Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
919293949596979899100
Firewall Load Balancing Guide
6 - 26 © 2012 Brocade Communications Systems, Inc. May 31, 2012
Commands on Zone 2’s Standby ServerIron (Zone2-SI-S)
ServerIron> enable
ServerIron# configure terminal
ServerIron(config)# hostname Zone2-SI-S
Zone2-SI-S(config)# vlan 1
Zone2-SI-S(config-vlan-1)# always-active
Zone2-SI-S(config-vlan-1)# no spanning-tree
Zone2-SI-S(config-vlan-1)# router-interface ve 1
Zone2-SI-S(config-vlan-1)# exit
Zone2-SI-S(config)# interface ve 1
Zone2-SI-S(config-ve-1)# ip address 10.10.2.223 255.255.255.0
Zone2-SI-S(config-ve-1)# exit
Zone2-SI-S(config)# ip route 0.0.0.0 0.0.0.0 10.10.2.2
Zone2-SI-S(config)# no ip icmp redirects
Zone2-SI-S(config)# vlan 10
Zone2-SI-S(config-vlan-10)# untagged ethernet 4/9 to 4/10
Zone2-SI-S(config-vlan-10)# exit
Zone2-SI-S(config)# trunk switch ethernet 4/9 to 4/10
Zone2-SI-S(config)# server fw-port 4/9
Zone2-SI-S(config)# trunk switch ethernet 4/11 to 4/12
Zone2-SI-S(config)# server partner-ports ethernet 4/11
Zone2-SI-S(config)# server partner-ports ethernet 4/12
Zone2-SI-S(config)# server fw-group 2
Zone2-SI-S(config-tc-2)# l2-fwall
Zone2-SI-S(config-tc-2)# exit
Zone2-SI-S(config)# server fw-name fw1 10.10.2.1
Zone2-SI-S(config-rs-fw1)# port http
Zone2-SI-S(config-rs-fw1)# port http no-health-check
Zone2-SI-S(config-rs-fw1)# port ftp
Zone2-SI-S(config-rs-fw1)# port ftp no-health-check
Zone2-SI-S(config-rs-fw1)# port snmp
Zone2-SI-S(config-rs-fw1)# port snmp no-health-check
Zone2-SI-S(config-rs-fw1)# exit
Zone2-SI-S(config)# server fw-name fw2 10.10.2.2
Zone2-SI-S(config-rs-fw2)# port http
Zone2-SI-S(config-rs-fw2)# port http no-health-check
Zone2-SI-S(config-rs-fw2)# port ftp
Zone2-SI-S(config-rs-fw2)# port ftp no-health-check
Zone2-SI-S(config-rs-fw2)# port snmp
Zone2-SI-S(config-rs-fw2)# port snmp no-health-check
Zone2-SI-S(config-rs-fw2)# exit
Zone2-SI-S(config)# server fw-group 2
Zone2-SI-S(config-tc-2)# fw-name fw1
Zone2-SI-S(config-tc-2)# fw-name fw2
Zone2-SI-S(config-tc-2)# sym-priority 1
Zone2-SI-S(config-tc-2)# fwall-info 1 4/11 10.10.1.111 10.10.2.1
Zone2-SI-S(config-tc-2)# fwall-info 2 4/1 10.10.1.111 10.10.2.2
Zone2-SI-S(config-tc-2)# fwall-info 3 4/11 10.10.1.112 10.10.2.1
Zone2-SI-S(config-tc-2)# fwall-info 4 4/1 10.10.1.112 10.10.2.2
Zone2-SI-S(config-tc-2)# fwall-info 5 4/11 10.10.3.111 10.10.2.1
Zone2-SI-S(config-tc-2)# fwall-info 6 4/1 10.10.3.111 10.10.2.2
Zone2-SI-S(config-tc-2)# exit
Zone2-SI-S(config)# vlan 1
Zone2-SI-S(config-vlan-1)# static-mac-address 00e0.5201.a180 ethernet 4/11 priority
1 router-type
Zone2-SI-S(config-vlan-1)# static-mac-address 00e0.5207.9742 ethernet 4/1 priority 1
router-type
Zone2-SI-S(config-vlan-1)# exit