Extreme Networks Px Series Скачать руководство пользователя страница 72 | Manualshive

Страница: 72 / 118

background image

6-14

Px Series Application Switch Installation and Configuration Guide

NAT Modes

Network address translation (NAT) is one of the cornerstones of server load balancing.
To balance the load between the various real servers, the server load balancer uses a
single IP address, called a virtual IP address, to represent the entire group of servers
that make up a website.

When a client request arrives at the virtual IP address, the load balancer must rewrite
the destination IP address, so that it can forward the request to a server for processing.
Likewise, when the server responds to the request, the server address must also be
translated from its own unique address to that of the virtual IP, so that it can be sent
back to the user. This process of translating one network address into another is called
network address translation (NAT).

Full-NAT Mode

In full-NAT mode, the server load balancer translates both the source and destination IP
addresses—those of the client and the server—before sending the request onto the user.
For the point of view of the server fulfilling the request, it appears as though the client
making the request is actually the server load balancer.

Advantages of full-NAT mode are:

•

No configuration is necessary on the Layer 2/3 switch connected to the application
switch.

•

It can be deployed in any network architecture.

•

Clients can be on the same subnet as the servers.

•

It allows interoperation with any vendors switch, regardless of support for policy
routing.

You must run in full-NAT mode if:

•

Clients and servers are on the same layer 2 network segment.

•

The switch connected to the application switch does not support layer 3 policy
routing based on source IP address, port, and protocol.

•

You do not have access to the layer 3 switch to configure policy based routing.

«
...
70
71
72
73
74
...
»

Содержание Px Series

Страница 1: ...rks Inc 3585 Monroe Street Santa Clara California 95051 888 257 3000 http www extremenetworks com Px Series Application Switch Installation and Configuration Guide Published April 2002 Part number 100...

Страница 2: ...Networks logo are trademarks of Extreme Networks Inc which may be registered or pending registration in certain jurisdictions The Extreme Turbodrive logo is a service mark of Extreme Networks which m...

Страница 3: ...2 Load Balancing Modes 1 3 Layer 4 Load Balancing 1 3 Layer 7 Load Balancing and Content Analysis 1 4 Port Rewrite 1 6 Getting Started on Load Balancing Configuration 1 6 2 Installing the SummitPx1 Ap...

Страница 4: ...ce 4 2 Abbreviated Syntax and Command Completion 4 2 Syntax Symbols 4 2 Line Editing Keys 4 3 Specifying Text Values 4 3 Command History 4 4 Prompt Text 4 4 Configuring Management Access 4 4 Changing...

Страница 5: ...s 5 4 Configuring Traffic Tagging 5 5 Configuration Example 5 6 6 Choosing Policies Persistence Modes and NAT Scheduling Policies 6 1 Persistence Modes 6 2 UDP Flow Persistence 6 3 Client IP Persisten...

Страница 6: ...r the PxM 8 6 Using ESRP with the PxM 8 6 Configuring the PxM for Multiple VLANs 8 7 Configuring a Default Gateway 8 8 9 Health Checks Overview 9 1 Server Startup Pacing 9 2 Health Checking Procedure...

Страница 7: ...SummitPx1TM and PxMTM This guide is intended for use by network administrators who are responsible for installing and setting up network equipment It assumes a basic working knowledge of Local area n...

Страница 8: ...displays This typeface indicates command syntax or represents information as it appears on the screen The words enter and type When you see the word enter in this guide you must type something and the...

Страница 9: ...Publications Related Publications The publications related to this one are ExtremeWare Software User Guide Px Series Application Switch Release Notes Documentation for Extreme products is available o...

Страница 10: ...x Px Series Application Switch Installation and Configuration Guide Preface...

Страница 11: ...This chapter contains the following sections Purpose of Server Load Balancing on page 1 1 Load Balancing Modes on page 1 3 Port Rewrite on page 1 6 Getting Started on Load Balancing Configuration on...

Страница 12: ...evel of abstraction between the real servers and the Internet by configuring a virtual IP VIP address and port on the application switch The VIP has a globally reachable public IP address and correspo...

Страница 13: ...user request using server selection policies It selects a server without looking at the content of the request The following server selection policies are supported by the Px series application switc...

Страница 14: ...on cookies or the URL being requested by the client the application switch must actually look inside the client request Because this data request is only sent out after a connection is established th...

Страница 15: ...rds the buffered data to the server The server sends any response to the application switch The application switch translates the IP source address and port numbers appropriately along with the TCP se...

Страница 16: ...lication switch to perform load balancing operations you must consider the following Do you want to use full NAT or server only NAT mode For more information on NAT see Chapter 6 Do you want to use IP...

Страница 17: ...rs that will be load balanced b Create groups of servers and put the real servers into them c Create a virtual service If the virtual service is layer 4 assign a server group to it If the virtual serv...

Страница 18: ...1 8 Px Series Application Switch Installation and Configuration Guide...

Страница 19: ...tion Switch on page 2 1 Determining the Location on page 2 4 Installing the SummitPx1 Application Switch on page 2 4 Setting Up Console Communication on page 2 6 Powering On the SummitPx1 on page 2 5...

Страница 20: ...9 adapter to connect the console to a PC serial port using a straight 1 8 1 8 cable such as a standard category 3 or category 5 Ethernet cable The pinouts for the DB 9 adapter are shown in Table 2 2 o...

Страница 21: ...itch rear view Power Socket The SummitPx1 automatically adjusts to the supply voltage The power supply operates down to 90 VAC The fuse is suitable for both 110 VAC and 220 240 VAC operation Serial Nu...

Страница 22: ...should provide a minimum of 25mm 1 inch clearance No objects are placed on top of the unit Units are not stacked more than four high if the switch is free standing Installing the SummitPx1 Application...

Страница 23: ...adhesive rubber pads Apply the pads to the underside of the device by sticking a pad at each corner of the device Up to four SummitPx1 application switches can be placed on top of one another Powerin...

Страница 24: ...kstation with a Telnet facility can communicate with the application switch over a TCP IP network Telnet is enabled by default Use Telnet to connect to either the 10 100 Mbps Ethernet management port...

Страница 25: ...u must first configure the switch IP parameters To manually configure the IP settings follow these steps 1 Connect a terminal or workstation running terminal emulation software to the serial managemen...

Страница 26: ...it an IP address and subnetwork mask using the following command config mgmt ip ipaddress netmask bit length The 10 100BT port has a separate routing table By default no routes are installed in the ro...

Страница 27: ...and removing modules is repeated here To manage the application switch locally you must connect a management console to the switch s Ethernet management port using a serial connection Do this in the...

Страница 28: ...BlackDiamond 6808 until it makes contact with the backplane As the module begins to seat in the chassis the ejector injector handles begin to close 5 To close the ejector injector handles use both ha...

Страница 29: ...4 Slide the module out of the chassis 5 If you are not going to install a replacement I O module cover the slot with a blank faceplate Otherwise follow the I O module installation procedure above 6 Re...

Страница 30: ...3 4 Px Series Application Switch Installation and Configuration Guide...

Страница 31: ...covers the following topics Using the Command Line Interface page 4 2 Configuring Management Access on page 4 4 Managing the PxM on page 4 7 Configuring VLANs on page 4 8 Configuring SNMP on page 4 9...

Страница 32: ...rameter Typically this is the first three letters of the command The Px series application switch provides command completion by way of the Tab key If you enter a command using the abbreviated syntax...

Страница 33: ...letes character to left of cursor and shifts remainder of line to left Delete or Ctrl D Deletes character under cursor and shifts remainder of line to left Ctrl K Deletes characters from under cursor...

Страница 34: ...he command line prompt it indicates that you have outstanding configuration changes that have not been saved For example SummitPx1 19 The prompt ends with if you are logged in with user level privileg...

Страница 35: ...h a sign For example SummitPx1 18 Changing the Default Passwords The switch is automatically configured with one account at each level with the names user and admin By default these accounts do not ha...

Страница 36: ...es are case sensitive 4 Enter the password at the prompt Passwords can have up to 32 characters and are case sensitive 5 Re enter the password at the prompt Modifying Accounts To change the password o...

Страница 37: ...cific syntax that applies to the PxM Table 4 3 Commands Unique to the PxM Command Description connect slot number Creates a PxM session for the specified slot show pxm interfaces slot number Displays...

Страница 38: ...802 1q VLAN ID numbers rather than names You must configure the VLAN number on the system IP address For the SummitPx1 before configuring VLANs for the application switch itself you must enable VLAN t...

Страница 39: ...Published by Prentice Hall Changes to SNMP settings are executed immediately and do not require the build command Table 4 4 describes how to configure SNMP settings for the application switch Table 4...

Страница 40: ...rite community string is private A total of eight community strings can be configured on the application switch The community string for all authorized trap receivers must be configured on the applica...

Страница 41: ...tch application is based on the Data Fellows SSH2 server implementation It is highly recommended that you use the F Secure SSH client products from Data Fellows corporation These applications are avai...

Страница 42: ...f clients that can access the switch and specifying a TCP port to be used for communication By default if you have a security license SSH2 is enabled using TCP port 22 with no restrictions on client a...

Страница 43: ...alid user name and password on the switch in order to log into the switch after the SSH2 session has been established For additional information on the SSH protocol refer to FIPS 186 Federal Informati...

