Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
21222324252627282930
Firewall Load Balancing Guide
4 - 4 © 2012 Brocade Communications Systems, Inc. May 31, 2012
ServerIron(config)# write mem
Commands for ServerIron B (Internal)
ServerIron(config)# server fw-group 2
ServerIron(config-tc-2)# fwall-info 1 1 209.157.22.2 209.157.23.1
ServerIron(config-tc-2)# fwall-info 2 2 209.157.22.2 209.157.23.2
ServerIron(config-tc-2)# exit
ServerIron(config)# static-mac-address abcd.4321.34e2 ethernet 1 high-priority
router-type
ServerIron(config)# static-mac-address abcd.4321.34e3 ethernet 2 high-priority
router-type
ServerIron(config)# write mem
Command Syntax
Syntax: server fw-group 2
Syntax: [no] fwall-info <path-num> <portnum> <other-ServerIron-ip> <next-hop-ip>
The syntax for adding static MAC entries differs depending on whether you are using a stackable or chassis
ServerIron.
Syntax for chassis devices:
Syntax: [no] static-mac-address <mac-addr> ethernet <portnum> [priority <0-7>] [host-type | router-type]
Syntax for stackable devices:
Syntax: static-mac-address <mac-addr> ethernet <portnum> [to <portnum> ethernet <portnum>]
[normal-priority | high-priority] [host-type | router-type | fixed-host]
The priority can be 0 – 7 (0 is lowest and 7 is highest) for chassis devices and either normal-priority or high-priority
for stackable devices.
The defaults are host-type and 0 or normal-priority.
NOTE: The static MAC entries are required. You must add a static MAC entry for each firewall interface with the
ServerIron. In addition, you must use the high-priority and router-type parameters with the static-mac-address
command. These parameters enable the ServerIron to use the address for FWLB.
NOTE: If you enter the command at the global CONFIG level, the static MAC entry applies to the default port-
based VLAN (VLAN 1). If you enter the command at the configuration level for a specific port-based VLAN, the
entry applies to that VLAN and not to the default VLAN.
Configuration Example for Basic Layer 3 FWLB
The following sections show all the ServerIron commands you would enter on each ServerIron to implement the
configuration shown in Figure 3.2 on page 3-7.
Commands on ServerIron A (External)
Enter the following commands to configure FWLB on ServerIron A.
ServerIronA(config)# server fw-name FW1-IPin 209.157.22.3
ServerIronA(config-rs-FW1-IPin)# exit
ServerIronA(config)# server fw-name FW2-IPin 209.157.22.4
ServerIronA(config-rs-FW2-IPin)# exit
The commands above add two firewalls, FW1-IPin and FW2-IPin.