Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
61626364656667686970
Firewall Load Balancing Guide
5 - 28 © 2012 Brocade Communications Systems, Inc. May 31, 2012
SI-Ext-B(config-rs-fw1)# port http no-health-check
SI-Ext-B(config-rs-fw1)# exit
SI-Ext-B(config)# server fw-name fw2 10.10.1.2
SI-Ext-B(config-rs-fw2)# port http
SI-Ext-B(config-rs-fw2)# port http no-health-check
SI-Ext-B(config-rs-fw2)# exit
SI-Ext-B(config)# server fw-group 2
SI-Ext-B(config-tc-2)# fw-name fw1
SI-Ext-B(config-tc-2)# fw-name fw2
SI-Ext-B(config-tc-2)# sym-priority 1
SI-Ext-B(config-tc-2)# fwall-info 1 3/1 10.10.2.222 10.10.1.1
SI-Ext-B(config-tc-2)# fwall-info 2 4/1 10.10.2.222 10.10.1.2
SI-Ext-B(config-tc-2)# fwall-info 3 3/1 10.10.2.223 10.10.1.1
SI-Ext-B(config-tc-2)# fwall-info 4 4/1 10.10.2.223 10.10.1.2
SI-Ext-B(config-tc-2)# fw-predictor per-service-least-conn
SI-Ext-B(config-tc-2)# l2-fwall
SI-Ext-B(config-tc-2)# exit
SI-Ext-B(config)# vlan 1
SI-Ext-B(config-vlan-1)# static-mac-address 00e0.5201.0426 ethernet 3/1
priority 1 router-type
SI-Ext-B(config-vlan-1)# static-mac-address 00e0.5203.2f80 ethernet 4/1
priority 1 router-type
SI-Ext-B(config-vlan-1)# exit
SI-Ext-B(config)# ip l4-policy 1 fw tcp 0 global
SI-Ext-B(config)# ip l4-policy 2 fw udp 0 global
ServerIronA(config)# router vrrp
ServerIronA(config)# interface ethernet 4/12
ServerIronA(config-if-4/12)# ip address 10.10.6.112/24
ServerIronA(config-if-4/12)# ip vrrp vrid 1
ServerIronA(config-if-4/12-vrid-1)# backup
ServerIronA(config-if-4/12-vrid-1)# ip-address 10.10.6.111
ServerIronA(config-if-4/12-vrid-1)# activate
ServerIronA(config-if-4/12-vrid-1)# exit
ServerIronA(config-if-4/12)# exit
SI-Ext-B(config)# write memory
Commands on Internal ServerIron A (SI-Int-A)
ServerIron> enable
ServerIron# configure terminal
ServerIron(config)# hostname SI-Int-A
SI-Int-A(config)# vlan 1
SI-Int-A(config-vlan-1)# always-active
SI-Int-A(config-vlan-1)# no spanning-tree
SI-Int-A(config-vlan-1)# router-interface ve 1
SI-Int-A(config-vlan-1)# exit
SI-Int-A(config)# interface ve 1
SI-Int-A(config-ve-1)# ip address 10.10.2.222 255.255.255.0
SI-Int-A(config-ve-1)# exit
SI-Int-A(config)# ip route 0.0.0.0 0.0.0.0 10.10.2.1
SI-Int-A(config)# trunk switch ethernet 3/5 to 3/6
SI-Int-A(config)# vlan 10
SI-Int-A(config-vlan-10)# untagged ethernet 3/5 to 3/6
SI-Int-A(config-vlan-10)# exit
SI-Int-A(config)# server fw-port 3/5
SI-Int-A(config)# server partner-ports ethernet 3/2
SI-Int-A(config)# server fw-name fw1 10.10.2.1
SI-Int-A(config-rs-fw1)# port http
SI-Int-A(config-rs-fw1)# port http no-health-check