Table of Contents
Advertisement
Alteon Application Switch Operating System Application Guide
Load Balancing Special Services
>>SLB port 7# /cfg/slb/port 27/ids ena
>>SLB port 27# /cfg/slb/port 28/ids ena
In addition to enabling IDS at the port level, a filter must be configured to create a session entry
for non-SLB frames ingressing the port. IDS load balancing requires a session entry to be
created to store the information regarding to which IDS server to send traffic.
13. Configure an integer value for Alteon to accept the SNMP health check.
If the value returned by the real server for the MIB variable does not match the expected value
configured in the rcvcnt field, then the server is marked down. The server is marked back up
when it returns the expected value.
In this step, the server is marked down if Alteon receives a value of 1. The real server is
considers the health check to have failed.
>>SLB port 27# /cfg/slb/advhc/snmphc 1/rcvcnt "1"
14. Create an allow filter and configure the filter with the idshash metric.
The IDS hash metric is set to hash on both the source and destination IP addresses. Hashing on
both source and destination IP address ensures that the returning traffic goes to the same IDS
server. If the port is configured for client processing only, then Alteon hashes on the source IP
address. By default, the IDS hash metric hashes on the source IP address only.
15. Apply the allow filter to ports 4, 7, 8, 27, and 28 to enable filter processing on all ports that have
IDS enabled.
If you add the allow filter to the client port 4, Alteon hashes on the client IP and virtual server IP
address for both the client and server frames. This ensures that both client and server traffic
belonging to the same session is sent to the same IDS server. If you do not add the allow filter
on port 5, then Alteon hashes on the client IP only for client frames and hashes on the client IP
and virtual server IP addresses for server frames. The allow filter must be applied on all ports
that require Layer 4 traffic to be routed to the IDS servers.
>> Filter 2048# /cfg/slb/port 4
>> SLB Port 4# add 2048
>> SLB Port 4# filt ena
>> SLB Port 4# /cfg/slb/port 7
>> SLB Port 7# add 2048
>> SLB Port 7# filt ena
>> SLB Port 7# /cfg/slb/port 8
>> SLB Port 2# add 2048
>> SLB Port 2# filt ena
>> SLB Port 2# /cfg/slb/port 27
>> SLB Port 27# add 2048
>> SLB Port 27# filt ena
>> SLB Port 27# /cfg/slb/port 28
>> SLB Port 28# add 2048
>> SLB Port 28# filt ena
322
(Enable IDS processing for port 27)
(Enable IDS processing for port 28)
(Select the client port)
(Apply the filter to the IDS port)
(Enable the filter)
(Select the IDS Server 7 port)
(Apply the filter to the IDS port)
(Enable the filter)
(Select the IDS Server 8 port)
(Apply the filter to the client port)
(Enable the filter)
(Select the interswitch link for IDS)
(Apply the filter to traffic port 27)
(Enable the filter)
(Select the interswitch link for IDS)
(Apply the filter to traffic port 28)
(Enable the filter)
Document ID: RDWR-ALOS-V2900_AG1302
- Quick Links:
- Part 1-Basic Features
Hide quick links:
Advertisement
Table of Contents
