ServerIron TrafficWorks Server Load Balancing Guide

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ServerIron TrafficWorks Server Load Balancing Guide"

Transcription

1 ServerIron TrafficWorks Server Load Balancing Guide ServerIron 4G Series ServerIronGT C Series ServerIronGT E Series ServerIron 350 & 350-PLUS ServerIron 350 & 350-PLUS ServerIron 450 & 450-PLUS Release Date: April 7, 2008 Publication Date: April 7, 2008 Version Great America Parkway Santa Clara, CA Tel

2 Copyright 2007 Foundry Networks, Inc. All rights reserved. No part of this work may be reproduced in any form or by any means graphic, electronic or mechanical, including photocopying, recording, taping or storage in an information retrieval system without prior written permission of the copyright owner. The trademarks, logos and service marks ("Marks") displayed herein are the property of Foundry or other third parties. You are not permitted to use these Marks without the prior written consent of Foundry or such appropriate third party. Foundry Networks, BigIron, FastIron, IronView, JetCore, NetIron, ServerIron, TurboIron, IronWare, EdgeIron, the Iron family of marks and the Foundry Logo are trademarks or registered trademarks of Foundry Networks, Inc. in the United States and other countries. F-Secure is a trademark of F-Secure Corporation. All other trademarks mentioned in this document are the property of their respective owners.

3 Contents CHAPTER 1 ABOUT THIS GUIDE INTRODUCTION AUDIENCE CONVENTIONS RELATED DOCUMENTATION REPORTING DOCUMENTATION ERRORS HOW TO GET HELP WEB ACCESS ACCESS TELEPHONE ACCESS CHAPTER 2 NEW FEATURES AND ENHANCEMENTS SOFTWARE DEPENDENCIES FOR HARDWARE PLATFORMS FEATURES AND ENHANCEMENTS FOR RELEASE FEATURES AND ENHANCEMENTS FOR RELEASE FEATURES AND ENHANCEMENTS FOR RELEASE B FEATURES AND ENHANCEMENTS FOR RELEASE A FEATURES AND ENHANCEMENTS FOR RELEASE FEATURES AND ENHANCEMENTS FOR RELEASE FEATURES AND ENHANCEMENTS FOR RELEASE CHAPTER 3 SERVER LOAD BALANCING VALUE OF SLB HOW SLB WORKS SLOW-START MECHANISM LOAD-BALANCING PREDICTOR April 7, Foundry Networks, Inc. i

4 Server Load Balancing Guide LEAST CONNECTIONS ROUND ROBIN WEIGHTED SERVER RESPONSE TIME ONLY LEAST CONNECTION AND SERVER RESPONSE TIME WEIGHTS LEAST LOCAL CONNECTIONS LEAST LOCAL SESSIONS DYNAMIC WEIGHTED PREDICTOR CONFIGURABLE APPLICATION GROUPING STICKY CONNECTIONS CONFIGURABLE TCP/UDP APPLICATION GROUPS CONCURRENT CONNECTIONS STICKY VIPS UNLIMITED VIPS GEOGRAPHICALLY-DISTRIBUTED SERVERS SYMMETRIC SLB LINK-LEVEL REDUNDANCY SWITCHBACK MANY-TO-ONE TCP/UDP PORT BINDING BINDING SAME REAL PORTS TO MULTIPLE VIP PORTS HTTP REDIRECT TRANSPARENT VIP AND STATELESS APPLICATION PORTS WINDOWS TERMINAL SERVER WITH L7 PERSISTENCE UNDERSTANDING WINDOWS TERMINAL SERVER CONFIGURING WINDOWS TERMINAL SERVER TFTP LOAD BALANCING MULTINETTING USING NAT CONFIGURING SLB CONFIGURATION GUIDELINES DEFINING THE REAL SERVERS AND ADDING THE APPLICATION PORTS CLONING REAL SERVERS DEFINING THE VIRTUAL SERVER (VIP) BINDING VIRTUAL AND REAL SERVERS GLOBAL SLB SETTINGS FAST-PATH SLB PROCESSING CONFIGURATION CONSIDERATIONS ENABLING FAST-PATH PROCESSING FOR STATELESS SLB GLOBALLY CHANGING THE LOAD-BALANCING METHOD CONFIGURING THE ENHANCED WEIGHTED PREDICTOR ASSIGNING WEIGHTS TO THE REAL SERVERS ENABLING THE WEIGHTED PREDICTOR ENABLING THE ENHANCED WEIGHTED PREDICTOR COMPARISON OF CONNECTION ASSIGNMENTS CONFIGURING DYNAMIC WEIGHTED PREDICTOR CONFIGURE REAL SERVER WITH SNMP QUERY REQUIREMENTS CONFIGURATION EXAMPLE CONFIGURE A VIRTUAL SERVER WITH DYNAMIC WEIGHTED PREDICTOR DYNAMIC-WEIGHTED DIRECT DYNAMIC-WEIGHTED REVERSE ii 2007 Foundry Networks, Inc. April 7, 2008

5 DELETION OF UDP DATA SESSION ALONG WITH TCP CONTROL SESSION FOR RTSP IDENTIFYING THE PORTS ATTACHED TO A ROUTER LIMITING THE MAXIMUM NUMBER OF TCP SYN REQUESTS CONFIGURING THE WARNING AND SHUTDOWN THRESHOLDS CONFIGURING WARNING AND SHUTDOWN THRESHOLDS FOR ALL REAL SERVERS CONFIGURING WARNING AND SHUTDOWN THRESHOLDS FOR AN INDIVIDUAL REAL SERVER VIEWING THRESHOLD MESSAGES IN THE SYSLOG SENDING ICMP PORT UNREACHABLE OR DESTINATION UNREACHABLE MESSAGES SENDING A TCP RST TO A CLIENT THAT REQUESTS UNAVAILABLE APPLICATIONS SENDING A TCP RST WHEN TCP SESSION ENTRY AGES OUT DISABLING TCP RST MESSAGE WHEN A REAL SERVER GOES DOWN DURING AN OPEN SESSION DISABLING TCP RST MESSAGE ON MAXIMUM CONNECTIONS ADDING A SOURCE IP ADDRESS ENABLING USE OF THE CLIENT MAC ADDRESS ENABLING SOURCE NAT GLOBALLY ENABLING REVERSE NAT DYNAMIC NAT FOR REAL SERVERS USING VIRTUAL SERVER ADDRESS DECREMENT COUNTERS IN DELETION QUEUE OVERVIEW OF DECREMENT COUNTERS IN DELETION QUEUE ENABLING DECREMENT SESSION COUNTERS IN DELETION QUEUE ENABLING FORCE-DELETE SETTING THE STICKY AGE SETTING STICKY WITHOUT COOKIE ALLOWING STICKY PORTS ENABLING TRANSPARENT VIP CONFIGURING TCP FAST AGING DECREMENTING THE CURRENT CONNECTION COUNTER FOLLOWING A SERVER RST DISABLING VIPS ENABLING SYN ACK THRESHOLD ENABLING SYNCHRONIZATION LINK FOR SYMMETRIC SLB ENABLING NO-GRACEFUL-SHUTDOWN ENABLING BACKUP TRUNK PORT REPLACING THE SOURCE MAC ADDRESS OF THE PACKET REAL SERVER SETTINGS CHANGING A REAL SERVER S IP ADDRESS ADDING A DESCRIPTION CONFIGURING A LOCAL OR REMOTE REAL SERVER CONFIGURING A LOCAL REAL SERVER CONFIGURING A REMOTE REAL SERVER CONFIGURING PRIMARY AND BACKUP SERVERS DESIGNATING A REAL SERVER AS A BACKUP ENABLING A VIP TO USE THE PRIMARY AND BACKUP SERVERS CONFIGURATION EXAMPLE DESIGNATING A REAL SERVER PORT AS A BACKUP DISABLING A REAL SERVER ADDING APPLICATION PORTS TO A REAL SERVER CONFIGURING A HOST RANGE April 7, Foundry Networks, Inc. iii

6 Server Load Balancing Guide CONFIGURING HOST-RANGE MAPS DEFINING THE MAXIMUM NUMBER OF SESSIONS CONFIGURING LOCAL MAX-CONN CONFIGURING LOCAL MAX-CONN FOR A REAL SERVER CONFIGURING LOCAL MAX-CONN FOR A REAL SERVER PORT SETTING THE TRAFFIC RATE THRESHOLD SETTING WARNING AND SHUTDOWN THRESHOLDS FOR A SERVER VIEWING THRESHOLD MESSAGES IN THE SYSLOG DISABLING LAYER 3 HEALTH CHECK ON A REAL SERVER ENABLING SOURCE NAT ON A REAL SERVER CONFIGURING THE WEIGHT FOR REAL SERVER SETTING A REAL SERVER S WEIGHT BASED ON RESPONSE TIME REAL SERVER PORTS DISALBING OR RE-ENABLING APPLICATION PORTS GLOBALLY DISABLING APPLICATION PORTS DISABLING SLB TO A SERVER WHEN AN APPLICATION IS DOWN UNBINDING ALL APPLICATION PORTS FROM VIRTUAL SERVERS REBINING AN APPLICATION PORT TO A VIRTUAL SERVER ENABLING OR DISABLING THE KEEPALIVE HEALTH CHECK CONFIGURING THE CONNECTION RATE LAYER 7 HEALTH CHECK PARAMETERS VIP SETTINGS ADDING APPLICATION PORTS AND BINDINGS CONFIGURING PRIMARY AND BACKUP SERVERS ENABLING A VIP TO USE THE PRIMARY AND BACKUP SERVERS CONFIGURING A HOST RANGE ENABLING HTTP REDIRECT ON A VIRTUAL SERVER CHANGING THE LOAD BALANCING METHOD ON A VIRTUAL SERVER SETTING SYMMETRIC SLB PRIORITY TRACKING THE PRIMARY PORT CONFIGURING A TRACK PORT GROUP TRACK GROUP HEALTH CHECK FOR REAL SERVERS SAMPLE CONFIGURATION ENABLING TRACK PORTS IN A TRACK GROUP TO UNBIND IDENTIFYING VIP PORT AS TCP ONLY OR UDP ONLY ENABLING SERVER CLUSTER SUPPORT ENABLING FAST AGING FOR UDP SESSIONS ENABLING NORMAL UDP AGING FOR DNS AND RADIUS ENABLING TRANSPARENT VIP SETTING TCP AND UDP AGES FOR VIPS PER SERVER BASED REAL SERVER BACKUP OVERVIEW OF PER SERVER BASED REAL SERVER BACKUP CURRENT BACKUP SCHEME PER SERVER BASED BACKUP SCHEME COMMAND LINE INTERFACE SERVER BACKUP ASSOCIATION SERVER PORT BACKUP ASSOCIATION DISPLAY THE BACKUP BINDINGS iv 2007 Foundry Networks, Inc. April 7, 2008

