Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/8
919293949596979899100
Configuring Multizone FWLB
May 31, 2012 © 2012 Brocade Communications Systems, Inc. 6 - 29
Figure 6.5 Multizone FWLB with Multiple Sub-nets and Multiple Virtual Routing Interfaces
Commands on Zone 1’s Active ServerIron (Zone1-SI-A)
ServerIron> enable
ServerIron# configure terminal
ServerIron(config)# hostname Zone1-SI-A
The following commands enable the always-active feature in VLAN 1.
Zone1-SI-A(config)# vlan 1
Zone1-SI-A(config-vlan-1)# always-active
Zone1-SI-A(config-vlan-1)# exit
The following commands configure VLAN 2 and virtual routing interface 1, for 10.10.1.111.
Zone1-SI-A(config)# vlan 2
Zone1-SI-A(config-vlan-2)# always-active
Zone1-SI-A(config-vlan-2)# tagged ethernet 4/11 to 4/12
Zone1-SI-A(config-vlan-2)# untagged ethernet 4/1 to 4/8
Zone1-SI-A(config-vlan-2)# router-interface ve 1
Zone1-SI-A(config-vlan-2)# exit
Zone1-SI-A(config)# interface ve 1
Zone1-SI-A(config-ve-1)# ip address 10.10.1.111 255.255.255.0
Zone1-SI-A(config-ve-1)# exit
The following commands configure VLAN 20 and virtual routing interface 2, for 10.10.7.101.
Zone1-SI-A(config)# vlan 20
Zone1-SI-A(config-vlan-20)# always-active
Zone1-SI-A(config-vlan-20)# tagged ethernet 4/11 to 4/12
Zone1-SI-A(config-vlan-20)# untagged ethernet 4/13 to 4/24
Zone1-SI-A(config-vlan-20)# router-interface ve 2
Zone1-SI-A(config-vlan-20# exit
Zone1-SI-A(config)# interface ve 2
Zone1-SI-A(config-ve-2)# ip address 10.10.7.101 255.255.255.0
Zone1-SI-A(config-ve-2)# exit
The following command configures an IP default route. The next hop for this route is the ServerIron’s interface with
firewall FW1.
Zone1-SI-A(config)# ip route 0.0.0.0 0.0.0.0 10.10.1.1
When undefined, Zone 1 contains
all addresses not in the other zones.
External Router
Active
ServerIron A
Standby
ServerIron A
10.10.7.101
Ports
4/9 - 4/10
Ports
4/9 - 4/10
Ports
4/11 - 4/12
Port 4/1
Port 4/1
Ports
4/11 - 4/12
Port 4/1
FW1
FW2
SI-A
SI-A
SI-A
Zone 1
Zone 2
= 10.10.2.x/24
and 10.10.8.x/24
Zone 3
= 10.10.3.x/24
and 10.10.6.x/24
IP: 20.20.100.100
Gateway: 20.20.254.254
IP: 10.10.2.40
Gateway: 10.10.2.222
IP: 10.10.2.42
Gateway: 10.10.2.222
IP: 10.10.6.41
Gateway: 10.10.2.222
IP: 10.10.6.43
Gateway: 10.10.2.222
Sync Link
Data Link
IP: 10.10.1.2
IP: 10.10.1.1
IP: 10.10.3.2
IP: 10.10.3.1
IP: 10.10.2.2
IP: 10.10.2.1
Active
ServerIron A
Standby
ServerIron A
Ports
4/9 - 4/10
Ports
4/9 - 4/10
Ports
4/11 - 4/12
Ports
4/11 - 4/12
SI-A SI-A
Sync Link
Data Link
Port 4/1
Port 4/1
Port 4/2
Active
ServerIron A