R3204P16-HP Load Balancing Module Network Management Configuration Guide-6PW101
Table Of Contents
- Title page
- Contents
- Interface management configuration
- IP addressing configuration
- MAC address table configuration
- Layer 2 forwarding configuration
- Layer 2 forwarding overview
- Configuring general Layer 2 forwarding
- Configuring inline Layer 2 forwarding
- Configuring inter-VLAN Layer 2 forwarding
- Forward-type inline Layer 2 forwarding configuration example
- Blackhole-type inline Layer 2 forwarding configuration example
- Inter-VLAN Layer 2 forwarding configuration example
- VLAN configuration
- ARP configuration
- Gratuitous ARP configuration
- Proxy ARP configuration
- Layer 3 forwarding configuration
- NAT configuration
- Overview
- Configuring a NAT policy in the web interface
- Configuring NAT in the CLIs
- Configuration guidelines
- ALG configuration
- Static route configuration
- RIP configuration
- OSPF configuration
- BGP configuration
- Policy-based routing configuration
- Route displaying
- DNS configuration
- Overview
- Configuring DNS on the web interface
- Configuring DNS in the CLIs
- Troubleshooting IPv4 DNS configuration
- Support and other resources
- Index
107
ALG configuration
NOTE:
The LB module supports configuring ALG only in the command line interface.
ALG overview
The Application Level Gateway (ALG) feature is used to process application layer packets.
Usually, Network Address Translation (NAT) translates only IP address and port information in packet
headers; it does not analyze fields in application layer payloads. However, the packet payloads of some
protocols may contain IP address or port information, which, if not translated, may cause problems. For
example, a File Transfer Protocol (FTP) application involves both data connection and control connection,
and data connection establishment dynamically depends on the payload information of the control
connection. ALG can process the payload information to ensure that the data connections can be
established.
ALG can work with NAT and Application Specific Packet Filter (ASPF) to implement the following
functions:
• Address translation
Resolves the source IP address, port, protocol type (TCP or UDP), and remote IP address information in
packet payloads.
• Data connection detection
Extracts information required for data connection establishment and establishing data connections for
data exchange.
• Application layer status checking
Inspects the status of the application layer protocol in packets. If the status is right, updating the packet
state machine and performing further processing; otherwise, dropping packets with incorrect states.
Support for the above functions depends on the application layer protocol. ALG can process packets of
the following protocols:
• Domain Name System (DNS)
• FTP
• H.323, including Registration, Admission, Status (RAS), H.225, and H.245
• Hyper Text Transport Protocol (HTTP)
• Internet Control Message Protocol (ICMP)
• Internet Locator Service (ILS)
• MSN/QQ
• Network Basic Input/Output System (NBT)
• Point-to-Point Tunneling Protocol (PPTP)
• Real Time Streaming Protocol (RTSP)
• Session Initiation Protocol (SIP)