7 VIRTUAL SERVER PORTS DISABLING OR RE-ENABLING AN APPLICATION PORT GLOBALLY DISABLING REAL AND VIRTUAL PORTS CONFIGURING STICKY PORTS CONFIGURING STICKINESS BASED ON CLIENT S SUBET INCREASE STICKY-AGE PER VIP LONGER THAN 60 MINUTES ENABLING A CONCURRENT PORT CONFIGURING THE SMOOTH FACTOR CONFIGURING A STATELESS PORT CONFIGURING VIRTUAL SOURCE DISABLING PORT TRANSLATION ENABLING THE SERVERIRON TO USE THE ALIAS PORT S STATE STICKY CONNECTION RETURN FROM BACKUP SERVER TO PRIMARY PERFORMING SLB BASED ON ALIAS PORT STATE IP LOAD BALANCING BACKGROUND OVERVIEW HASHING MECHANISM IP LOAD BALANCING VS REGULAR LOAD BALANCING FEATURE INTEROPERABILITY HIGH AVAILABILITY MINIMUM REQUIRED CONFIGURATION LOAD BALANCING SPECIFIC IP PROTOCOLS DISPLAYING LOAD BALANCING AND HASH DISTRIBUTION STATISTICS BINDING A REAL SERVER PORT TO MULTIPLE VIPS CONFIGURING HARDWARE FORWARDING OF PASS-THROUGH TRAFFIC SSL ACCELERATORS SLB CONFIGURATION TCS CONFIGURATION GROUP STICKY: L4 SLB TO SERVER GROUP ENABLING GROUP STICKY CONFIGURATION EXAMPLE ENABLING GROUP STICKY FAILOVER HASH-BASED SLB WITH SERVER PERSISTENCE PERSISTENT HASH TABLE CLEAR VS REASSIGN MECHANISMS ENABLING PERSISTENT HASHING ENABLING THE CLEAR-ON-CHANGE MECHANISM ENABLING THE REASSIGN-ON-CHANGE MECHANISM CONFIGURING THE REASSIGN THRESHOLD AND DURATION REASSIGNMENT SEQUENCE AND EXAMPLE KEEPING THE PERSISTENT HASH TABLE UNCHANGED REAL SERVER FAILURE DISPLAYING PERSISTENT HASH TABLE ENTRY AND STATISTICS CLEARING THE HIT COUNT FOR THE PERSISTENT HASH TABLE CLEARING THE PERSISTENT HASH TABLE ENABLING DEBUGGING FOR PERSISTENT HASH April 7, Foundry Networks, Inc. v

8 Server Load Balancing Guide REASSIGNING A PERSISTENT HASH TABLE ENTRY VIP ROUTE HEALTH INJECTION OVERVIEW INJECTING AND DELETING VIP ROUTE BASED ON VIP HEALTH VIP RHI AND HIGH AVAILABILITY TOPOLOGIES CONFIGURATION CONSIDERATIONS ENABLING OR DISABLING VIP RHI DEFINING THE HEALTH OF A VIP PORT DEFINING THE HEALTH OF A VIP CONFIGURING THE VIP RHI ROUTE MASK LENGTH DISPLAYING RHI INFORMATION DISPLAYING ROUTE TYPE CONFIGURATION EXAMPLES BASIC CONFIGURATION BOTH SERVERIRON SITES WORKING IN PRIMARY MODE SITE-1 SERVERIRON IN PRIMARY MODE AND SITE-2 IN BACKUP MODE REAL SERVER SHUTDOWN POLICY-BASED SLB CONFIGURING A POLICY LIST SIMPLIFIED FORMAT FOR THE POLICY LIST FILE SPECIFYING THE MAXIMUM NUMBER OF ENTRIES NO LIMIT TO THE SIZE OF THE POLICY LIST FILE DELETING AN ENTRY FROM THE POLICY LIST DELETING AN ENTIRE PBSLB LIST DYNAMICALLY DOWNLOADING A POLICY LIST DOWNLOADING A POLICY LIST USING TFTP COPYING A POLICY LIST TO A FILE ON TFTP SERVER WRITING THE POLICY LIST TO FLASH MEMORY SPECIFYING A DEFAULT SERVER GROUP ASSIGNING REAL SERVERS TO SERVER GROUPS ENABLING PBSLB FOR A PORT ON A VIRTUAL SERVER DELETING EXISTING PBSLB SESSIONS DISPLAYING PBSLB ENTRIES VIP TRAFFIC NO LONGER BLOCKED DURING POLICY FILE DOWNLOAD PACKET TRACE INCREASE IN THE SIZE OF PBSLB LIST (SPAM LIST) PBSLB POOL FAILSAFE GROUP OVERVIEW OF PBSLB POOL FAILSAFE GROUP EXPECTED BEHAVIOR OF PBSLB FAILSAFE GROUP COMMAND LINE INTERFACE CREATE A PBSLB FAILSAFE GROUP ENABLE PBSLB ON A VIP PORT SHOW COMMMANDS AUTO DOWNLOAD OF PBSLB LIST CONFIGURING PBSLB DOWNLOAD-INTERVAL CONFIGURING PBSLB TIME-OF-DAY PBSLB SYSLOG MESSAGES BANDWIDTH METRIC FOR SLB vi 2007 Foundry Networks, Inc. April 7, 2008

9 EXAMPLE ENABING THE BANDWIDTH METRIC PREDICTOR CHANGING THE SIZE OF THE BANDWIDTH SAMPLING WINDOW CHANGING THE SIZE GLOBALLY CHANGING THE SIZE FOR A VIRTUAL SERVER ENABLING METRIC ALGORITHMS RE-ENABLING THE SUM ALGORITHM ENABLING THE WEIGHTED SERVER SUM ALGORITHM ENABLING THE WEIGHTED-INTERVAL SUM ALGORITHM DISPLAYING BANDWIDTH USAGE STATISTICS DISPLAYING BANDWIDTH USAGE DISPLAYING BANDWIDTH USAGE COUNTS CLEARING OCTET COUNTS IN THE BANDWIDTH OCTET LIST POLICY-BASED ROUTING FOR REVERSE SLB TRAFFIC DSR SETTING DSR NORMAL AGE REVERSE SESSION REMOTE FAILOVER SERVERS FOR SWITCHBACK HEALTH CHECKS WITH SWITCHBACK SYN-DEFENSE WITH SWITCHBACK PLACING A SESSION IN TIMEOUT QUEUE SWITCHBACK CONFIGURATION EXAMPLE CONFIGURING SERVERIRON A CONFIGURING SERVERIRON B CONFIGURING THE LOOPBACK ADDRESS ON A REAL SERVER DISPLAYING SERVER INFORMATION DISPLAYING GLOBAL LAYER 4 SERVERIRON CONFIGURATION DISPLAYING REAL SERVER CONFIGURATION STATISTICS DISPLAYING VIRTUAL SERVERS CONFIGURATION STATISTICS DISPLAYING INFORMATION ABOUT VIRTUAL SERVER S BOUND PORTS DISPLAYING A LIST OF FAILED SERVERS DISPLAYING A LIST OF FAILED PORTS DISPLAYING PORT-BINDING INFORMATION DISPLAYING PACKET TRAFFIC STATISTICS DISPLAYING CONFIGURATION INFORMATION SHOW AGGREGATE HEALTH OF TRACKED PORTS AUTO REPEAT OF SHOW COMMAND OUTPUT DISPLAYING VIP OWNER IN HA SETUP CLEARING ALL SESSION TABLE ENTRIES CLEARING THE CONNECTIONS COUNTER SLB CONFIGURATION EXAMPLES WEB HOSTING WITH ONE VIRTUAL SERVER MAPPED TO MULTIPLE REAL SERVERS WEB HOSTING WITH MULTIPLE VIRTUAL SERVERS MAPPED TO ONE REAL SERVER MANY-TO-ONE TCP/UDP PORT BINDING CONFIGURATION RULES CONFIGURATION EXAMPLE WEB HOSTING WITH UNLIMITED VIRTUAL IP ADDRESSES SLB INTRANET CONFIGURATION WITH HTTP, TELNET HOSTING ACROSS MULTIPLE VIRTUAL SERVERS AND MULTIPLE REAL SERVERS April 7, Foundry Networks, Inc. vii

10 Server Load Balancing Guide TCP/UDP APPLICATION GROUPS WEB HOSTING WITH SERVERIRON AND REAL SERVERS IN DIFFERENT SUBNETS WEB HOSTING WITH GEOGRAPHICALLY-DISTRIBUTED SERVERS USING HTTP REDIRECT WITH GEOGRAPHICALLY-DISTRIBUTED SERVERS USING REVERSE PROXY SLB BASIC EXAMPLE E-COMMERCE EXAMPLE LOAD BALANCING STREAMING MEDIA FILES LAYER 3 SLB BASIC SLB WITH ONE VLAN AND ONE VIRTUAL ROUTING INTERFACE BASIC SLB WITH MULTIPLE SUBNETS AND MULTIPLE VIRTUAL ROUTING INTERFACES IPSEC AND VPN LOAD BALANCING CONFIGURING IPSEC AND VPN LOAD BALANCING CONFIGURATION EXAMPLE ACTIVE-ACTIVE INSIDE SOURCE NAT WITH SLB AND VRRPE SI A CONFIGURATION SI B CONFIGURATION SERVER OPT-ENABLE-ROUTE-RECALCULATION CHAPTER 4 STATELESS SERVER LOAD BALANCING STATELESS TCP/UDP PORTS HOW THE SERVERIRON SELECTS A REAL SERVER FOR A STATELESS PORT CONFIGURING A STATELESS APPLICATION PORT DISABLING THE STATELESS SLB HASHING ALGORITHM FOR UDP PORTS CONFIGURING A PORT TO BE BOTH STATELESS AND STATEFUL STATELESS HEALTH CHECKING CONFIGURING STATELESS HEALTH CHECKS CONFIGURING A STATELESS HEALTH CHECK GROUP SETTING A SERVERIRON S STATELESS HEALTH CHECK PRIORITY CHAPTER 5 HEALTH CHECKS HEALTH CHECKS OVERVIEW ENHANCED SERVER BRINGUP APPLICATION PORTS LAYER 3 HEALTH CHECKS ARP REQUEST IP PING LAYER 4 HEALTH CHECKS TCP UDP LAYER 7 HEALTH CHECKS DNS FTP HTTP (STATUS CODE) HTTP (CONTENT VERIFICATION) SCRIPTED (CONTENT VERIFICATION FOR UNKNOWN PORTS) viii 2007 Foundry Networks, Inc. April 7, 2008

