Table of Contents Table of Contents ····························································································································· i Packing List···································································································································· iii Main Components ··························································································································· 1 Front View ··············································
SSL Keys··································································································································· 48 Upload/Download ····················································································································· 52 More about Add Farm··············································································································· 54 Modify Farm·······················································································
Packing List • One (1) WebMux™ unit • One (1) Power cord • One (1) User Manual • One (1) Warranty registration card iii
iv
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Main Components Front View Toggle Power Switch This switch toggles power on and off. To power off, the switch must be pressed and held for 5 seconds. Reset Button Press and release the reset button to reset the WebMux™. This process may take several minutes to complete. Up Arrow Button, Down Arrow Button When each button is pressed, the value on the cursor location increases or decreases.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Rear View Server LAN Port Connect this port to the Server LAN switch or hub. This port connects to the servers and your local computers. It is the right most RJ45 socket. In Out-of Path configuration, this is the only Ethernet cable to be connected. Backup WebMux™ Port Optionally, you may connect another WebMux™ to this port so that you can have redundancy.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x WebMux™ Overview Key Features The WebMux™ is a standalone network appliance designed primarily to load balance IP traffic to multiple servers. The WebMux™ includes the following key features. • Improves performance by distributing the traffic for a site or domain among multiple servers. No one server will be bogged down trying to service a particular site. • SSL Termination to reduce the cost of multiple certificates.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x services such as credit card validation and mapping services. (Note: this function only works in NAT mode). • Built-in Firewall Protections (layer4/5 only). Stop possible hacker intrusion into your network from Internet. All IP addresses and ports are blocked except the farm IP address. Built-in functions will detect any possible denial of service attack and make your services always available.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x The WebMux™ Family The 1U WebMux™ family consists of three models. They are: • • • The WebMux™ 480S The WebMux™ 590SG The WebMux™ 680SP The table below compares the features of the models. Model Number: 480S 590SG 680SP 10/100 10/100/1000 10/100/1000 MAX.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Performance: Maximum concurrent connections 1,440,000 2,880,000 5,760,000 7,000 40,000 50,000 200 MBit/s 1 GBit/s 2 Gbit/s 2 X T3 1.5 X OC-12 1.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Network Overview The WebMux™ has three modes: In-Path, or NAT (Network Address Translation), Out-of-Path mode, and Transparent (NAT Ethernet Bridge) Mode. Each mode has its advantage and disadvantages. Lets look the NAT mode first. The main purpose of the WebMux™ is to balance the traffic among multiple web or other servers. The diagram above shows an NAT installation with two WebMuxes.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x of a group of servers that service the same domain, website or services. For example, to configure a farm (or virtual farm) to serve www.cainetworks.com: • First, Server 1 and Server 2 would each need the website www.cainetworks.com configured on them and HTTP/HTTPS services started, and • Second, a farm on the WebMux™ is defined with Server 1 and Server 2 in it.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x of-path mode will allow up to 100 times more traffic to be handled by the WebMux™ load balancer. The disadvantage for direct routing is that the firewall protections built-in to the WebMux™ will no longer function. Users then must provide their own firewall for incoming and outgoing traffic. Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Sample Configurations Single WebMux™ • This installation requires one WebMux™. • One WebMux™ interface (Internet) connects to the Router LAN. other interface connects to the Server LAN. • The WebMux™ translates the Router LAN IP addresses to an internal non-routable class-C address. In this example, the netmask is 255.555.255.0. The IP address of the WebMux™ interface on the Router LAN is 205.133.156.220.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x • Farm 2 IP address is 205.133.156.210. Servers 2 and 3 serve Farm 2. • Changes to the server: change the default gateway to 192.168.199.1, as well as the IP address to the 192.168.199.xxx address. If on the server there is a service attached to the IP address (HTTP/S, FTP, etc), please make sure the service will run on the new IP address.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Redundant Installation • The installation requires two WebMuxes. One will be the primary, and the other the secondary. They connect together with the Ethernet cable that is either cross-over or through a hub. The primary redundant interface IP address is 192.168.255.253; the secondary redundant interface IP address is 192.168.255.254. They can not be changed. • Both WebMuxes connect to the Router LAN, and to the Server LAN.