Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHome Theater ServerServerIron ADX 12.4.00
71727374757677787980
62 ServerIron ADX Firewall Load Balancing Guide
53-1002436-01
Configuring active-active HA FWLB with VRRP
3
DRAFT: BROCADE CONFIDENTIAL
SI-ActiveD(config-fw-2)# fwall-info 7 3/3 20.20.1.111 10.10.8.3
SI-ActiveD(config-fw-2)# fwall-info 8 3/4 20.20.1.111 10.10.8.4
SI-ActiveD(config-fw-2)# fwall-info 9 2/1 10.10.8.120 10.10.8.120
SI-ActiveD(config-fw-2)# fw-predictor per-service-least-conn
SI-ActiveD(config-fw-2)# exit
SI-ActiveD(config)# vlan 1 name DEFAULT-VLAN by port
SI-ActiveD(config-vlan-1)# always-active
SI-ActiveD(config-vlan-1)# no spanning-tree
SI-ActiveD(config-vlan-1)# static-mac-address 0004.80ed.17b4 ethernet 3/1
priority 1 router-type
SI-ActiveD(config-vlan-1)# static-mac-address 0004.80f0.4b3c ethernet 3/2
priority 1 router-type
SI-ActiveD(config-vlan-1)# static-mac-address 0004.80ed.1368 ethernet 3/3
priority 1 router-type
SI-ActiveD(config-vlan-1)# static-mac-address 0004.80eb.5294 ethernet 3/4
priority 1 router-type
SI-ActiveD(config-vlan-1)# exit
SI-ActiveD(config)# vlan 999 by port
SI-ActiveD(config-vlan-999)# untagged ethe 2/5 to 2/8
SI-ActiveD(config-vlan-999)# no spanning-tree
SI-ActiveD(config-vlan-999)# exit
SI-ActiveD(config)# hostname Int-SI-D
SI-ActiveD(config)# ip address 10.10.8.222 255.255.255.0
SI-ActiveD(config)# ip default-gateway 10.10.8.120
SI-ActiveD(config)# write memory
SI-ActiveD(config)# end
SI-ActiveD(config)# reload
Configuring active-active HA FWLB with VRRP
This section shows examples of commonly used ServerIron ADX IronClad FWLB deployments with
Layer 3 configurations. The ServerIronADXs in these examples perform Layer 3 routing in addition
to Layer 2 and Layer 4–7 switching.
Generally, the steps for configuring Layer 4–7 features on a ServerIronADX running Layer 3 are
similar to the steps on a ServerIronADX that is not running Layer 3. The examples focus on the
Layer 3 aspects of the configurations.
NOTE
The configurations shown in these examples are the ones that are supported. If you need to use the
ServerIron ADX’s Layer 3 routing support in a FWLB configuration that is not shown, contact
Brocade.
Overview of active-active FWLB with VRRP
Figure 12 shows an example of an active-active FWLB configuration that uses Virtual Router
Redundancy Protocol (VRRP). Each pair of ServerIron ADXs provides redundant FWLB, while VRRP
on the external pair of ServerIron ADXs provides redundancy for the default gateway address used
by the client.