Related Manuals for Sun Microsystems Secure Application Switch N1216
Summary of Contents for Sun Microsystems Secure Application Switch N1216
- Page 1 Secure Application Switch— ™ Release Notes for v3.2.1 Sun Microsystems, Inc. www.sun.com Part No. 819-6643-12 August 2007, Revision A Submit comments about this document at: http://www.sun.com/hwdocs/feedback...
- Page 2 Etats-Unis et dans d'autres pays et licenciée exclusivement par X/Open Company, Ltd. Sun, Sun Microsystems et le logo Sun sont des marques de fabrique ou des marques déposées de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays.
-
Page 3: Table Of Contents
Contents Product Web Page 1 Related Documentation 2 How to Obtain Updates From Sun 2 Contacting Sun Technical Support 3 Sun Welcomes Your Comments 3 New Features in This Release 3 Configuration Synchronization 4 Behavior Change: Show runningConfig saveToFile Command 4 Behavior Change: Show switchservices chassis cpuLoad Command 4 Behavior Change: Default vRouter for Virtual Services 4 Long-Lived Sessions 4... - Page 4 Installing Version 3.2.1 Software 8 Importing a Version 2.0 Configuration 8 Migrating From Software Version 3.0 or 3.1 to Version 3.2.1 13 Configuration Modification 13 Installing Version 3.2.1 Software 14 Importing a Version 3.0 or 3.1 Configuration 15 System Management 16 Command-line Interface (CLI) 17 Web Interface 17 SNMP 17...
- Page 5 Virtualization 23 L2 to L3 Scale 23 Load Balance Configuration 24 Documentation Updates 24 Configuration and Implementation Guide and Getting Started Guides (Translated Versions) 25 Contents...
- Page 6 Sun Secure Application Switch – Release Notes for v3.2.1 • August 2007...
-
Page 7: Regulatory Compliance Statements
Modifications: Any modifications made to this device that are not approved by Sun Microsystems, Inc. may void the authority granted to the user by the FCC to operate this equipment. -
Page 8: Bsmi Class A Notice
BSMI Class A Notice The following statement is applicable to products shipped to Taiwan and marked as Class A on the product compliance label. GOST-R Certification Mark viii Sun Secure Application Switch – Release Notes for v3.2.1 • August 2007... - Page 9 Declaration of Conformity Compliance Model Number: N1216 and N1400 Product Name: Sun Secure Application Switch N1216 (N1216, N1216V) N1400 (N1000, N1400V) USA—FCC Class A This equipment complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: 1.
- Page 10 DATE Donald Cameron DATE Manager, Compliance Engineering Program Manager/Quality Systems Sun Microsystems, Inc. Sun Microsystems Scotland, Limited 4150 Network Circle, MPK15-102 Blackness Road, Phase I, Main Bldg Santa Clara, CA 95054 USA Springfield, EH49 7LR Tel: 650-786-3255 Scotland, United Kingdom...
- Page 11 Declaration of Conformity Compliance Model Number: N2040; N2120 Product Name: Sun Secure Application Switch - N2000 Series USA—FCC Class A This equipment complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: 1. This equipment may not cause harmful interference. 2.
- Page 12 DATE Donald Cameron DATE Manager, Compliance Engineering Program Manager/Quality Systems Sun Microsystems, Inc. Sun Microsystems Scotland, Limited 4150 Network Circle, MPK15-102 Blackness Road, Phase I, Main Bldg Santa Clara, CA 95054 USA Springfield, EH49 7LR Tel: 650-786-3255 Scotland, United Kingdom...