11 IMAP LDAP MMS NNTP PNM POP RADIUS RTSP SMTP SSL (COMPLETE) SSL (SIMPLE) TELNET DISTRIBUTED HEALTH CHECKS HEALTH CHECKING FOR REAL SERVERS IN OTHER SUBNETS FASTCACHE SERVER AND APPLICATION PORT STATES SERVER STATES APPLICATION PORT STATES DISPLAYING REAL SERVER STATE INFORMATION DISPLAYING VIRTUAL SERVER STATE INFORMATION BEST PATH TO A REMOTE SERVER LAYER 3 HEALTH CHECK DISABLING LAYER 3 HEALTH CHECK MODIFYING THE PING INTERVAL AND PING RETRIES SETTING THE PERIODIC ARP INTERVAL SERVER PERIODIC-ARP ENHANCEMENT DISPLAYING DEBUGGING INFORMATION ABOUT PERIODIC ARPS LAYER 4 HEALTH CHECK DISABLING OR RE-ENABLING LAYER 4 HEALTH CHECK PERFORMING LAYER 4 UDP KEEPALIVE HEALTH CHECKS FOR THE DNS PORT HEALTH CHECKS FOR FIREWALL PATHS CHANGING THE MAXIMUM NUMBER OF LAYER 3 PATH HEALTH-CHECK RETRIES ENABLING LAYER 4 PATH HEALTH CHECKS FOR FWLB PORT PROFILES AND ATTRIBUTES CONFIGURING A PORT PROFILE ADDING A PORT AND SPECIFYING ITS TYPE CHANGING A PORT S KEEPALIVE PARAMETERS CONFIGURING PORT PROFILE ATTRIBUTES CHANGING A PORT S SESSION AGE DISPLAYING THE SESSION AGE OF A TCP PORT BASING A PORT S HEALTH ON THE HEALTH OF ANOTHER PORT BASING AN ALIAS PORT S HEALTH ON THE HEALTH OF ITS MASTER PORT OVERRIDING THE GLOBAL TCP OR UDP AGE ENABLING SESSION SYNCHRONIZATION CHANGING THE SMOOTH FACTOR ON AN APPLICATION PORT ENABLING RECURSIVE DNS HEALTH CHECKS REASSIGN THRESHOLD PREVENTING STATE FLAPPING ENABLING THE HEALTH CHECKING PROCEDURE IN RELEASES BEFORE SSL HEALTH CHECKS April 7, Foundry Networks, Inc. ix

12 Server Load Balancing Guide CONFIGURING SSL HEALTH CHECKS ERROR MESSAGES LAYER 7 HEALTH CHECKS ENABLING LAYER 7 HEALTH CHECK CHANGING HTTP KEEPALIVE METHOD, VALUE, AND STATUS CODES CONFIGURING HTTP CONTENT MATCHING LISTS DISPLAYING HTTP MATCH LISTS BINDING THE MATCHING LIST TO THE REAL SERVERS CONFIGURING SCRIPTED HEALTH CHECKS CONFIGURING A PORT PROFILE CONFIGURING A MATCHING LIST BINDING THE MATCHING LIST TO THE REAL SERVER USING A SCRIPTED HEALTH CHECK IN A HEALTH-CHECK POLICY CONFIGURING A HEALTH CHECK POLICY SCRIPTED HEALTHCHECK ENHANCEMENT ON REAL SERVERS BINARY SCRIPTED HEALTH CHECK SCRIPTED HEALTH CHECK FOR UDP PORTS OVERVIEW OF SCRIPTED HEALTH CHECK FOR UDP PORTS COMMAND LINE INTERFACE CONFIGURING SERVER PORT HEALTH CHECK POLICY CONFIGURING THE PORT POLICY BINDING THE POLICY CONFIGURING DNS HEALTH CHECK METHOD AND VALUES CONFIGURING RADIUS HEALTH CHECK VALUES CHANGING THE LDAP VERSION LAYER 7 HEALTH CHECK FOR AN UNKNOWN PORT CONFIGURING AN UNKNOWN TCP PORT TO USE LAYER 7 TCP HEALTH CHECKS CONFIGURING AN UNKNOWN UDP PORT TO USE A LAYER 7 HEALTH CHECK HEALTH CHECK OF MULTIPLE WEB SITES ON THE SAME REAL SERVER BOOLEAN HEALTH-CHECK POLICIES HEALTH-CHECK STATE HEALTH-CHECK POLICY CONFIGURING ELEMENT-ACTION EXPRESSIONS CONFIGURING A HEALTH-CHECK POLICY ATTACHING A HEALTH-CHECK POLICY TO AN APPLICATION PORT ON A SERVER GLOBALLY DISABLING ALL HEALTH-CHECK POLICIES DISPLAYING HEALTH CHECK POLICIES AND THEIR STATUS DISPLAYING HEALTH CHECK POLICY STATISTICS CLEARING HEALTH CHECK POLICY STATISTICS HEALTH CHECK POLICY FOR VIP PORT OVERVIEW OF HEALTH CHECK POLICY FOR VIP PORT COMMAND LINE INTERFACE MINIMUM HEALTHY REAL SERVERS UNDER VIP PORT OVERVIEW OF MINIMUM HEALTHY REAL SERVERS COMMAND LINE INTERFACE SERVER PORT BRING UP ENHANCEMENT OVERVIEW OF SERVER PORT BRINGUP COMMAND LINE INTERFACE x 2007 Foundry Networks, Inc. April 7, 2008

13 DISPLAYING SYSLOG ENTRIES SESSION TABLE PARAMETERS CONFIGURING THE MAXIMUM NUMBER OF ACTIVE SESSIONS CONFIGURING FAST SESSION AGING DISPLAYING INFORMATION ABOUT FAST AGING CLEARING STATISTICS COUNTERS FOR FAST SESSION AGING CLEARING STATISTICS COUNTERS FOR SESSIONS THAT AGED OUT RANDOMLY CONFIGURING TCP AGE CONFIGURING UDP AGE SETTING THE CLOCK SCALE SYSLOG FOR SESSION TABLE ENTRIES ENABLING TCP/UDP SESSION LOGGING SLOW-START MECHANISM OVERVIEW PORT SLOW-START MECHANISM DEFAULT PORT SLOW-START MECHANISM SETTING UP A USER-CONFIGURED PORT SLOW-START MECHANISM APPLYING A USER-CONFIGURED SLOW-START MECHANISM TO MULTIPLE PORTS GLOBALLY DISABLING OR RE-ENABLING THE SLOW-START MECHANISM LDAP OVER SSL CONFIGURING NON-BOOLEAN LDAP HEALTH CHECKS SCRIPTED HEALTH CHECK ENHANCEMENT FOR BOOLEAN ENHANCEMENT DESCRIPTION CONFIGURATION EXAMPLE DEBUGGING AND TROUBLESHOOTING FIN CLOSE FOR SERVER HEALTH CHECK CHAPTER 6 LAYER 7 SWITCHING SECTION 1: ADVANCED LAYER 7 SWITCHING FEATURES ENABLING CSW SPECIFYING SCAN DEPTH DEFINING CSW RULES CONFIGURING AN HTTP METHOD RULE CONFIGURING AN HTTP VERSION RULE URL RULES HTTP HEADER RULES XML TAG RULES CONFIGURING THE NESTED RULES DEFINING CSW POLICIES CREATING A POLICY CONFIGURING THE FORWARD ACTION CONFIGURING THE PERSIST ACTION CONFIGURING THE REPLY-ERROR ACTION CONFIGURING THE REDIRECT ACTION CONFIGURING THE LOG ACTION CONFIGURING THE CONTENT-REWRITE ACTION A UNDERSTANDING HTTP URL REWRITE B HTTP URL REWRITE FEATURES April 7, Foundry Networks, Inc. xi

14 Server Load Balancing Guide C CSW TOPOLOGY D. CONFIGURING HTTP URL REWRITE DA CONFIGURING HTTP URL REWRITE EXAMPLE DA.A.1 CREATE A POLICY WITH HTTP URL REWRITE D.A.A.2 CONFIGURE REAL AND VIRTUAL SERVERS D.A.A.3 ENABLE CONTENT SWITCHING D.A.A.4 HTTP URL REWRITE CONFIGURATION SUMMARY D.B CONFIGURING HTTP URL REWRITE ACTIONS D.B.1 CONFIGURING REWRITE REQUEST-DELETE D.B.2 CONFIGURING REWRITE REQUEST-INSERT D.B.3 CONFIGURING REWRITE REQUEST-REPLACE E HTTP URL REWRITE COMMAND REFERENCE REWRITE REQUEST-DELETE REWRITE REQUEST-INSERT REWRITE REQUEST-REPLACE F. EXPLANATION OF OFFSETS G. DISPLAYING THE STATISTICS FOR ALL HTTP CONTENT REWRITES USAGE GUIDELINES CASE-INSENSITIVE MATCH FOR CONTENT SWITCHING WILDCARDS IN CSW RULES FOR URL PREFIXES DISPLAYING CSW INFORMATION DISPLAYING HEADER INFORMATION DISPLAYING CSW RULE INFORMATION DISPLAYING CSW POLICY INFORMATION ENABLING HTTP REDIRECT HTTP STATUS CODES HTTP REWRITE ON SERVER RESPONSE HTTP RESPONSE-HEADER REWRITE CONFIGURING HTTP HEADER RESPONSE REWRITE STEP 1: CREATE A CSW RULE SPECIFYING THE HEADER RESPONSE CODES STEP 2: CREATE A CSW RULE SPECIFYING THE STRING TO BE MODIFIED STEP 3: CREATE A CSW POLICY STEP 4: BIND CSW-POLICY TO THE VIRTUAL-SERVER PORT HTTP RESPONSE-BODY REWRITE: CONFIGURING HTTP BODY RESPONSE REWRITE STEP 1: CREATE A CSW RULE IDENTIFYING REQUESTS WHOSE RESPONSES HAVE TO BE MODIFIED 6-38 STEP 2: CREATE A CSW RULE SPECIFYING THE STRING TO BE MODIFIED STEP 3: CREATE A CSW POLICY STEP 4: BIND CSW-POLICY TO THE VIRTUAL-SERVER PORT SPECIFY CONTENT-TYPE TO ENABLE THIS FEATURE (OPTIONAL) SHOW COMMANDS DEBUG COMMANDS CONFIGURATION EXAMPLE USING MULTIPLE COOKIES UNDER VIRTUAL SERVER PORT CONFIGURING MULTIPLE UNIQUE COOKIE INSERTION WITH COOKIE PATH CONFIGURE COOKIE INSERTION WHEN A PARTICULAR CSW RULE IS HIT CONFIGURE COOKIE INSERTION IN DEFAULT MODE (WHEN NO CSW RULE IS HIT) SPECIFICATIONS CONFIGURATION GUIDELINES EXAMPLE xii 2007 Foundry Networks, Inc. April 7, 2008

15 SERVER AND SERVER PORT PERSISTENCE WITH CSW NESTED RULES CONFIGURING SERVER AND SERVER PORT PERSISTENCE WITH CSW NESTED RULES CONFIGURING PERSIST ON THE NESTED RULE CONFIGURING PERSIST ON THE REAL PORT USAGE EXAMPLE SECTION 2: LEGACY LAYER 7 SWITCHING FEATURES LAYER 7 SWITCHING METHODS URL SWITCHING SETTING UP BASIC URL SWITCHING CONFIGURING THE URL SWITCHING POLICIES CONFIGURING THE REAL SERVERS SETTING UP THE VIRTUAL SERVER CONFIGURATION EXAMPLE: TWO WEB SITES USING ONE VIP DEFINING THE URL SWITCHING POLICIES SETTING UP THE VIRTUAL SERVER SAMPLE URLS DIRECTING HTTP REQUESTS TO SPECIFIC TCP PORTS DEFINING THE URL SWITCHING POLICIES CONFIGURING THE REAL SERVERS SETTING UP THE VIRTUAL SERVER PREFIX-SUFFIX MATCHING METHOD SYNTAX CHANGE FOR URL SWITCHING POLICIES DISPLAYING URL SWITCHING POLICY INFORMATION DISPLAYING URL SWITCHING POLICY INFORMATION SETTING UP COOKIE SWITCHING CONFIGURING THE REAL SERVERS ENABLING COOKIE SWITCHING ON A VIRTUAL SERVER CONFIGURING COOKIE INSERTION A CONFIGURING THE SERVER TO SEND A SET-COOKIE HEADER CONFIGURING THE SERVERS ENABLING COOKIE SWITCHING ON THE VIRTUAL SERVER ENABLING COOKIE INSERTION SETTING THE COOKIE DOMAIN SETTING THE COOKIE PATH SETTING THE COOKIE AGE ENABLING COOKIE DELETION ENABLING COOKIE DAMAGE ALLOCATING ADDITIONAL MEMORY TO COOKIE HANDLING DISPLAYING COOKIE STATISTICS AND INFORMATION SETTING UP CONCURRENT URL SWITCHING AND COOKIE SWITCHING CONFIGURING THE URL SWITCHING POLICIES PREFIX-SUFFIX MATCHING METHOD IN A URL SWITCHING POLICY SYNTAX CHANGE FOR URL SWITCHING POLICIES CONFIGURING SERVER GROUPS AND SERVER IDS CONFIGURING THE SERVER TO SET A COOKIE ENABLING CONCURRENT URL AND COOKIE SWITCHING ON THE VIRTUAL SERVER HTTP HEADER INSERTION INSERTING THE ORIGINAL SOURCE IP ADDRESS INTO HTTP REQUESTS CLIENT IP INSERTION IN USER CONFIGURABLE HEADERS HTTP HEADER HASHING April 7, Foundry Networks, Inc. xiii

16 Server Load Balancing Guide ENABLING COOKIE HASHING CLEARING COOKIE HASHING BUCKET ALLOCATIONS AND STATISTICS ENABLING SELECTIVE COOKIE HASHING ENABLING URL STRING HASHING ENABLING URL SEGMENT HASHING SETTING UP THE SERVER GROUPS ENABLING URL SEGMENT HASHING ON A VIRTUAL SERVER DISPLAYING HASH BUCKET ASSIGNMENTS AND THE NUMBER OF HITS SECTION 3: ADVANCED L7 AND LEGACY L7 "COMMON FEATURES" CHANGING THE MAXIMUM NUMBER OF CONCURRENT L7 SWITCHING CONNECTIONS DROPPING HTTP REQUESTS DROPPING THE REQUESTS AFTER EXCEEDING THE MAXIMUM NUMBER OF CONNECTIONS DROPPING THE REQUESTS WHEN SERVERS ARE UNAVAILABLE CLEANING UP ALL HASHING BUCKETS L7 CONTENT BUFFERING OPTIONS CHANGING THE TCP WINDOW SIZE PREVENTING THE SERVERIRON FROM SENDING AN ACK TO THE CLIENT DISPLAYING L7 SWITCHING STATISTICS HTTP STATUS CODES SECTION 4: HTTP 1.1 SUPPORT FOR ADVANCED AND LEGACY L7 SWITCHING DEFAULT SETTINGS PREVENTING THE SERVERIRON FROM DOWNGRADING THE HTTP VERSION TO HTTP 1.1 SUPPORT SUPPORT FOR PIPELINING REQUESTS SUPPORT FOR EXISTING LAYER 7 FEATURES ENABLING THE KEEPALIVE MODE ENABLING THE TCP OFFLOAD MODE CLEARING ALL KEEPALIVE CONNECTIONS DISPLAYING SESSION INFORMATION DISPLAYING MORE CHARACTERS FOR SERVER FIELD ON "SHOW SERVER ALL" COMMAND OUTPUT DISPLAYING TRANSACTIONS AND CONNECTIONS SETTING UP SSL SESSION ID SWITCHING CONFIGURATION EXAMPLE CONFIGURING THE REAL SERVERS FOR SSL CONFIGURING THE VIRTUAL SERVER FOR SSL SESSION ID SWITCHING ADJUSTING THE AGE TIMER ADJUSTING THE MAXIMUM NUMBER OF SESSION_ID-TO-REAL-SERVER ASSOCIATIONS CHAPTER 7 HIGH AVAILABILITY OVERVIEW OF HIGH AVAILABILITY HOT STANDBY SLB HOT STANDBY PROTOCOL OPERATIONS STANDARD HOT STANDBY VIP AND SERVERS IN DIFFERENT SUBNETS SOURCE-NAT IN HOT STANDBY SEAMLESS FAILOVER IN HOT STANDBY WHEN SOURCE-NAT ENABLED xiv 2007 Foundry Networks, Inc. April 7, 2008

17 CONFIGURING A BACKUP GROUP ID SETTING THE BACKUP TIMER ENABLING BACKUP PREFERENCE CONFIGURING A SERVERIRON TO REMAIN IN STANDBY STATE CONFIGURING THE FORWARDING OF SYNCHING MESSAGES REAL/VIRTUAL SERVER CONFIGURATION EXAMPLE SYMMETRIC SLB MINIMUM REQUIRED CONFIGURATION FAILOVER CONDITIONS ENABLING SESSION SYNCHRONIZATION ON A PORT SYMMETRIC SLB IN A IPSEC/IKE CONFIGURATION ACTIVE SERVERIRON STANDBY SERVERIRON CONFIGURING THE INTERVAL AND WAIT TIME FOR SSLB DISCOVERY PACKETS CONFIGURING DYNAMIC PRIORITY COMMANDS ON SERVERIRON A COMMANDS ON SERVERIRON B DISPLAYING DYNAMIC PRIORITY INFORMATION CONFIGURING DELAY REACTIVATION DISPLAYING SSLB INFORMATION VIP FAILOVER FOLLOWING A LINK FAILURE CONFIGURING VIP FAILOVER IN VRRP EXTENDED WITH SYMMETRIC SLB CONFIGURING VLAN OPTION FOR ACTIVE-ACTIVE LINKS ALLOWING PASS-THROUGH TRAFFIC TO A VIP FAST SESSION SYNCHRONIZATION WITH VRRP CONFIGURING THE OWNER CONFIGURING A BACKUP VRRP-E TRACK PORT INCREASE TRACKING TRUNK PORTS WITH VRRP-E CONFIGURING TRACKING TRUNK PORTS WITH VRRP-E SAMPLE CONFIGURATION SAMPLE CONFIGURATION SI-A SI-B SYM-ACTIVE SLB DIFFERENCE BETWEEN SYM-ACTIVE VS SYMMETRIC SLB MINIMUM REQUIRED CONFIGURATION LAYER 3 SYM-ACTIVE COMMANDS FOR ROUTER NI COMMANDS FOR SERVERIRON COMMANDS FOR ROUTER NI COMMANDS FOR SERVERIRON SYM-ACTIVE IN AN IPSEC/IKE LOAD BALANCING CONFIGURATION SERVERIRON A SERVERIRON B MULTIPLE HIGH AVAILABILITY SLB PAIRS IN THE SAME VLAN HOT STANDBY TOPOLOGY CONFIGURING A BACKUP-GROUP ID April 7, Foundry Networks, Inc. xv

18 Server Load Balancing Guide SYMMETRIC TOPOLOGY CONFIGURING A SYMMETRIC GROUP ID VRRP AND VRRPE ENABLING VRRP AND BINDING A VIP GROUP TO A VIRTUAL ROUTER ID xvi 2007 Foundry Networks, Inc. April 7, 2008

