Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8

131

132

133

134

135

136

137

138

139

140

Configuring FWLB and SLB

ServerIronB(config-tc-2)# fwall-info 2 2 192.168.1.100 192.168.2.40

ServerIronB(config-tc-2)# exit

ServerIronB(config)# static-mac-address abcd.4321.34e2 ethernet 1 high-priority

router-type

ServerIronB(config)# static-mac-address abcd.4321.34e3 ethernet 2 high-priority

router-type

ServerIronB(config)# ip policy 1 fw tcp 0 global

ServerIronB(config)# ip policy 2 fw udp 0 global

ServerIronB(config)# write memory

Configuring FWLB-to-SLB

Configuration for FWLB-to-SLB is similar to configuration for SLB-to-FWLB, with the following differences:

• SLB configuration information resides on the internal ServerIron, not on the Internet ServerIron.

• The FWLB-to-SLB feature is enabled on the internal ServerIron.

• If Proxy ARP is enabled on the internal router, you can define the real servers as local servers instead of

remote servers. However, if Proxy ARP is not enabled on the internal router, the real servers must be remote

servers.

To configure FWLB-to-SLB in a basic FWLB configuration for Layer 3 firewalls, such as the one shown in Figure

8.2 on page 8-3, perform the following tasks.

• Configure SLB parameters on the internal ServerIron

• Configure the real servers

• Configure the virtual server

• Bind the real servers to the virtual server

• Enable the FWLB-to-SLB feature

• Configure global FWLB parameters

• Globally enable FWLB

• Configure firewall parameters

• Define the firewalls and add them to the firewall group

• Configure firewall group parameters

• Configure the paths and add static MAC entries for the firewall interfaces with the ServerIron

NOTE: On the ServerIronXL, you must use the default VLAN (normally VLAN 1) for the FWLB configuration.

The tasks under the first item (Configure SLB parameters on the internal ServerIron) are described in the following

sections. The remaining tasks are identical to the tasks for configuring basic FWLB for Layer 3 firewalls. For more

information about these tasks, see “Configuring Basic Layer 3 FWLB” on page 4-1.

Configuring the SLB Parameters

In an FWLB-to-SLB configuration, all SLB configuration takes place on the internal ServerIron. The ServerIron on

the Internet side of the firewalls does not contain any SLB configuration information. This section describes how

to configure the internal ServerIron to provide SLB for the real servers and virtual server shown in Figure 8.2 on

page 8-3.

NOTE: This section describes basic SLB configuration tasks. For advanced configuration features, see the

ServerIron TrafficWorks Server Load Balancing Guide.