About Load Balancing; Defining A Nat Action - Watchguard V10 User Manual

CHAPTER 8: About Security Policies
User assigned IP

About Load Balancing

As an efficient traffic management scheme, load balancing
enables you to distribute incoming data requests to an
array of servers. Additionally, you can fine-tune the distri-
bution, directing a percentage of the overall traffic to spe-
cific servers according to the capacity of those devices.
With Vcontroller and a security appliance, you can create a
policy that lists each server, and then assigns a percentage
of total requests to that server (based on its capacity in
comparison to other servers). After you apply this policy to
your network traffic, your Firebox Vclass security appli-
ance distributes new data requests to additional servers in
the queue after previous servers have been fully utilized.
Load balancing also makes use of a virtual IP address (a
form of dynamic Network Address Translation), to which
all requests are directed, and through which the security
appliance will distribute the overall load. All load balanc-
ing policies must use the Public interface of the Firebox
Vclass appliance.

Defining a NAT Action

To create a Dynamic NAT action using a Public IP address:
• Select Dynamic NAT from the NAT/Load Balancing
drop-down list. This automatically establishes the IP
200
This action substitutes a publicly routable IP
address of your choosing for internal use IP
addresses. This option is particularly useful if this
appliance will be managing more than 55,000
simultaneous sessions using the IP address of the
Public interface.
Vcontroller