19 Chapter 1 About this Guide Introduction This guide describes the features of provides configuration procedures for Foundry ServerIron devices. This chapter contains the following information: Audience on page 1-1 Conventions on page 1-1 Related Documentation on page 1-2 How to Get Help on page 1-2 Audience This guide is intended for network engineers with a basic knowledge of switching, routing, and application traffic management. Conventions This guide uses the following typographical conventions to describe information: Italic Bold Bold Highlights the title of another publication or emphasizes a word or phrase. Indicates code that is entered exactly as shown. Indicates a command or keyword that can be entered exactly as is. NOTE: A note emphasizes an important fact or calls your attention to a dependency. WARNING: A warning calls your attention to a possible hazard that can cause injury or death. CAUTION: A caution calls your attention to a possible hazard that can damage equipment. April 7, 2008 Foundry Networks, Inc. 1-1

20 Server Load Balancing Guide Related Documentation For more information, refer to the following Foundry Networks ServerIron documentation: Release Notes for ServerIron Switch and Router Software TrafficWorks provides a list of new features and enhancements, upgrade procedures, and bug fixes. ServerIron TrafficWorks Graphical User Interface provides details on the graphical user interface for the ServerIron family of application delivery controllers. ServerIron TrafficWorks Server Load Balancing Guide describes basic Server Load Balancing configurations for the ServerIron product family. It covers the following features: Server Load Balancing, Stateless Server Load Balancing, Health Checks, Layer 7 Content Switching, and High Availability ServerIron TrafficWorks Advanced Server Load Balancing Guide discusses Advanced Server Load Balancing concepts for the ServerIron product family. It covers the following features: are SIP Server Load Balancing, Transparent Cache Switching, IDS Server Load Balancing, HTTP Compression, and Total Content Analysis ServerIron TrafficWorks Global Server Load Balancing Guide explains how one can achieve site level redundancy and data center site failure protection using Global Server Load Balancing feature of ServerIron ServerIron TrafficWorks Security Guide describes Security features of ServerIron product family. It covers the following features: are Secure Socket Layer (SSL) Acceleration, Web Application Firewall, Deep Packet Scan, Access Control List, and Network Address Translation ServerIron TrafficWorks Administration Guide discusses different administrative configurations for the ServerIron product family. ServerIron TrafficWorks Switching and Routing Guide describes switching and routing configurations on the ServerIron product family Foundry ServerIron Hardware Installation Guide provides the physical characteristics, power consumption, and performance capabilities of the ServerIron chassis switch families, and explains how to set up and install the switches and their modules. Foundry ServerIron Firewall Load Balancing Guide provides detailed feature descriptions, procedures, and application examples for Firewall Load Balancing. Foundry Management Information Base Reference presents the Simple Network Management Protocol (SNMP) Management Information Base (MIB) objects that are supported on Foundry devices. NOTE: For the latest edition of this document, which contains the most up-to-date information, see Product Manuals at kp.foundrynet.com. Reporting Documentation Errors If you find errors in this document, please report the error by going to kp.foundrynet.com. After you login in, click Cases > Create a New Ticket. Make sure you specify the document title in the ticket description. How to Get Help Foundry Networks technical support will ensure that the fast and easy access that you have come to expect from your Foundry Networks products will be maintained. Web Access Foundry Networks, Inc. April 7, 2008

21 About this Guide Access Technical requests can also be sent to the following address: Telephone Access TURBOCALL ( ) United States Outside the United States April 7, 2008 Foundry Networks, Inc. 1-3

22 Server Load Balancing Guide 1-4 Foundry Networks, Inc. April 7, 2008

23 Chapter 2 New Features and Enhancements This chapter lists new ServerIron features by release, and directs you to their descriptions in the documentation. This chapter contains information about the following releases: Software Dependencies for Hardware Platforms on page 2-1 Features and Enhancements for Release on page 2-2 Features and Enhancements for Release on page 2-4 Features and Enhancements for Release b on page 2-5 Features and Enhancements for Release a on page 2-6 Features and Enhancements for Release on page 2-7 Features and Enhancements for Release on page 2-8 Features and Enhancements for Release on page 2-10 Software Dependencies for Hardware Platforms The ServerIron WSM7 management module requires software release l or later. 3-slot chassis (GT-C series or SI 350) is supported from software release g onwards. ServerIron 4G series is supported from release a onwards. The software enhancements/features available on chassis based systems with release a are available on 4G family from software release onwards. April 7, Foundry Networks, Inc. 2-1

24 Server Load Balancing Guide Features and Enhancements for Release The following new features and enhancements are available with ServerIron software release : Enhanced Web Graphical User Interface ServerIron Release adds an enhanced Web Graphical User Interface (GUI) to configure and maintain real servers, virtual server servers, and content switching features. This feature is documented in the ServerIron TrafficWorks Graphical User Interface Guide. Role Based Management ServerIron Release allows users to create different administrative domains and enable user-based access privileges on ServerIron. This feature is documented in the Role Based Management chapter of the ServerIron TrafficWorks Administration Guide. Stateful UDP Based SIP Server Load Balancing ServerIron Release enhances the current SIP feature by making it stateful and by adding intelligence for handling varying caller-id situations. This feature is documented in the SIP chapter of the ServerIron TrafficWorks Advanced Server Load Balancing Guide. SIP Security ServerIron Release allows the ServerIron to identify incorrect SIP headers, undefined application ports, and non-supported SIP methods, and then logs and/or drops the appropriate packets. This feature is documented in the SIP chapter of the ServerIron TrafficWorks Advanced Server Load Balancing Guide. Source PAT for SSL Service Modules ServerIron Release enhances the existing functionality to use source ports instead of source IP address to properly identify SSL terminated response traffic and thereby eliminate the requirement of source- NAT with SSL service modules. This feature is documented in the SSL chapter of the ServerIron TrafficWorks Security Guide. Identifying VIP Port as TCP Only or UDP Only ServerIron Release allows ServerIron to explicitly identify an application port to be "TCP only" or "UDP only". This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Prioritizing Management Traffic ServerIron Release enhances the ServerIron TrafficWorks software to give priority to management traffic, such as telnet and SSH, over other web traffic to facilitate uninterrupted access to the ServerIron switches even under heavy load conditions. This feature is documented in the Network Security chapter of the ServerIron TrafficWorks Security Guide. Health Check Policy for VIP Port ServerIron Release enhances the ServerIron TrafficWorks software to allow more granular health check definitions. This feature is documented in the Health Check chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Minimum Healthy Real Servers under VIP Port ServerIron Release enhances the ServerIron TrafficWorks software to allow the user to specify Foundry Networks, Inc. April 7, 2008

25 New Features and Enhancements "minimum number of healthy real servers" under virtual server definition. This feature is documented in the Health Check chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Server Port Bring Up Enhancement ServerIron Release allows the user to configure retries for bringup, so that ServerIron will bringup a port only after the configured number of retries have passed. This feature is documented in the Health Check chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Scripted Health Check for UDP Ports ServerIron Release enhances the TrafficWorks software to perform customizable scripted health checks for UDP protocol. This feature is documented in the Health Check chapter of the ServerIron TrafficWorks Server Load Balancing Guide. GSLB Domain-Level Affinity ServerIron Release enhances the TrafficWorks software to perform GSLB IP Affinity at Host Level. This feature is documented in the ServerIron TrafficWorks Global Server Load Balancing Guide. PBSLB Pool Failsafe Group ServerIron Release enhances the Policy Based Server Load Balancing (PBSLB) functionality and allows ServerIron to direct traffic away from a given server pool to a "default pool" in case all the servers in server pool become unavailable. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Increase Sticky-age per VIP longer than 60 minutes ServerIron Release allows ServerIron to specify longer sticky age values (up to 24 hours) per VIP port. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Support for RIP Timers ServerIron Release enhances the current functionality by providing support for RIP timers, such as update, aging, and garbage collection. This feature is documented in the Routing chapter of the ServerIron TrafficWorks Switching and Routing Guide. Increase SSL Certificate Count to 512 ServerIron Release increases the maximum number of SSL certificates that ServerIron supports. This feature is documented in the SSL chapter of the ServerIron TrafficWorks Security Guide. Per Server Based Real Server Backup ServerIron Release enhances the existing ServerIron functionality to allow backup server definition on a per server basis. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. April 7, Foundry Networks, Inc. 2-3

26 Server Load Balancing Guide Features and Enhancements for Release The following new features and enhancements are available with ServerIron software release : Policy Based Caching Enhancement This feature enhances policy based caching to allow configuration of a separate set of filters for each cachegroup. This feature is documented in the Transparent Cache Switching chapter of the ServerIron TrafficWorks Advanced Server Load Balancing Guide. Weighted Distribution of Sites with Hash-Based Persistence This feature allows the user to maintain persistence and to determine what percentage of the traffic goes to a particular domain IP address. This feature is documented in the ServerIron TrafficWorks Global Server Load Balancing Guide. GSLB Hash Based Site Persistence with Configurable Subnet Mask Length This feature allows specification of subnet mask while doing GSLB site persistence. The GSLB controller will take into account both source IP address and the subnet mask length before determining the site IP address. This feature is documented in the ServerIron TrafficWorks Global Server Load Balancing Guide. Track Group Health Check for Real Servers This feature allows tracking of multiple application ports under real server definition. If the health of one of the application ports fail, the aggregated health wii be marked as fail. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Binary Scripted Health Check This feature allows ServerIron to send binary data (carray format) after doing 3-way TCP handshake with the backend server. This feature is documented in the Health Checks chapter of the ServerIron TrafficWorks Server Load Balancing Guide. HTTP Rewrite on Server Response This feature allows ServerIron to do content rewrite on the server response packets for greater flexibility. The content rewrite engine engine allows rewrite on both http headers and http data. This feature is documented in the Layer 7 Switching chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Using Multiple Cookies Under Virtual Server Port This feature adds support for multiple cookies. Based on a URL or any content information contained in a HTTP request, this feature allows ServerIron to introduce client user agent a unique cookie with different attributes, such as domain, path, expiration time, etc. This feature is documented in the Layer 7 Switching chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Server and Server Port Persistence with CSW Nested Rules This feature is to be used with the persistence on the group or server id. This is useful when the customer has multiple ports configured on the same group or server, and wants to direct the request to the particular port instead of load balancing among all the ports. This feature is documented in the Layer 7 Switching chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Displaying More Characters for Server Field on "Show Server All" Command Output This enhancement provides user a configurable option to display long server names by masking other Foundry Networks, Inc. April 7, 2008

