notice to the reader 10
- Related publications 11
- ServerIron FWLB Overview 12
- Firewall environments 14
- Load balancing paths 15
- Firewall selection 17
- Hashing mechanism 17
- Stateful FWLB 18
- Health checks 18
- Path health checks 19
- Application health checks 19
- Firewall health check debug 21
- Basic FWLB topology 22
- HA FWLB topology 23
- Failover 24
- Router paths 24
- Multizone FWLB topology 25
- FWLB configuration limits 26
- Configuring Basic FWLB 28
- IPv4 Firewall-1 37
- IPv4 Firewall-2 37
- External 40
- Internal 40
- Firewall-2 42
- Firewall-1 42
- Configuring HA FWLB 48
- Session limits 49
- Session aging 49
- Task Reference 52
- Configuring the firewall port 53
- Configuring the partner port 54
- Configuring the router port 55
- Configuring the firewalls 55
- Adding the firewalls 55
- Connection rate control 57
- Complete CLI example 62
- HA FWLB with VRRP 73
- Usage notes 78
- Configuring Multizone FWLB 82
- Zone 3Zone 2 84
- Zone1-SI(config)# no span 85
- Failover algorithm 92
- Commands on Zone1-SI-A zone 1 92
- DRAFT: BROCADE CONFIDENTIAL 100
- 53-1002436-01 102
- SI-A SI-A 104
- In this chapter 124
- NAT firewalls 124
- Extra firewall method 129
- Access policy method 130
- Specifying the partner port 134
- Specifying the router ports 134
- Configuring FWLB and SLB 146
- Configuring SLB-to-FWLB 148
- Configuring the real servers 149
- Enabling SLB-to-FWLB 150
- Configuring FWLB-to-SLB 152
- Enabling FWLB-to-SLB 154
- FWLB configuration overview 166
- TCP/UDP port statistics 169
- FWLB path information 172
- Field Description 173
- • 6 – TCP 174
- • 17 – UDP 174
- In this appendix 176
- FWLB selection algorithms 182
- Configuration guidelines 186
- Denying FWLB 187
Related products and manuals for Network switches Brocade Communications Systems ServerIron ADX 12.4.00
(12 pages)
(64 pages)© 2020, manymanuals.com. All rights reserved. | 0.964 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals