Manualshelf

HP VPN Firewall Appliances High Availability Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
211212213214215216217218219220
207
Physical links—Entities that forward packets.
Logical link group—A group of logical links.
Logical links—Physical link-based logical entities to process services.
Virtual service—A logical entity. A virtual service can correspond to multiple logical links.
Outbound link load balancing operates in the following way:
1. After a user sends a request to the destination segment specified by the virtual service of the LB
device, if a persistence method is specified in the virtual service, and matched persistence entries
exist, the request is distributed according to the persistence entries. Otherwise, the following step
is performed. See Table 25 for the introduction to the persistence met
hod.
2. The virtual service obtains the information of the corresponding logical link group and matches the
ACLs specified in the logical links one by one based on the logical link weights from high to low.
For the packets allowed by ACL, the virtual service distributes the packets to the corresponding
logical links; for the logical links that are denied by ACL or no matched logical links are found, the
LB device goes to the following step.
3. If Internet Service Provider (ISP) routing is enabled for a virtual service, a best link is selected based
on the matched ISP entry. If no match is found, the following step is performed.
4. If best performing link is enabled in the virtual service, a best link is selected based on the matched
best performing link entry. If no match is found, best performing link detection is performed to
generate a best performing link entry, and the LB device goes to the following step.
5. The virtual service distributes the packets to a logical link (corresponding to a unique physical link)
according to the link scheduling algorithm configured in the logical link group.
When the link busy protection function is enabled, if there is an idle link, best-performing link, ISP routing,
and algorithm scheduling do not take effect on busy links.
If a logical link is configured with the stop scheduling function, best-performing link, ISP routing, and
algorithm scheduling do not take effect on the logical link.
Inbound link load balancing
Inbound link load balancing resolves a domain name according to inbound link load balancing DNS
entries. Two types of inbound link load balancing DNS records are available: MX and A.
A DNS A record comprises four parts: domain name, IP address, physical link, and ACL. Their
relationship is as shown in the following figure:
Figure 108 Relationship between the components of inbound link load balancing DNS A records
IP address 1 IP address 2 IP address n
……
Domain name
ACL 1 Physical link nPhysical link 1 Physical link 2 ACL n