Configure Load Balancer Redundancy on Allied Telesis Routers and Switches
4
Enable the firewall.
enable firewall
Create a firewall policy.
create firewall policy=lb
Set the firewall session timeouts for TCP, UDP and other packet types, in minutes.
set firewall policy=lb tcptimeout=5 udptimeout=5 othertimeout=5
Add the public and private interfaces to the firewall policy.
add firewall policy=lb int=vlan2 type=public
add firewall policy=lb int=vlan3 type=private
Add the redundancy management VLAN to the firewall policy as a private interface.
add firewall policy=lb int=vlan4 type=private
You do not need to add firewall access rules at this step. This example uses triggered scripts
to dynamically add access rules, depending on which load balancer is the master (see step 9).
You cannot use the router’s GUI or its HTTP server on port 80 when load balancing web
traffic. Therefore, you need to either disable the GUI and server, by using the following
commands:
disable gui
disable http server
or change the port that the server uses. For example, to change the port to 8080, use the
following command:
set http server port=8080
You can then use the GUI by pointing your browser to the router's private address and the
new port (in this example, 192.168.1.200:8080).
Note that this configuration uses some advanced settings that are not available through the
GUI, so you cannot use the GUI to create this configuration. You also cannot use the firewall
pages in the GUI to modify this configuration’s firewall settings, because the GUI does not
recognise this firewall policy. However, you can use the GUI to monitor the router.
5.
Configure the firewall
6.
Disable the GUI and the HTTP server on port 80