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x 255.0.0.0. The IP address of the WebMux™ interfaces attached to the Server LAN are 10.1.1.10 and 10.1.1.20. • The Default Gateway for all the servers is 10.1.1.1. • Farm 1 IP address is 205.133.156.200. • Servers 1 and 2 serve Farm 1. • Farm 2 IP address is 205.133.156.210. • Servers 2 and 3 serve Farm 2. • Changes to the servers: change default the gateway to 10.1.1.1, as well as the IP addresses to the 10.3.1.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Installation without IP Address Change (OOP) Out-of-Path Mode: The above diagram is an example about how to configure the WebMux™ in outof-path mode without changing the IP addresses of the web servers and other servers that already exist on the network. This is particularly helpful when the changing of an existing network of servers causes problems.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 2 for how to configure a loopback adapter, as well as how to remove the route from the servers. Please note for Out-of-Path to work properly, the loopback adapter must route the return traffic through the real network interface. In other words, the loopback adapter cannot have the gateway specified. Please refer to Appendix 1 and 2 for more details on how to configure the loopback adapter on servers.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Installation without IP Address Change (TM) Transparent Mode: Transparent Mode is another WebMux™ configuration that allows you to keep the existing IP addresses of your servers. Like Out-of-Path mode, the servers and the WebMux™ will be on the same IP network. However, physically, the servers will be connected to the WebMux™ in the same way they would be for NAT mode, on the server LAN port.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x When creating a farm, choose a unique farm IP address in the network, and then add the server IP address under that farm. Load balancing occurs when the “Farm IP” is accessed instead of the servers’ actual IP. There are no configuration changes that need to be made on the servers, only the way they are physically connected to the network. The diagram also gives an example of a redundant WebMux™ setup.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Configuring the WebMux™ Before you Start Please collect the information about names and IP addresses designated by the arrows in the network topology below. Network Terminology A Virtual Farm includes the WebMux™ setup and the servers under it. Functionally, it acts as a single unit on a network. For example, http://www.you.com is one virtual server farm; https://www.me.com is another farm, and ftp://ftp.cainetworks.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x To serve the Internet, there must be at least one Internet Router. This local area network that connects the router and the WebMux™ is called the Router LAN. In this LAN, the WebMux™ takes the Internet traffic and distributes it to the servers behind it. The LAN connecting the WebMux™ and real servers together is called Server LAN. WebMux has three mode, NAT mode, OOP mode, and transparent mode.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x • Connect the WebMux™(es) to the Router LAN (NAT and Transparent mode). • Power up all devices in the network. • Verify that all the devices are up and running. • You are now ready to configure WebMux™. Hardware Setup ---Configuration Summary CAUTION: Do not proceed without collecting all necessary information. • Turn on the WebMux™.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Enter the host name of the WebMux™. Use the right arrow to move the position, the up and down arrows to select characters, left arrow to move back in position, check mark button to confirm the change. This host name is for identification purposes. You may call it webmux1, webmux2, etc. (Trick to enter name quickly: If you hold down the up/down button for more than a second, the letter will start changing quickly.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x NAT Mode Related Configuration Enter Router LAN WebMux™ Proxy IP Address: This is the IP address that the WebMux™ uses as the external IP address when it functions as a proxy. This IP address can be used to setup the first farm. When any server behind the WebMux™ (on the Server LAN) initiates communication with another host, the WebMux™ substitutes the servers’ IP address with this address.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x These IP addresses cannot be your Internet registered addresses. They must be Internet non-routable. For example, you can assign addresses in a 10.0.0.0 network address range, or a 192.168.199.0, etc. Enter Server LAN Network IP Address Mask: This is the network mask of the Server LAN. For a class A network, it may be 255.0.0.0. For a class C network, it may be 255.255.255.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Please continue to the Common Configuration section. 24 Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Out-of-Path Related Configuration Enter Server LAN WebMux™ IP Address: This is the IP address of the WebMux™ interface that connects to the Server LAN. This IP address must also be unique for each WebMux™. The purpose of this IP address is to allow the WebMux™ to check the network and server health. Even for the backup WebMux™, this address must be unique.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Common Configuration -For NAT, Transparent (Bridge), and Out-of-Path Mode Enter External Gateway: This is the common setup for NAT, Transparent, and Out-of-Path modes. This is an address on the firewall or router local interface. In NAT mode, the WebMux™ needs to know this to route the server replies back to the clients.