Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8

161

162

163

164

165

166

167

168

169

170

Firewall Load Balancing Guide

SI-StandbyA(config-vlan-1)# static-mac-address 00e0.5200.3489 ethernet 1 high-

priority fixed-host

SI-StandbyA(config-vlan-1)# static-mac-address 00e0.5202.e282 ethernet 2 high-

priority fixed-host

SI-StandbyA(config-vlan-1)# exit

SI-StandbyA(config)# ip policy 1 fw tcp 0 global

SI-StandbyA(config)# ip policy 2 fw udp 0 global

SI-StandbyA(config)# write memory

Commands on Active ServerIron B (Internal Active)

SI-ActiveB(config)# ip address 1.1.1.40/24

SI-ActiveB(config)# ip default-gateway 1.1.1.2

SI-ActiveB(config)# no span

SI-ActiveB(config)# vlan 2 by port

SI-ActiveB(config-vlan-2)# untagged ethernet 13 to 14

SI-ActiveB(config-vlan-2)# exit

SI-ActiveB(config)# server router-port 9

SI-ActiveB(config)# trunk switch ethernet 13 to 14

SI-ActiveB(config)# server fw-port 13

SI-ActiveB(config)# server fw-group 2

SI-ActiveB(config-tc-2)# l2-fwall

SI-ActiveB(config-tc-2)# exit

SI-ActiveB(config)# server fw-name 01fw1 1.1.1.100

SI-ActiveB(config-rs-01fw1)# exit

SI-ActiveB(config)# server fw-name 02fw2 1.1.1.101

SI-ActiveB(config-rs-02fw2)# exit

SI-ActiveB(config)# server fw-group 2

SI-ActiveB(config-tc-2)# sym-priority 255

SI-ActiveB(config-tc-2)# fw-name 01fw1

SI-ActiveB(config-tc-2)# fw-name 02fw2

SI-ActiveB(config-tc-2)# fwall-info 1 1 1.1.1.10 1.1.1.10

SI-ActiveB(config-tc-2)# fwall-info 2 2 1.1.1.20 1.1.1.20

SI-ActiveB(config-tc-2)# fwall-info 3 1 1.1.1.10 1.1.1.10

SI-ActiveB(config-tc-2)# fwall-info 4 2 1.1.1.20 1.1.1.20

SI-ActiveB(config-tc-2)# fwall-info 5 9 1.1.1.2 1.1.1.2

SI-ActiveB(config-tc-2)# exit

SI-ActiveB(config)# vlan 1

SI-ActiveB(config-vlan-1)# static-mac-address 00e0.5200.3490 ethernet 1 high-

priority fixed-host

SI-ActiveB(config-vlan-1)# static-mac-address 00e0.5202.e283 ethernet 2 high-

priority fixed-host

SI-ActiveB(config-vlan-1)# exit

SI-ActiveB(config)# ip policy 1 fw tcp 0 global

SI-ActiveB(config)# ip policy 2 fw udp 0 global

SI-ActiveB(config)# write memory

Commands on Standby ServerIron B (Internal Standby)

SI-StandbyB(config)# ip address 1.1.1.30 255.255.255.0

SI-StandbyB(config)# ip default-gateway 1.1.1.2

SI-StandbyB(config)# no span

SI-StandbyB(config)# vlan 2 by port

SI-StandbyB(config-vlan-2)# untagged ethernet 13 to 14

SI-StandbyB(config-vlan-2)# exit

SI-StandbyB(config)# trunk switch ethernet 13 to 14

SI-StandbyB(config)# server fw-port 13

SI-StandbyB(config)# server router-port 17