Radware Alteon Application Manual page 317

8. Enable IDS on the client and server processing ports. This enables frames ingressing the port to
be copied to the IDS servers.
>># /cfg/slb/port 25/idslb ena
>>SLB port 25# /cfg/slb/port 2/idslb ena
>>SLB port 2# /cfg/slb/port 3/idslb ena
>>SLB port 3# /cfg/slb/port 4/idslb ena
In addition to enabling IDS at the port level, a filter must be configured to create a session entry
for non-SLB frames ingressing the port. IDS load balancing requires a session entry to be
created to store the information regarding to which IDS server to send traffic.
9. Create an allow filter and configure the filter with the idshash metric.
>> # /cfg/slb/filt 2048
>> Filter 2048# sip any
>> Filter 2048# dip any
>> Filter 2048# action allow
>> Filter 2048# ena
>> Filter 2048# adv/idshash both
The IDS hash metric is set to hash on both the source and destination IP addresses. Hashing on
both source and destination IP address ensures that the returning traffic goes to the same IDS
server. By default, the IDS hash metric hashes on the source IP address only.
10. Apply the filter to ports 2, 3, 4 and 25 only. Enable filter processing on all ports that have IDS
enabled.
If you add the allow filter to the client port 25, Alteon hashes on the client IP and virtual server
IP addresses for both client and server frames. This ensures that both client and server traffic
belonging to the same session is sent to the same IDS server. If you do not add the allow filter
on port 25, Alteon hashes on the client IP only for client frames and hashes on the client IP and
virtual server IP addresses for server frames.
>> # /cfg/slb/port 2
>> SLB Port 2# add 2048
>> SLB Port 2# filt ena
>> SLB Port 2# /cfg/slb/port 3
>> SLB Port 3# add 2048
>> SLB Port 3# filt ena
>> SLB Port 3# /cfg/slb/port 4
>> SLB Port 4# add 2048
>> SLB Port 4# filt ena
>> SLB Port 4# /cfg/slb/port 25
>> SLB Port 25# add 2048
>> SLB Port 25# filt ena
Document ID: RDWR-ALOS-V2900_AG1302
Alteon Application Switch Operating System Application Guide
(Enable IDS SLB for port 25)
(Enable IDS SLB for port 2)
(Enable IDS SLB for port 3)
(Enable IDS SLB for port 4)
(Select the menu for Filter 2048)
(From any source IP address)
(To any destination IP address)
(Allow matching traffic to pass)
(Enable the filter)
(Set the hash metric parameter)
(Select the port menu)
(Apply the filter to port 2)
(Enable the filter)
(Select port 3)
(Apply the filter to port 3)
(Enable the filter)
(Select port 4)
(Apply the filter to port 4)
(Enable the filter)
(Select port 25)
(Apply the filter to port 25)
(Enable the filter)
Load Balancing Special Services
317