Technical data

ManualsBrandsBrocade Communications Systems ManualsHome Theater ServerServerIron ADX 12.4.00

151

152

153

154

155

156

157

158

159

160

144 ServerIron ADX Firewall Load Balancing Guide

53-1002436-01

Configuration example for FWLB-to-SLB

DRAFT: BROCADE CONFIDENTIAL

ServerIronADXA(config)# server fw-group 2

ServerIronADXA(config-fw-2)# fw-name FW1-IPin

ServerIronADXA(config-fw-2)# fw-name FW2-IPin

ServerIronADXA(config-fw-2)# fwall-info 1 3 192.168.2.200 192.168.1.30

ServerIronADXA(config-fw-2)# fwall-info 2 5 192.168.2.200 192.168.1.40

ServerIronADXA(config-fw-2)# exit

The following commands add static MAC entries for the MAC addresses of the firewall interfaces

connected to the ServerIron ADX. Notice that the QoS priority is configured as priority 1 and the

router-type parameter is specified. These parameters are required.

NOTE

To ensure proper operation, always configure the path IDs so that the IDs consistently range from

lowest path ID to highest path ID for the firewalls. For example, in Figure 21 on page 137, the path

IDs should range from lowest to highest beginning with the firewall interface at the upper left of the

figure.

To ensure smooth operation, you might want to depict your firewalls in a vertical hierarchy as in

Figure 21 on page 137, label the interfaces with their IP addresses, then configure the paths so that

the path IDs to the interfaces range from lowest to highest path ID starting from the uppermost

firewall interface.

ServerIronADXA(config)# static-mac-address abcd.4321.34e0 ethernet 3 priority 1

router-type

ServerIronADXA(config)# static-mac-address abcd.4321.34e1 ethernet 5 priority 1

router-type

ServerIronADXA(config)# write memory

Commands on ServerIron B (internal)

Enter the following commands to configure SLB. In an FWLB-to-SLB configuration, all SLB

configuration takes place on the internal ServerIron ADX (ServerIron ADX B, the internal ServerIron

ADX, in this example).

The following commands change the ServerIron ADX’s host name to “ServerIron ADXB", configure

the ServerIron ADX’s management IP address, and specify the default gateway.

ServerIronADX(config)# hostname ServerIronADXB

ServerIronADXB(config)# ip address 192.168.2.200 255.255.255.0

ServerIronADXB(config)# ip default-gateway 192.168.2.1

The following commands configure the real servers. Notice that the servers are configured as local

servers instead of remote servers. You can configure the real servers as local servers if Proxy ARP

is enabled on the internal router.

ServerIronADXB(config)# server real-name RS1 192.168.2.50

ServerIronADXB(config-rs-RS1)# port http

ServerIronADXB(config-rs-RS1)# exit

ServerIronADXB(config)# server real-name RS2 192.168.2.60

ServerIronADXB(config-rs-RS2)# port http

ServerIronADXB(config-rs-RS2)# exit

The following commands configure the virtual server and bind it to the real servers with TCP port

80 (HTTP).

ServerIronADXB(config)# server virtual-name www.brocade.com

192.168.1.2ServerIronADX

ServerIronADXB(config-vs-www.brocade.com)# port http