Stormshield SN series Configuration Manual page 244

Apply
Copy
Cancel
Tables of gateways used and backup gateways
Both of these tables contain the following columns:
Host (Mandatory)
Device(s) for testing
availability
(Mandatory)
Weight
(Optional) Comments Any text.
Parameters that define the interval between two availability tests ("frequency"), the
maximum waiting time for a response ("wait") and the number of tests to perform before
declaring the gateway uncontactable ("tries") can only be configured via CLI command:
CONFIG OBJECT ROUTER NEW name=<router name> [tries=<int>] [wait=<seconds>]
[frequency=<seconds>]
The default values suggested are 15 seconds for the "frequency" parameter, 2 seconds for
the "wait" parameter and 3 for the "tries" parameter.
Advanced properties
Load balancing
Page 244/448
Sends the router's configuration.
Allows creating by duplicating a new router object that takes on the same
characteristics as the edited router.
Cancels the router's configuration.
Clicking on this column will open the objects database to allow selecting a host that
makes up the router.
Host or host group to ping in order to determine the connectivity of the gateway. The
value selected may be the gateway itself (Test the gateway directly), a host or a
group of third-party hosts. The availability test may be disabled for the selected
gateway by selecting the value No availability testing.
NOTE
If the value No availability testing has been selected for all gateways, the function
enabling a switchover to backup gateways will then be disabled.
Allows assigning a priority between the various gateways for the load balancing
mechanism. A gateway with a higher weight will therefore be used more often when
balancing traffic load.
NOTE
The firewall allows distributed routing between the various gateways used through
several methods:
No load balancing: only the first gateway defined in the "List of gateways used" and
l
"List of backup gateways" will be used for routing.
By connection: all gateways defined in the "List of gateways used" will be used. The
l
load balancing algorithm is based on the source (source IP address, source port)
and the destination (destination IP address, destination port) of the traffic. The rate
at which the various gateways are used will be related to their respective weights.
By source IP address: all gateways defined in the "List of gateways used" will be
l
used. An algorithm allows balancing routing based on the source of the routed
traffic. The rate at which the various gateways are used will be related to their
respective weights.
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
NETWORK OBJECTS
update=1.