-
Page 13: Product Web
Sun Secure Application Switch – Release Notes for v3.2.1 These Release Notes support the N1000 and N2000 Series. The Sun Secure Application Switch – Release Notes for v3.2.1 contains the latest information and known issues for the Sun Secure Application Switch for version 3.2.1 software. The Sun Secure Application Switch is an intelligent application switch that provides advanced Layer 3 to Layer 7 (L3 to L7) load balancing and advanced Secure Sockets Layer (SSL) acceleration with reencryption. -
Page 14: Related Documentation
Related Documentation The Sun Secure Application Switch documentation listed here is available online at: http://www.sun.com/products/networking/switches/ Related Documentation TABLE P-1 Title Part Number Format Location Sun Secure Application Switch – Getting 819-3042 Printed Ship Kit Started Guide Online Sun Secure Application Switch - 819-7595 Online Configuration and Implementation Guide... -
Page 15: Contacting Sun Technical Support
Contacting Sun Technical Support If you have technical questions about this product that are not answered in this document, go to: http://www.sun.com/service/contacting Sun Welcomes Your Comments Sun is interested in improving its documentation and welcomes your comments and suggestions. You can submit your comments by going to: http://www.sun.com/hwdocs/feedback Please include the title and part number of your document with your feedback: Sun Secure Application Switch –... -
Page 16: Configuration Synchronization
Configuration Synchronization For information about Configuration Synchronization, refer to the Sun Secure Application Switch - Configuration and Implementation Guide, part number 819-7595. Behavior Change: Show runningConfig saveToFile Command In version 3.2.1, the defaultValues and nameValuePairs are included by default when a show runningConfig saveToFile command is executed. -
Page 17: Snat Active Standby Behavior In Redundant Configuration
SNAT Active Standby Behavior in Redundant Configuration In redundant configuration applications, the back-up switch now implements SNAT in standby mode so all SNAT traffic received at the back-up switch will be redirected to the master switch. The SNAT IP addresses must be the same between both switches. -
Page 18: Transceivers
Both systems are rackmountable and operate on standard AC voltages (115 or 230 VAC) in either redundant or non-redundant power configurations. For a review of the Sun Secure Application Switch hardware, refer to the Sun Secure Application Switch – Getting Started Guide. Transceivers Sun has tested the ports on the front of the system with the following transceivers, which are listed by type, vendor, vendor part number, and Sun X Option number. -
Page 19: Migrating From Software Version 2.0 To Version 3.2.1
Migrating From Software Version 2.0 to Version 3.2.1 This section is relevant only if you are upgrading an N2000 Series from version 2.0 software to version 3.2.1 software. Note – The software version command allows you to specify the version of software used on the switch. -
Page 20: Installing Version 3.2.1 Software
Installing Version 3.2.1 Software If you have version 2.0 software installed on your Sun Secure Application Switch and you want to upgrade to version 3.2.1 software, do the following: Note – If you have software version V2_0R4 or later, you can bypass Step 1 and proceed to Step 2. - Page 21 sun(config)# import runningConfig FromFile < > myConfig.txt password < > stopOnError false myPassword Perform the following manual edits detailed below. ■ 1. Update any filterProfile rules that perform vSwitch or vRouter filtering. The vSwitchName and vRouterName fields have been combined into a single field vSwitchAndVRouter.
- Page 22 # Real service parameters loadBalance realService name rs-lnx1 hostName lnx1 clientAddressTranslation enabled proxyIpPool pipHR The new value format looks similar to the following: loadBalance realService name rs-lnx1 hostName lnx1 clientAddressTranslationMask 0.0.0.0 proxyIpPool pipHR 4. Remove any lines for the loadBalance vsGroup. These lines might appear multiple times, since this action happens once for each vSwitch.
- Page 23 advanced ... clientFirstProtocol false ... 6. Remove any lines for TCP connections. These lines might appear multiple times, since this action happens once for each vRouter. The following is an example of what requires deletion: # TCP Connections tcp connections localAddress 0.0.0.0 localPort 22 remoteAddress 0.0.0.0 remotePort 0 state listen tcp connections localAddress 0.0.0.0 localPort 23 remoteAddress 0.0.0.0 remotePort 0 state listen...
- Page 24 ospf advertise-nssa staticRt enabled The new value format looks similar to the following: ospf advertise nssa staticRt enabled 8. Remove any lines for SSHd sessions. The following is an example of what requires deletion: # SSH sessions sessions clientIp 129.148.30.128 clientPort 33127 sesStatus active sessions clientIp 129.148.30.128 clientPort 33127 exit;...