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Clear Allowed Host File? Allowed host file prevents any unauthorized access to the WebMux™ Management Console. If a workstation’s IP address is not in the allowed host file, that computer will not be able to reach the WebMux™ management console through the network. However, sometimes a wrong IP address is entered so that no computer can access the browser management console.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x case passive FTP is one of your server farms. Using port number below 1024 will not need to have this farm. Discard Changes Made? User can select Yes at this point, all the changes made will be discarded. By default the answer is NO, all the changes will be saved to internal solid state storage. Changes will take effect after next reboot. The next question will be Reboot Now? Reboot now? This is the end of initial configuration.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x What if I made mistake in my configuration? One can always make changes to the hardware settings by press the CheckMark button for three seconds when the statistic screen showing. It will start the prompt questions which will allow the user to navigate from one prompt to another by using the up/down button on the left most LCD position.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Management Console After the Initial Configuration, the user should be able to connect a web browser to the WebMux™. The web browser does all of the WebMux™ management. The following sections explain each of the easy to use management console screens. • • • • • • • Login Administration Setup Page o Change Password o Set Clock Status Add Farm Modify Farm Add Server Modify Server 30 Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Login Start Login Page: • • • Start a web browser from your management workstation. Set URL to https://webmuxip:webmuxport/cgi-bin/login o webmuxip is the IP address of the WebMux™ on the server LAN. o webmuxport is the management port address of the WebMux™. The default ports are 24 for an unsecured connection, and 35 for the secured connection.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Fill in the correct password for the selected User ID. The password is case sensitive. The default passwords are: ID Password superuser superuser webmux webmux It is recommended to change the passwords periodically. No new user ID can be added. Login: After entering the correct password, click Login. NOTE: For first time setup, please login as superuser and go to the Administration Setup by clicking the Setup button.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Main Management Console Once logged in to the Management Console, this main screen will show.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Download/Upload This button will allow the user to save and restore the WebMux™ configuration to and from their management workstation. See later chapter for details. Setup This button brings up the “Administration Setup” page. "superuser" login is required to access this page. See related section later for details. Show Event This button will display all the events since the WebMux’s last reboot.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Administration Set Up After login into management console as superuser, click on the setup button, you will come to this screen: Allowed remote host IPs: The WebMux™ management console and diagnostic login only allow logins from these IP addresses to establish a management session. You can access from more than one IP address by specifying all the allowed IP addresses separated by a ":".
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x management software from any IP address. It is recommended to set this up for security reasons. If wrong IP addresses are entered, management console login might not be possible. Use the push button controls on the WebMux™ to clear the allowed host list. This field is blank by default. Dialout prefix: Some phone systems require a prefix for outside phone numbers. If a prefix is required, enter it here.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Server gateway IP address: The WebMux™ appears to all the servers in the farms as a gateway or router. This is the IP address for the WebMux™ acting as a router for the servers. This address should be the gateway IP address in the web (or other) servers. It is highly recommend adding it to the /etc/hosts file on your servers.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x exceeded the value set for the “connection warning” threshold, the designated numbers would be paged. Least significant bits in client IP address to ignore for persistent connections: This feature allows persistent connections to be handled properly when communicating with America Online’s bank of cache servers. With AOL’s cache servers, the IP address of the cache server becomes the source address.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Persistence Timeout: The WebMux™ will keep track the browser connections if the persistent farm is defined and accessed. Within the timeout time period, the WebMux™ will send any request from the browser IP address to the same server. Our survey shows 5-6 minutes is the best value for most cases. The larger the persistence timeout value, the less chance user connection get lost.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x to change its own weight and announce such change to a remote syslog daemon. Please see appendix 5 for a sample code and a list of allowed responses. UDP NTP Time Server IP Address: Since version 5.4, the WebMux™ can sync its internal clock with any UDP NTP server. By default it points to a tier 2 NTP server. You can also set it to your Internet NTP server, or wipe out the entry to not sync to any NTP server.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Change Password Name: Select the login name for which the password is to be changed. New Password: Enter the new password. This is the password to which the login will be changed. New Password Again: Enter the same password as in the previous box. Confirm/Cancel: Click Confirm to execute the change. Click Cancel to return to the previous screen WITHOUT changing the password. 42 Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Change PIN To protect the WebMux™ from unauthorized changes from front push buttons, a PIN can be entered here to prevent saving any change from the front panel. By default, there is no PIN. Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Set Clock Click this button to go to the “Set the Clock” page. The time and date of the WebMux™ then can be set. Please note that the WebMux™ internally uses GMT time zone, not your local time zone, per W3C/HTTP protocol. If the timezone is not set correctly, the browser access could be denied due to “cookie” time out.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x NOTE: It is recommended to set the WebMux™ clock to UTC (GMT) time. Time Zone: Select the time or hour offset to the UTC (GMT) time. You can set the WebMux ™ to your local time, if your time zone is selected here. Confirm/Cancel: Click Confirm to execute the date and time change. Click Cancel to return to the previous screen WITHOUT making any date or time changes. Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Add Farm Click Add Farm to add a virtual site for the services you want to provide. The “ADD FARM” screen will appear: By default, the SSL termination is NOT on. The description here is for model 480S. Other model can be configured similarly. During “Add Farm” action, first select “add HTTP farm”, then click on the “Select SSL Termination”. Choosing from any key other than “none” will enable SSL termination on the HTTP farm.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x after the WebMux™ terminates the SSL traffic, only clear traffic will go to servers. When the servers return traffic back, the WebMux™ will re-encrypt the data and send encrypted back to client. If you are using out-of-path mode, please make sure your servers’ gateway points to the WebMux™ server LAN gateway IP address; so that the WebMux™ has the chance to re-encrypt the data before replying back to clients.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x SSL Keys WebMux™ model 480S, 580SG, 680PG support SSL termination. For models that do not support SSL termination, please ignore this section. WebMux™ supports SSL V2, SSL V3, and TLS V1 with RSA key length from 512, 1024, and 2048. For each WebMux™, one can have 16 SSL certificates: Any key can be active or not active. The first line of the private key is the comment. See included 48 Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x two sample keys for details. If there is no comment line in the key, it will be blank. If there is no key, it will display “(key and certificate unset)”. Key length can be different from 512 to 2048. RSA key length 1024 also called 128bit strong encryption. You can click “manage key1” or “manage key2” to generate keys, copy and paste signed certificates: You can view, copy and paste keys into the two windows.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x If you plan to generate new keys, click on the drop down box above the private key window to select key length, and then click on the “Confirm” button. This process is also known as “generate a CSR” – Certificate Signing Request. It is the process that you generated a key pair and send the public key to CA for “signing”.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x There should be 3 certificates. The one whose identity is your e-mail address is the site certificate. The one whose subject and issue are identical is the CA root. The 3rd one is called intermediate certificate. Please paste your site certificate first, followed by your intermediate certificate.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Upload/Download Download: This feature allows the SAVED (not necessarily the active) configuration to be saved at the Administrative Browser workstation. Click on the Click Here to display the configuration. Choose ‘File->Save As’ from the browser menu to save it as a text file. Changes can be made to this file and uploaded to the WebMux™ without changing the first comment line.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x and upload all settings to the WebMux™, so that you do not need to go through step by step configuration (requires both WebMuxes on the same firmware revision). Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x More about Add Farm Farm IP address: This is the IP address of the new farm. For SSL terminated traffic, each farm must have its own IP address. The farm address could be the Internet known address or the address has been translated by your firewall. For example, if you want to create an http farm for www.mydomain.com, the farm IP address will be the IP address for www.mydomain.com from your DNS record. If the IP address of www.mydomain.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x 205.188.166.10. The WebMux™ will then translate the farm address to the web server address in your DMZ or internal network. Since version 4.0.3, we also introduced “label” concept for the farms and servers. Once the label is specified, the WebMux™ will display in the Show-Status screen the label for the farm and server instead of the IP addresses.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x WebMux™ has been tested extensively working with all versions of Windows, Linux and HP-UX 11.X under this mode. Other OS should also working fine. CAUTION: Once a new farm is added, the IP address of the farm cannot be changed. To correct the IP address, the old farm has to be deleted and a new one to be created. Port: This is the port number for the farm.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Layer 7 hashed URI load directing does a mod function on the URI string as part of its load balancing mechanism. 58 Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Modify Farm Modify farm can be invoked from the main management console screen by clicking on the farm IP addresses or labels. Farm IP address and port number: These numbers are displayed here for reference purposes. These fields are set in the "Add Farm" screen. Once set, they are not changeable. If they must be changed, delete the farm and then add a new one.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Add Server Click this button to add a new server to this farm. Server IP Address: This is the IP address of the server to be added. Since version 4.0.3, the WebMux™ allows adding a label next to each server’s IP address. The purpose of labeling a server is only to help identify the server in the farm. It has nothing to do with the name resolution of the server.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Weight: Scheduling priority weight. Valid integer numbers are between 1 and 100. A server that has a weight of 2 will be directed twice as much traffic as a server with a weight of 1. A special zero weight setting is provided for a graceful shut down of a server. When the weight is changed to zero, the WebMux™ will not send new connections, but will maintain all current connections to the server.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Add L7 Server If setting up a Layer 7 farm, the add server screen will be similar to this: Two options extra options are available: • Match Pattern • Pattern is anchored Match Pattern: This is the pattern the URI will be compared to. It is stated in extended regular expressions format. Please refer to Appendix 7 for some examples. Pattern is Anchored: An anchored pattern has the preceding / included in the match pattern.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Modify Server Modify Server can be invoked by clicking on the server IP address on the Status screen. Destination server IP address and port number: These parameters are set in the “Add Server” screen. Once set, these fields cannot be modified. To correct this setting, delete the server and add a new one. Label: The label can be changed at any time.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x • • • • Active Favorite Active Standby Last Resort Standby Copyright© 1997-2006 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Initial setup change Through Browser Sometimes users like to change the basic settings for the WebMux™ through browser interface, for example, when the WebMux™ located in a hosting center across the country. If one has information about the WebMux™ current basic settings, one could change those parameters through browser.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x This section on the “rec” screen will allow the manager to correct the clock, if it is off. After entering proper password and setting the clock information (optional), the “continue” button will bring up this screen: When the mouse moved over a field, the current value will be automatically filled. The user may change it based on new information obtained from ISP or network engineers.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Sample Configuration Worksheets Standalone WebMux™ NAT Mode Configuration Before WebMux™ Installation Equipment IP Address Internet Router (or Firewall) Address 205.133.156.1 Webserver(s) Default Gateway 205.133.156.1 Web Site IP Address 205.133.156.200 Configuration After WebMux™ Installation Question Entry webmux Host Name Domain Name NAT, Transparent, or Out-of-Path cainetworks.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Standalone WebMux™ Transparent Mode Configuration Before WebMux™ Installation Equipment IP Address Internet Router (or Firewall) Address 205.133.156.1 Webserver(s) Default Gateway 205.133.156.1 Web Site IP Address 205.133.156.200 Configuration After WebMux™ Installation Question Entry WebMux Host Name Domain Name NAT, Transparent, or Out-of-Path Cainetworks.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Out of Path Installation of WebMux™ Configuration Before WebMux™ Installation Equipment IP Address Internet Router (or Firewall) Address 10.1.1.1 Webserver(s) Default Gateway 10.1.1.1 Web Site IP Address 10.1.1.200/255.255.0.0 Configuration After WebMux™ Installation Question Entry webmux Host Name Domain Name NAT, Transparent, or Out-of-Path cainetworks.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x and assign the farm address to the loopback adapter. For MS Windows, it always adds a route for the loopback adapter, which will need to be removed, please refer to Appendix 2. In the virtual farm, each server uses its original IP address to join the farm. For SSL termination or Layer 7 load balancing, you must set server LAN gateway IP address and set the servers’ default gateway to that IP. 72 Copyright© 1997-2005 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x A Redundant Installation Configuration Before WebMux™ Installation Equipment IP Address Internet Router (or Firewall) Address 205.133.156.1 Webserver(s) Default Gateway 205.133.156.1 Web Site IP Address 205.133.156.200 Configuration Before WebMux™ Installation Question Entry Secondary Primary Host Name webmux1 Domain Name NAT, Transparent, or Out-of-Path Cainetworks.com Cainetworks.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Contact Information For latest product and support information, please visit our web site at: http://www.cainetworks.com To reach us by e-mail: Support: support@cainetworks.com Sales: sales@cainetworks.com To reach us by phone: Support: 714-550-0901 X2 74 Copyright© 1997-2005 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x FAQs Q. R. I can’t login with my browser. It always says you are not logged into? To use your browser to manage the WebMux™, it must be set to accept all cookies. Because the cookie sets expired in 8 hours, you also need to make sure your hardware clock set correctly using GMT. The message indicates your system clock off. Please refer to page 45 for how to set the internal clock. Q. R.