27 New Features and Enhancements columns such as "Next" column. This feature is documented in the Layer 7 Switching chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Features and Enhancements for Release b The following new features and enhancements are available with ServerIron software release b: DST Change Notice for Networks Using US Time Zones A new command is required. This feature is documented in the ServerIron TrafficWorks Administration Guide. Web Application Firewall This feature enables the ServerIron to analyze incoming client requests for violations in web security policy. This feature is documented in the Web Aplication Firewall chapter of the ServerIron TrafficWorks Security Guide. HTTP Compression This feature allows the ServerIron to compress HTTP response data to the clients if the client browser is capable of decompressing it. This feature is documented in the HTTP Compression chapter of the ServerIron TrafficWorks Advanced Server Load Balancing Guide. Dynamic Weighted Predictor This feature enables ServerIron to make load balancing decisions using real time server resource usage information, such as CPU utilization and memory consumption. This feature is documented in the Server Load Balancing chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Dynamic NAT for Real Servers Using Virtual Server Address This feature enhances dynamic NAT functionality by enabling the ServerIron to use virtual server address as dynamic NAT address for real servers. This feature is documented in the Server Load Balancing chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Deletion of UDP Data Session Along With TCP Control Session For RTSP This feature enables the ServerIron to track both control and data sessions for RTSP even if they are carried over separate transport layer protocols. This feature is documented in the Server Load Balancing chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Tracking Trunk Ports with VRRP-E This feature enables the ServerIron to track the failure of individual ports within trunk link and associate it with VRRP-E. This feature is documented in the High Availability chapter of the ServerIron TrafficWorks Server Load Balancing Guide. SSL Debug and Troubleshooting Commands This enhancement enables ServerIron to insert the client certificate or several fields from the client certificate into the HTTP header for backend communication with the real servers. This feature is documented in the SSL chapter of the ServerIron TrafficWorks Security Guide. April 7, Foundry Networks, Inc. 2-5

28 Server Load Balancing Guide Track Port and Track Group Support for SSL Terminated Traffic This release adds track-port and track-group support for SSL terminated traffic. This feature is documented in the SSL chapter of the ServerIron TrafficWorks Security Guide. Enhanced VIP Group Support This release helps grouping of several virtual server addresses and associating them with the VRRP-E tracking mechanism. This feature is documented in the High Availability chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Increase in the Size of PBSLB List (SPAM List) The SPAM mitigation feature supported up to 5 Million IP prefix entries. This release increases this capability for up to 7 Million entries. This feature is documented in the Server Load Balancing chapter of the ServerIron TrafficWorks Server Load Balancing Guide. SNMP MIB Enhancement for GSLB Site The release adds an SNMP MIB for show gslb site. This feature is documented in the Foundry MIB Guide. Features and Enhancements for Release a The following new features and enhancements are available with ServerIron software release a: SSL Support Secure Socket Layer (SSL) support is added in this realease. This feature is documented in the SSL chapter of the ServerIron TrafficWorks Server Load Balancing Guide. ServerIron 4G Series Two new stackable switches: ServerIron 4G and ServerIron 4G-SSL are added in this realease. This feature is documented in the ServerIron Hardware Install Guide. FIN close for server health check You now have the option to use FIN instead of RESET to close TCP connections. This feature is documented in the Health Check chapter of the ServerIron TrafficWorks Server Load Balancing Guide. SSHv2 support SSHv2 is now supported on ServerIron products This feature is documented in the the ServerIron TrafficWorks Administration Guide. Auto repeat of Show Command output You can now assign a repeat function to any show command for periodic informational displays. Auto Repeat of Show Command Output. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide. Binding same real ports to multiple VIP ports You can now bind more than one VIP to the same application service on real servers that are listening on different ports. This feature is documented in the SLB chapter of the ServerIron TrafficWorks Server Load Balancing Guide Foundry Networks, Inc. April 7, 2008

ServerIron TrafficWorks Firewall Load Balancing Guide

ServerIron TrafficWorks Firewall Load Balancing Guide ServerIron TrafficWorks Firewall Load Balancing Guide ServerIron 4G Series ServerIronGT C Series ServerIronGT E Series ServerIron 350 & 350-PLUS ServerIron 350 & 350-PLUS ServerIron 450 & 450-PLUS Release

More information

Exam Name: Foundry Networks Certified Layer4-7 Professional Exam Type: Foundry Exam Code: FN0-240 Total Questions: 267

Exam Name: Foundry Networks Certified Layer4-7 Professional Exam Type: Foundry Exam Code: FN0-240 Total Questions: 267 Question: 1 SYN-Guard and SYN-Defense can be configured on: A. ServerIron XL B. ServerIron 100 C. ServerIron 400 D. ServerIron 800 E. ServerIron 450 F. ServerIron 850 G. ServerIron GT-E, C, D, E, F, G

More information

Server Iron Hands-on Training

Server Iron Hands-on Training Server Iron Hands-on Training Training Session Agenda Server Iron L4 Solutions Server Iron L7 Solutions Server Iron Security Solutions High Availability Server Iron Designs 2 Four Key Reasons for Server

More information

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing Introduction to ServerIron ADX Application Switching and Load Balancing Student Guide Revision : Introduction to ServerIron ADX Application Switching and Load Balancing Corporate Headquarters - San

More information

53-1002684-01 17 December 2012. ServerIron ADX. Firewall Load Balancing Guide. Supporting Brocade ServerIron ADX version 12.5.00

53-1002684-01 17 December 2012. ServerIron ADX. Firewall Load Balancing Guide. Supporting Brocade ServerIron ADX version 12.5.00 17 December 2012 ServerIron ADX Firewall Load Balancing Guide Supporting Brocade ServerIron ADX version 12.5.00 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol,

More information

Deploying SAP NetWeaver Infrastructure with Foundry Networks ServerIron Deployment Guide

Deploying SAP NetWeaver Infrastructure with Foundry Networks ServerIron Deployment Guide Deplloyiing SAP NetWeaver Inffrastructure s wiith Foundry Networks ServerIron Deployment Guide July 2008 Copyright Foundry Networks Page 1 Table of Contents Executive Overview... 3 Deployment Architecture...

More information

Advanced SLB High Availability and Stateless SLB

Advanced SLB High Availability and Stateless SLB Advanced SLB High Availability and Stateless SLB Objectives Upon completion of this module, you will be able to: Describe Server Load Balancing (SLB) high availability Distinguish between different high

More information

Understanding Slow Start

Understanding Slow Start Chapter 1 Load Balancing 57 Understanding Slow Start When you configure a NetScaler to use a metric-based LB method such as Least Connections, Least Response Time, Least Bandwidth, Least Packets, or Custom

More information

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON APPLICATION NOTE GLOBAL SERVER LOAD BALANCING WITH SERVERIRON Growing Global Simply by connecting to the Internet, local businesses transform themselves into global ebusiness enterprises that span the

More information

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers Layer 4-7 Server Load Balancing Security, High-Availability and Scalability of Web and Application Servers Foundry Overview Mission: World Headquarters San Jose, California Performance, High Availability,

More information

GLBP - Gateway Load Balancing Protocol

GLBP - Gateway Load Balancing Protocol GLBP - Gateway Load Balancing Protocol Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy

More information

FortiOS Handbook - Load Balancing VERSION 5.2.2

FortiOS Handbook - Load Balancing VERSION 5.2.2 FortiOS Handbook - Load Balancing VERSION 5.2.2 FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE

More information

53-1002685-01 17 December 2012. ServerIron ADX. Global Server Load Balancing Guide. Supporting Brocade ServerIron ADX version 12.5.

53-1002685-01 17 December 2012. ServerIron ADX. Global Server Load Balancing Guide. Supporting Brocade ServerIron ADX version 12.5. 17 December 2012 ServerIron ADX Global Server Load Balancing Guide Supporting Brocade ServerIron ADX version 12.5.00 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol,

More information

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 6: Content Switching (CSW) Revision 0310

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 6: Content Switching (CSW) Revision 0310 Introduction to ServerIron ADX Application Switching and Load Balancing Module 6: Content Switching (CSW) Revision 0310 Objectives Upon completion of this module the student will be able to: Define layer

More information

Configuring Health Monitoring

Configuring Health Monitoring CHAPTER 6 This chapter describes how to configure the health monitoring on the CSM and contains these sections: Configuring Probes for Health Monitoring, page 6-1 Configuring Route Health Injection, page

More information

BCLP in a Nutshell Study Guide for Exam 150-420. Exam Preparation Materials

BCLP in a Nutshell Study Guide for Exam 150-420. Exam Preparation Materials BCLP in a Nutshell Study Guide for Exam 150-420 Exam Preparation Materials Revision August 2010 Corporate Headquarters - San Jose, CA USA T: (408) 333-8000 info@brocade.com European Headquarters - Geneva,

More information

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3 Load Balancing FortiOS Handbook v3 for FortiOS 4.0 MR3 FortiOS Handbook Load Balancing v3 8 February 2012 01-431-99686-20120208 Copyright 2012 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and

More information

Cisco ASA, PIX, and FWSM Firewall Handbook

Cisco ASA, PIX, and FWSM Firewall Handbook Cisco ASA, PIX, and FWSM Firewall Handbook David Hucaby, CCIE No. 4594 Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA Contents Foreword Introduction xxii xxiii Chapter 1 Firewall

More information

Configuring Health Monitoring

Configuring Health Monitoring CHAPTER4 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features that are described in this chapter apply to both IPv6 and IPv4 unless

More information

Cisco Application Networking Manager Version 2.0

Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment

More information

Firewall Load Balancing

Firewall Load Balancing CHAPTER 6 This chapter describes the (FWLB) feature. It includes the following sections: FWLB Overview, page 6-1 FWLB Features, page 6-2 FWLB Configuration Tasks, page 6-3 Monitoring and Maintaining FWLB,

More information

Exam : EE0-511. : F5 BIG-IP V9 Local traffic Management. Title. Ver : 12.19.05

Exam : EE0-511. : F5 BIG-IP V9 Local traffic Management. Title. Ver : 12.19.05 Exam : EE0-511 Title : F5 BIG-IP V9 Local traffic Management Ver : 12.19.05 QUESTION 1 Which three methods can be used for initial access to a BIG-IP system? (Choose three.) A. serial console access B.