-
Page 25: Migrating From Software Version 3.0 Or 3.1 To Version 3.2.1
advanced tcbTemplateKey 0 ipTos Normal xmtRetryLimit 4 estRetryLimit shortRxTimer 32_seconds longRxTimer 64_seconds rcvWnd 20480 xmtRTT \ 1500_msec smmStreamLimit 1xRcvWnd estShortTimeout ExpRetr \ rcvWndDisabled false rcvMss 1460 xmtMss 1460 enableHttpMode false \ initParseWithData false rxUseLongTime false disableSynCookies false \ clientFirstProtocol true exit;... -
Page 26: Installing Version 3.2.1 Software
In version 3.0 and 3.1, the URI_PATH includes the path and filename. For example, if a file is archived as http://Host/Directory/File.html, the URI_PATH is /Directory/File.html and the URI_BASENAME is File. In contrast, the URI_PATH in software version 3.2.1 contains the characters after the host (or port number) and up to the file name, including the slash separator. -
Page 27: Importing A Version 3.0 Or 3.1 Configuration
# Virtual service advanced settings advanced tcbTemplateKey 0 ipTos Normal xmtRetryLimit 4 estRetryLimit shortRxTimer 32_seconds longRxTimer 64_seconds rcvWnd 20480 xmtRTT \ 1500_msec smmStreamLimit 1xRcvWnd estShortTimeout ExpRetr \ rcvWndDisabled false rcvMss 1460 xmtMss 1460 enableHttpMode false \ initParseWithData false rxUseLongTime false disableSynCookies false \ clientFirstProtocol true exit;... -
Page 28: System Management
sun(config)# interactive off Import the running configuration with stopOnError set to false, similar to the ■ following: sun(config)# import runningConfig FromFile < > myConfig.txt password < > stopOnError false myPassword Perform the following manual editsRemove on any non-terminated virtualServices: L3SLB, L4SLB, TDLB, FWLB In this example: # Virtual Service configuration loadBalance virtualService name WMA-STREAM-HTTP_213... -
Page 29: Command-Line Interface (Cli)
Command-line Interface (CLI) The command-line interface (CLI) uses an industry-standard design that enables you to configure and manage the Sun Secure Application Switch by typing keyboard commands. You access the CLI over a direct console connection to the RS-232 port on the front of the system, or over a Telnet or SSH connection. -
Page 30: Supported Operating Systems And Web Browsers
Supported Operating Systems and Web Browsers The following operating systems and Web browsers have been tested and work with the Sun Secure Application Switch for version 3.2.1 software. Operating Systems and Web Browsers Microsoft Windows (98, 2000, XP, Vista) ■ Internet Explorer 5.5, 6.x, and 7.x ■... -
Page 31: Known Issues With This Release
Known Issues With This Release This section describes the known problems, restrictions, and limitations in Release 3.2 (V3_2R1) on the Sun Secure Application Switch. For tracking purposes, an internal Sun reference number is included at the end of each item in this section. ACLs ACLs will not block traffic that is generated internally within the Sun Secure Application Switch, such as RIP advertisements, outgoing Spanning Tree BPDUs,... -
Page 32: Configuration
Configuration When modifying load balance configurations on the target switch wild cards cannot be used. The desired parameter(s) need to be modified individually. sun(config)# vswitch testing loadBalance realService rs2|rs3 adminState disabled (7561/6505411) Before using configuration synchronization in manual mode, you must disable autodump. -
Page 33: Load Balancing
sun(config-vSwitch-example loadBalance)# healthCheckProfile hc.shrc script scriptFile /ftl0/user/local/shrc.tcl (7625/6592850) Load Balancing Opera Web browsers continue to request TCP data even when receiving a TCP-RST. This can cause the browser to appear hung. (2844/6351904) UDP load balancing (including RADIUS and DNS) does not support frames with IP options. -
Page 34: Routing
sessions. Then if the FW service is administratively disabled or deleted, those persistent flows are closed too. The Cumulative Open/Current Open Session counters then decrement to 0. (7555/6505413) Routing If a static ARP entry is deleted, the switch does not send an ARP request for the given host. -
Page 35: Configuration Scaling
Displaying statistics using line graphs will preserve all history of graphed data, which will continuously consume memory on your PC if left unattended. (2299/6351855) Using the Web Interface, the dashboard has a slow memory leak, which is also present after the session times out due to inactivity. If the GUI is left open for long periods of time, such as overnight, this may cause workstation performance to deteriorate until the browser window is closed. -
Page 36: Load Balance Configuration
VLANs: 512 per vSwitch, 4095 total ■ ARP entries: 3000 per vRouter ■ ACL lists: 4 per vRouter ■ ACL rules: 256 per ACL list ■ IP interfaces: 128 per vRouter ■ Static routes: 200 per vRouter ■ MAC entries: 16,000 total ■... -
Page 37: Configuration And Implementation Guide And Getting Started Guides (Translated Versions)
http://www.sun.com/products/networking/switches/ Configuration and Implementation Guide and Getting Started Guides (Translated Versions) Table P-2 in the Configuration and Implementation Guides and all translated versions of the Getting Started Guide (part numbers 819-3966-12, 819-3967-12, 819- 3968-12, 819-3969-12, 819-3970-12, 819-3971-12, and 819-3972-12) contain outdated references to related documentation. - Page 38 Sun Secure Application Switch – Release Notes for v3.2.1 • August 2007...
Need help?
Do you have a question about the Secure Application Switch N1216 and is the answer not in the manual?
Questions and answers