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Q. R. Q. R. Q. R. Q. R. Q. R. Q. R. How come my servers in the farm showing in red color from time to time, even the servers are okay? Your servers are trying to resolve WebMux’s IP address to name so it could log them into log file. To avoid this problem, set the servers not resolve the IP addresses, also adding all the IP address to the /etc/hosts file on your servers. For example, www.mydomain.com 1.2.3.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x or computers behind WebMux™. WebMux™ does not have the management functionality for restricting which IP address or services an internal host can reach to the outside. If such restriction is desirable, then additional firewall is needed. Q. R. What can I do if the service that I want to load balance is not in the list? WebMux™ as is already supports many different services.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Regulations Notice to the USA Compliance Information Statement (Declaration of Conformity Procedure) DoC FCC Part 15: This device complies with part 15 of the FCC Rules. Operation is subject to the following conditions: 1) This device may not cause harmful interference, and 2) This device must accept any interference received including interference that may cause undesired operation.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 1 – How to Add A Loopback Adapter For out-of-path mode, a loopback adapter or device in similar function is required. This appendix listed a few different ways to add such a device for different OSes. Installing the MS Loopback Adapter 1. Click Add Hardware -> Add a new device -> No, I want to select the hardware from a list, and select Microsoft Loopback Adapter from the list and click OK. 2.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x For SUSE Enterprise Linux 9: You can use YAST to set up a Virtual Interface and add the farm IP. For HP/UX 11.00 and 11i: Please make sure PHNE_26771 and related patches applied first. Login as root, and add this command to the bootup script: ifconfig lo0:1 farm_ip_address up For FreeBSD: ifconfig lo0 inet farm_ip_address netmask 255.255.255.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 2 - How to make route delete reboot persistent 1. In a Windows system, go to boot drive root by cd C:\; 2. Use a text editor to create a text file, in which it contains one line: route delete 10.1.0.0 mask 255.255.0.0 10.1.1.200 3. In above file 10.1.0.0 is the network destination, 255.255.0.0 is the Netmask for the network, and 10.1.1.200 is the farm address, also is the address for the loopback adapter address. 4.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 3 - Phone Paging Codes When an error occurs, the WebMux™ will send an error code to the regular numerical pager assigned in the Administration Setup page. Please refer to the Management Browser - Administration Setup section on setting up phone pager numbers. To be as compatible as possible to different types of pagers, only numeric error codes are used.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x For WebMux™ Primary Only • 66 - Secondary is not responding. For WebMux™ Secondary Only • 71 - Primary failed. Secondary took over from Primary. • 72 - Primary went back up. Control returns to the Primary. Copyright© 1997-2005 CAI Networks, Inc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 4 – Virtual Hosting Issues Servers serving more than one web site may do virtual hosting. The WebMux™ supports virtual hosting by checking the virtual server’s response. There are three different situations for the WebMux™ to handle. If the service is HTTPS, there is no way to do virtual hosting on the same IP address. However, each HTTPS farm can be on a different IP address on the same server.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 5 – Sample Custom CGI Code The custom cgi-bin checking program may be written in Java, VB, C, or Perl, for example, or it may be a WB or shell script. Here is sample script written for the linux shell bash which sees if an SSH daemon is running as its check criterion. #!/bin/bash echo "Content-type: text/plain" echo # blank line if ps -C sshd &>/dev/null ; then echo "OK" # response from server goes here, see list below.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 6 – Access CLI Commands Once the diagnose ports set, superuser could use ssh or telnet to access the CLI commands to help troubleshoot network problems or server problems. There are maximum two diagnose ports. The first one will be SSH and second one will be Telnet. If there is only one port specified, only SSH access is allowed. “ssh –l superuser –p port_number WebMux_ip_address” Can be issued from any Linux/Unix computer.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x Appendix 7 – Extended Regular Expressions Example Patterns: An item which has the string "Compiler" in it. Compiler Items with various spellings of "Dijkstra" with the j replaced by any character Di.kstra Items with various spellings of "Dijkstra" with the "ijk" replaced by any number of characters D.*stra An item with either "Compiler" or "compiler" in it. [cC]ompiler String like bananas, banananas, bananananas etc.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x syslogd · 36 T timeout · 33, 34, 36, 40 Timeout · 34, 40 TLS · 48 Transparent · i, ii, 4, 7, 16, 20, 21, 26, 55, 67, 68, 69, 70, 72 U Upload · 34, 52 URL · 31, 40, 56, 65, 83 V version · 20, 41, 55, 60, 76 Virtual Farm · 7, 18 W weight · 40, 61, 63, 74, 84 90 Copyright© 1997-2005 CAI Networks, Inc.