More information

FortiOS Handbook Load Balancing for FortiOS 5.0

FortiOS Handbook Load Balancing for FortiOS 5.0 FortiOS Handbook Load Balancing for FortiOS 5.0 FortiOS Handbook Load Balancing for FortiOS 5.0 November 6, 2012 01-500-99686-20121106 Copyright 2012 Fortinet, Inc. All rights reserved. Fortinet, FortiGate,

More information

Configuring Stickiness

Configuring Stickiness CHAPTER5 This chapter describes how to configure stickiness (sometimes referred to as session persistence) on an ACE module. It contains the following major sections: Stickiness Overview Configuration

More information

Deployment Guide Microsoft IIS 7.0

Deployment Guide Microsoft IIS 7.0 Deployment Guide Microsoft IIS 7.0 DG_IIS_022012.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 3 Deployment Guide Prerequisites... 4 4 Accessing the AX Series Load Balancer...

More information

642 523 Securing Networks with PIX and ASA

642 523 Securing Networks with PIX and ASA 642 523 Securing Networks with PIX and ASA Course Number: 642 523 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional and the Cisco Firewall

More information

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM NOTE: Foundry s ServerIron load balancing switches have been certified in Microsoft s load balancing LCS 2005 interoperability labs. Microsoft experts executed a variety of tests against Foundry switches.

More information

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 5: Server Load Balancing (SLB) Revision 0310

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 5: Server Load Balancing (SLB) Revision 0310 Introduction to ServerIron ADX Application Switching and Load Balancing Module 5: Server Load Balancing (SLB) Revision 0310 Objectives Upon completion of this module the student will be able to: Describe

More information

HP Load Balancing Module

HP Load Balancing Module HP Load Balancing Module Load Balancing Configuration Guide Part number: 5998-2685 Document version: 6PW101-20120217 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P.

More information

Configuring the BIG-IP and Check Point VPN-1 /FireWall-1

Configuring the BIG-IP and Check Point VPN-1 /FireWall-1 Configuring the BIG-IP and Check Point VPN-1 /FireWall-1 Introducing the BIG-IP and Check Point VPN-1/FireWall-1 LB, HALB, VPN, and ELA configurations Configuring the BIG-IP and Check Point FireWall-1

More information

Deployment Guide AX Series with Citrix XenApp 6.5

Deployment Guide AX Series with Citrix XenApp 6.5 Deployment Guide AX Series with Citrix XenApp 6.5 DG_XenApp_052012.1 TABLE OF CONTENTS 1 Introduction... 4 1 Deployment Guide Overview... 4 2 Deployment Guide Prerequisites... 4 3 Accessing the AX Series

More information

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365 Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365 DG_ADFS20_120907.1 TABLE OF CONTENTS 1 Overview... 4 2 Deployment Guide Overview... 4 3 Deployment Guide Prerequisites...

More information

Basic & Advanced Administration for Citrix NetScaler 9.2

Basic & Advanced Administration for Citrix NetScaler 9.2 Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios

More information

Chapter 2 Quality of Service (QoS)

Chapter 2 Quality of Service (QoS) Chapter 2 Quality of Service (QoS) Software release 06.6.X provides the following enhancements to QoS on the HP 9304M, HP 9308M, and HP 6208M-SX routing switches. You can choose between a strict queuing

More information

Services. Vyatta System. REFERENCE GUIDE DHCP DHCPv6 DNS Web Caching LLDP VYATTA, INC.

Services. Vyatta System. REFERENCE GUIDE DHCP DHCPv6 DNS Web Caching LLDP VYATTA, INC. VYATTA, INC. Vyatta System Services REFERENCE GUIDE DHCP DHCPv6 DNS Web Caching LLDP Vyatta Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com 650 413 7200 1 888 VYATTA 1 (US and Canada) COPYRIGHT

More information

VERITAS Cluster Server Traffic Director Option. Product Overview

VERITAS Cluster Server Traffic Director Option. Product Overview VERITAS Cluster Server Traffic Director Option Product Overview V E R I T A S W H I T E P A P E R Table of Contents Traffic Director Option for VERITAS Cluster Server Overview.............................................1

More information

IOS Server Load Balancing

IOS Server Load Balancing IOS Server Load Balancing This feature module describes the Cisco IOS Server Load Balancing (SLB) feature. It includes the following sections: Feature Overview, page 1 Supported Platforms, page 5 Supported

More information

Content Networking Fundamentals

Content Networking Fundamentals Content Networking Fundamentals Silvano Da Ros Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA X Contents Introduction Part I Overview of Content Networking 3 Chapter 1 Introducing Content

More information

What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0

What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0 What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0 PB458841 Product Overview The Cisco ACE Application Control Engine Module

More information

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap Outline Network Virtualization and Data Center Networks 263-3825-00 DC Virtualization Basics Part 2 Qin Yin Fall Semester 2013 More words about VLAN Virtual Routing and Forwarding (VRF) The use of load

More information

IOS Server Load Balancing

IOS Server Load Balancing IOS Server Load Balancing This feature module describes the Cisco IOS Server Load Balancing (SLB) feature. It includes the following sections: Feature Overview, page 1 Supported Platforms, page 5 Supported

More information

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to

More information

Avaya P330 Load Balancing Manager User Guide

Avaya P330 Load Balancing Manager User Guide Avaya P330 Load Balancing Manager User Guide March 2002 Avaya P330 Load Balancing Manager User Guide Copyright 2002 Avaya Inc. ALL RIGHTS RESERVED The products, specifications, and other technical information

More information

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary Course Summary Description The objective of this course is to provide the foundational concepts and teach the skills necessary to implement, configure, secure and monitor a Citrix NetScaler system with

More information

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch DATA CENTER Best Practices for High Availability Deployment for the Brocade ADX Switch CONTENTS Contents... 2 Executive Summary... 3 Introduction... 3 Brocade ADX HA Overview... 3 Hot-Standby HA... 4 Active-Standby

More information

Transparent Cache Switching Using Brocade ServerIron and Blue Coat ProxySG

Transparent Cache Switching Using Brocade ServerIron and Blue Coat ProxySG Transparent Cache Switching Using Brocade ServerIron and Blue Coat ProxySG This document provides best-practice guidance for Brocade ServerIron ADC deployments using Transparent Cache Switching (TCS) with

More information

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002. Load Balancing and Sessions C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002. Scalability multiple servers Availability server fails Manageability Goals do not route to it take servers

More information

Firewall. Vyatta System. REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall VYATTA, INC.

Firewall. Vyatta System. REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall VYATTA, INC. VYATTA, INC. Vyatta System Firewall REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall Vyatta Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com 650 413 7200 1 888 VYATTA 1 (US and

More information

Chapter 8 Router and Network Management

Chapter 8 Router and Network Management Chapter 8 Router and Network Management This chapter describes how to use the network management features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. These features can be found by

More information

ServerIron 10.2.01 Combined Patch Release Notes

ServerIron 10.2.01 Combined Patch Release Notes ServerIron 10.2.01 Combined Patch Release Notes This release note is a supplement to the ServerIron 10.2.01 Release Notes. It includes software fixes in patch releases 10.2.01a through 10.2.01g. For the

More information

APV9650. Application Delivery Controller

APV9650. Application Delivery Controller APV9650 D a t a S h e e t Application Delivery Controller Array Networks APV Series of Application Delivery Controllers optimizes the availability, user experience, performance, security and scalability

More information

150-420. Brocade Certified Layer 4-7 Professional 2010. Version: Demo. Page <<1/8>>

150-420. Brocade Certified Layer 4-7 Professional 2010. Version: Demo. Page <<1/8>> 150-420 Brocade Certified Layer 4-7 Professional 2010 Version: Demo Page QUESTION NO: 1 Given the command shown below, which statement is true? aaa authentication enable default radius local A.

More information

Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router

Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router Product Overview The Cisco Content Switching Module (CSM) is a Catalyst 6500 line card that balances client traffic to farms

More information

NETASQ MIGRATING FROM V8 TO V9

NETASQ MIGRATING FROM V8 TO V9 UTM Firewall version 9 NETASQ MIGRATING FROM V8 TO V9 Document version: 1.1 Reference: naentno_migration-v8-to-v9 INTRODUCTION 3 Upgrading on a production site... 3 Compatibility... 3 Requirements... 4

More information

vrealize Automation Load Balancing

vrealize Automation Load Balancing vrealize Automation Load Balancing Configuration Guide Version 6.2 T E C H N I C A L W H I T E P A P E R A U G U S T 2 0 1 5 V E R S I O N 1. 0 Table of Contents Introduction... 4 Load Balancing Concepts...

More information

SonicOS 5.9 / 6.0.5 / 6.2 Log Events Reference Guide with Enhanced Logging

SonicOS 5.9 / 6.0.5 / 6.2 Log Events Reference Guide with Enhanced Logging SonicOS 5.9 / 6.0.5 / 6.2 Log Events Reference Guide with Enhanced Logging 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION:

More information

Availability Digest. www.availabilitydigest.com. Redundant Load Balancing for High Availability July 2013

Availability Digest. www.availabilitydigest.com. Redundant Load Balancing for High Availability July 2013 the Availability Digest Redundant Load Balancing for High Availability July 2013 A large data center can comprise hundreds or thousands of servers. These servers must not only be interconnected, but they

More information

Barracuda Link Balancer

Barracuda Link Balancer Barracuda Networks Technical Documentation Barracuda Link Balancer Administrator s Guide Version 2.2 RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks www.barracuda.com v2.2-110503-01-0503

More information

High Availability. Vyatta System

High Availability. Vyatta System VYATTA, INC. Vyatta System High Availability REFERENCE GUIDE WAN Load Balancing VRRP Clustering Stateful NAT and Firewall Failover RAID 1 Configuration Synchronization Vyatta Suite 200 1301 Shoreway Road

More information

Managing Virtual Servers

Managing Virtual Servers CHAPTER 4 Content Switching Module Device Manager (CVDM-CSM) displays details of existing virtual servers and enables users to perform detailed tasks that include creating or deleting virtual servers,

More information

F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11. Description

F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11. Description F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11 Description This four-day course gives networking professionals a functional understanding of the BIG-IP LTM v11 system as it is commonly used, as

More information

ExamPDF. Higher Quality,Better service!

