HP VPN Firewall Appliances High Availability Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

221

222

223

224

225

226

227

228

229

230

214

Item Descri

tion

Health Monitoring Type

Health monitoring type of the physical link:

• ICMP—Detects the reachability of the next hop of the physical link

through ICMP messages.

• TCP Half Open—Detects the reachability of the next hop of the physical

link through a TCP half open connection.

Uplink BandWidth Maximum uplink bandwidth allowed by the physical link.

Uplink BandWidth Busy Rate

When the percentage of the actual uplink bandwidth of a physical link to

maximum uplink bandwidth reaches this busy rate, the physical link is

busy.

Downlink BandWidth Maximum downlink bandwidth allowed by the physical link.

Downlink BandWidth Busy Rate

When the percentage of the actual downlink bandwidth of a physical link

to maximum downlink bandwidth reaches this busy rate, the physical link

is busy.

Cost Cost of the physical link.

ISP

ISP to which the physical link belongs.

If no ISP is specified, the physical link does not participate in ISP routing.

The following matrix shows the ISP and hardware compatibility:

Hardware Com

atibilit

F1000-A-EI/F1000-S-EI No

F1000-E No

F5000 Yes

F5000-S/F5000-C No

VPN firewall modules No

20-Gbps VPN firewall modules No

Configuring the best performing link function

For outbound link load balancing, the best performing link function allows you to forward packets whose

destination address matches the best performing link entry over the link in the entry. If no matched entry

is found, best performing link detection is performed. The device selects the best link to the destination

segment from among multiple links according to the network delay, router hops, bandwidth, cost, and

weight of the links, and generates a dynamic best performing link entry.

For inbound link load balancing, the best performing link function allows you to use the IP address of the

DNS entry to which the corresponding physical link belongs (domain name matching) as the DNS

resolution result. If no matched entry is found, best performing link detection is performed. The device

selects the best link to the destination segment from among multiple links according to the network delay,

router hops, bandwidth, cost, and weight of the links, and generates a dynamic best performing link

entry for DNS resolution.

Network delay, router hops, bandwidth, and cost refer to the following:

• Network delay and router hops are obtained through health monitoring.