ExamPDF. Higher Quality,Better service! ExamPDF Higher Quality,Better service! Q&A Exam : 1Y0-A21 Title : Basic Administration for Citrix NetScaler 9.2 Version : Demo 1 / 5 1.Scenario: An administrator is working with a Citrix consultant to

More information

SERVERIRON INTERNET TRAFFIC MANAGEMENT

SERVERIRON INTERNET TRAFFIC MANAGEMENT Internet IronWare Feature Set Includes SwitchBack, Symmetric Server Load Balancing, Global Server Load Balancing, and Firewall Load Balancing High Performance Layer 4-7 Application Enabled Switching Concurrent

More information

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX NOTE: This is an advisory document to be used as an aid to resellers and IT staff looking to use the Edgewater 4550 in conjunction with

More information

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev.

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev. Management Software AT-S106 Web Browser User s Guide For the AT-GS950/48 Gigabit Ethernet Smart Switch Version 1.0.0 613-001339 Rev. A Copyright 2010 Allied Telesis, Inc. All rights reserved. No part of

More information

Chapter 11 Network Address Translation

Chapter 11 Network Address Translation Chapter 11 Network Address Translation You can configure an HP routing switch to perform standard Network Address Translation (NAT). NAT enables private IP networks that use nonregistered IP addresses

More information

Citrix NetScaler 10 Essentials and Networking

Citrix NetScaler 10 Essentials and Networking Citrix NetScaler 10 Essentials and Networking CNS205 Rev 04.13 5 days Description The objective of the Citrix NetScaler 10 Essentials and Networking course is to provide the foundational concepts and advanced

More information

High Availability. FortiOS Handbook v3 for FortiOS 4.0 MR3

High Availability. FortiOS Handbook v3 for FortiOS 4.0 MR3 High Availability FortiOS Handbook v3 for FortiOS 4.0 MR3 FortiOS Handbook High Availability v3 2 May 2014 01-431-99686-20140502 Copyright 2014 Fortinet, Inc. All rights reserved. Fortinet, FortiGate,

More information

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to

More information

Configuring VIP and Virtual IP Interface Redundancy

Configuring VIP and Virtual IP Interface Redundancy CHAPTER 6 Configuring VIP and Virtual IP Interface Redundancy This chapter describes how to plan for and configure Virtual IP (VIP) and Virtual IP Interface Redundancy on the CSS. Information in this chapter

More information

Equalizer Installation and Administration Guide

Equalizer Installation and Administration Guide Equalizer Installation and Administration Guide Version 8.6 October 2010 Coyote Point Systems, Inc. 675 North First Street Suite 975 San Jose, California 95112 Copyright 1997-2010 Coyote Point Systems

More information

CNS-205 Citrix NetScaler 10.5 Essentials and Networking

CNS-205 Citrix NetScaler 10.5 Essentials and Networking CNS-205 Citrix NetScaler 10.5 Essentials and Networking The objective of the Citrix NetScaler 10.5 Essentials and Networking course is to provide the foundational concepts and advanced skills necessary

More information

A Standard Modest WebSite

A Standard Modest WebSite A Standard Modest WebSite 3-tier application using Servlets and JDBC HTTP Servlet JDBC JSP...... Servlet DBMS Clients Application Server Roadmap Want to grow to robust enterprise-scale systems: replicated

More information

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing DG_PAFWLB_120718.1 TABLE OF CONTENTS 1 Overview... 4 2 Deployment Prerequisites... 4 3 Architecture Overview... 5 4 Access Credentials...

More information

BCLE in a Nutshell Study Guide for Exam 150-320. Exam Preparation Materials

BCLE in a Nutshell Study Guide for Exam 150-320. Exam Preparation Materials BCLE in a Nutshell Study Guide for Exam 150-320 Exam Preparation Materials Revision May 2010 Corporate Headquarters - San Jose, CA USA T: (408) 333-8000 info@brocade.com European Headquarters - Geneva,

More information

SonicWALL NAT Load Balancing

SonicWALL NAT Load Balancing SonicWALL NAT Load Balancing Overview This feature module will detail how to configure the Network Address Translation (NAT) & Load Balancing (LB) features in SonicOS Enhanced 4.0 and newer, to balance

More information

Load Balancing Trend Micro InterScan Web Gateway

Load Balancing Trend Micro InterScan Web Gateway Load Balancing Trend Micro InterScan Web Gateway Deployment Guide rev. 1.1.7 Copyright 2002 2015 Loadbalancer.org, Inc. 1 Table of Contents About this Guide... 3 Loadbalancer.org Appliances Supported...

More information

HP TippingPoint Security Management System User Guide

HP TippingPoint Security Management System User Guide HP TippingPoint Security Management System User Guide Version 4.0 Abstract This information describes the HP TippingPoint Security Management System (SMS) client user interface, and includes configuration

More information

Configuring Citrix NetScaler for IBM WebSphere Application Services

Configuring Citrix NetScaler for IBM WebSphere Application Services White Paper Configuring Citrix NetScaler for IBM WebSphere Application Services A deployment guide for configuring NetScaler load balancing and content switching When deploying IBM WebSphere Application

More information

Firewall. Vyatta System. REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall VYATTA, INC.

Firewall. Vyatta System. REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall VYATTA, INC. VYATTA, INC. Vyatta System Firewall REFERENCE GUIDE IPv4 Firewall IPv6 Firewall Zone Based Firewall Vyatta Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com 650 413 7200 1 888 VYATTA 1 (US and

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

Equalizer Installation and Administration Guide

Equalizer Installation and Administration Guide Equalizer Installation and Administration Guide Version 8 June 2008 Coyote Point Systems, Inc. 675 North First Street Suite 975 San Jose, California 95112 Copyright 1997-2008 Coyote Point Systems, Inc.

More information

Deployment Guide Oracle Siebel CRM

Deployment Guide Oracle Siebel CRM Deployment Guide Oracle Siebel CRM DG_ OrSCRM_032013.1 TABLE OF CONTENTS 1 Introduction...4 2 Deployment Topology...4 2.1 Deployment Prerequisites...6 2.2 Siebel CRM Server Roles...7 3 Accessing the AX

More information

ENTERPRISE DATA CENTER CSS HARDWARE LOAD BALANCING POLICY

ENTERPRISE DATA CENTER CSS HARDWARE LOAD BALANCING POLICY CSS HARDWARE LOAD BALANCING POLICY Version 2.5 Date: 04/11/2014 SECURITY WARNING The information contained herein is proprietary to the Commonwealth of Pennsylvania and must not be disclosed to un-authorized

More information

INVITATION FOR BIDS (IFB) NO. 08-093 FURNISH, DELIVER, AND INSTALL APPLICATION DELIVERY SWITCHES FOR INFORMATION TECHNOLOGY SERVICES

INVITATION FOR BIDS (IFB) NO. 08-093 FURNISH, DELIVER, AND INSTALL APPLICATION DELIVERY SWITCHES FOR INFORMATION TECHNOLOGY SERVICES INVITATION FOR BIDS (IFB) NO. 08-093 TO FURNISH, DELIVER, AND INSTALL APPLICATION DELIVERY SWITCHES FOR INFORMATION TECHNOLOGY SERVICES UNIVERSITY OF HAWAII HONOLULU, HAWAII APRIL, 2008 BOARD OF REGENTS

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

PIX/ASA 7.x with Syslog Configuration Example

PIX/ASA 7.x with Syslog Configuration Example PIX/ASA 7.x with Syslog Configuration Example Document ID: 63884 Introduction Prerequisites Requirements Components Used Conventions Basic Syslog Configure Basic Syslog using ASDM Send Syslog Messages

More information

Chapter 37 Server Load Balancing

Chapter 37 Server Load Balancing Chapter 37 Server Load Balancing Introduction... 37-3 Overview... 37-3 Server Load Balancer on the Switch... 37-5 TCP Virtual Balancer... 37-6 Route-Based Virtual Balancer... 37-6 HTTP Virtual Balancer...

More information

Basic System. Vyatta System. REFERENCE GUIDE Using the CLI Working with Configuration System Management User Management Logging VYATTA, INC.

Basic System. Vyatta System. REFERENCE GUIDE Using the CLI Working with Configuration System Management User Management Logging VYATTA, INC. VYATTA, INC. Vyatta System Basic System REFERENCE GUIDE Using the CLI Working with Configuration System Management User Management Logging Vyatta Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com

More information

Barracuda Load Balancer Administrator s Guide

Barracuda Load Balancer Administrator s Guide Barracuda Load Balancer Administrator s Guide Version 2.x Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2004-2008, Barracuda Networks

More information

WARP 3.0 Table of Contents

WARP 3.0 Table of Contents WARP 3.0 Table of Contents Overview................................................. 1 Chapter 1: Initial Setup Quick Install Instructions......................................4 Chapter 2: Interfaces LAN.....................................................6

More information

SonicOS Enhanced 4.0: NAT Load Balancing

SonicOS Enhanced 4.0: NAT Load Balancing SonicOS Enhanced 4.0: NAT Load Balancing This document describes how to configure the Network Address Translation (NAT) & Load Balancing (LB) features in SonicOS Enhanced 4.0. Feature Overview, page 1

More information

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols

More information

High Availability. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks

High Availability. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks High Availability Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

"Charting the Course...

Charting the Course... Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content

More information

Barracuda Load Balancer Administrator s Guide

Barracuda Load Balancer Administrator s Guide Barracuda Load Balancer Administrator s Guide Version 3.x Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2004-2010, Barracuda Networks

More information

EE0-511. Easy CramBible Lab DEMO ONLY VERSION EE0-511. F5 Big-Ip v9 Local Traffic Management

EE0-511. Easy CramBible Lab DEMO ONLY VERSION EE0-511. F5 Big-Ip v9 Local Traffic Management Easy CramBible Lab EE0-511 F5 Big-Ip v9 Local Traffic Management ** Single-user License ** This copy can be only used by yourself for educational purposes Web: http://www.crambible.com/ E-mail: web@crambible.com

More information

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600 APV x600 Series D a t a S h e e t Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600 Array Networks APV Series of Application Delivery Controllers optimizes the

More information

Global Server Load Balancing (GSLB) Concepts

Global Server Load Balancing (GSLB) Concepts Global Server Load Balancing (GSLB) Concepts Section Section Objectives GSLB Overview GSLB Configuration Options GSLB Components Server Mode Configuration 2 Global Server Load Balancing (GSLB) Key ACOS

More information

CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration

CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration The objective of the Citrix NetScaler 10.5 Essentials for ACE Migration course is to provide the foundational concepts and advanced skills necessary

More information