Страница 44: ...authentication key to use the SSH2 and SCP2 commands from the ExtremeWare command line interface To send commands to a remote system using SSH2 use the following command ssh2 cipher 3des blowfish port...

Страница 45: ...similar to the UNIX top command The idle task BGTask shows 99 100 if nothing else is going on Checking Basic Connectivity The Px series application switch offers the following commands for checking b...

Страница 46: ...level are To change the level of messages that are logged use the command config log display level The level argument is optional By default the level is set to b fatal messages To clear the log use t...

Страница 47: ...spersed network resources The GlobalPx Content Director transparently directs clients and client DNS servers to the most appropriate POP to satisfy client requests Typically the physically closest POP...

Страница 48: ...by scheduler ipaddr at time contacted by schedulers ipaddr ipaddr ipaddr current load num For more information see the GlobalPx Content Director Installation and User Guide Example Configuration In th...

Страница 49: ...ble vlan config mgmt ipaddress 10 10 10 10 24 enable syslog config syslog ip 10 10 10 20 config nat mode full enable clipaging disable port gigabit proxy ip s config proxy ip 64 1 1 11 64 1 1 42 SNMP...

Страница 50: ...4 20 Px Series Application Switch Installation and Configuration Guide...

Страница 51: ...ge 5 6 Configuring Real Servers The real servers are the actual web or application servers that fulfill the client requests Typically there are one or more identical real servers each of which runs th...

Страница 52: ...config server index 3 ipaddress 10 2 2 2 10 2 2 9 port 80 max connections 4000 weight 1 To remove a server or range of servers from the system use the following commands unconfig server index index un...

Страница 53: ...up1 add server index 1 config server group name group1 add server ip address 10 10 10 2 config server group name group1 add server index 1 34 config server group name group1 add server ip address 10 1...

Страница 54: ...umber protocol tcp udp L4 server group name name You can configure a layer 4 service on a VLAN using the optional vlan argument config service vip ip address vlan vlan name port number protocol tcp ud...

Страница 55: ...ed persistence for the virtual service Although you configure cookies for the default domain the cookie information applies to the entire site See Chapter 6 for more information on cookies Configuring...

Страница 56: ...the specified tag to the 802 1p header for packets directed to the server 0 7 dot1p to net tag Applies the specified tag to the 802 1p header for packets directed to the network 0 7 diffserv to svr ta...

Страница 57: ...ig service vip 64 1 2 10 port 80 protocol tcp l4 server group name yourdomain system configuration config system ip 64 1 1 10 24 config default gateway 64 1 1 1 disable vlan config mgmt ipaddress 10 1...

Страница 58: ...5 8 Px Series Application Switch Installation and Configuration Guide...

Страница 59: ...mple on page 6 17 Scheduling Policies The Px series application switch uses scheduling policies in load balancing to select the real server to which to forward a client request Scheduling policies are...

Страница 60: ...l of all servers is about equal and all servers provide the same content wrr weighted round robin Similar to round robin except that you can apply a weight to each server For example if server A has a...

Страница 61: ...t IP persistence Cookie persistence SSL session identifier persistence UDP Flow Persistence A UDP flow is recycled if it is idle for the time specified by the UDP flow persistence timer To set this ti...

Страница 62: ...establishing a session between the server and the client The client sends another request The application switch examines the IP address sees that the request is from client 125 12 1 1 The application...

Страница 63: ...kiness When a client accesses a web server the web server can send the client a cookie The cookie can be programmed to contain many different pieces of information including The IP address of the web...

Страница 64: ...ver 2 contain IP address 10 1 1 2 Cookies created by server 3 contain IP address 10 1 1 3 The website administrator configures the Px series application switch to use self identifying cookie persisten...

Страница 65: ...will be forwarded to another server The following Perl example sends a cookie to the user s browser and handles the case of server failure If the chosen server fails then a request will come to a ser...

Страница 66: ...ddress of HostIPAddr br n else print The cookie named SLBCookie was correctly set to ExistingHostCookie br n print No action was taken br n print end_html Hashed Cookie Persistence Using hashed cookie...

Страница 67: ...e client always access the same web server that contains its cached information In addition before accessing the web server the client must login to the site and obtain a unique cookie The following t...

Страница 68: ...contain the username user samsmith96754 Each subsequent request sent from the client to the website contains the cookie The client sends another data request to the website via the application switch...

Страница 69: ...site administrator configures the Px series application switch to use learned cookie persistence mode and configures the name of the cookie to be tracked The client at IP address 65 11 11 11 transmits...

Страница 70: ...mation Each subsequent request sent from the client to the website contains the cookie The application switch examines the cookie looks up the forwarding information in the database and sends each req...

Страница 71: ...es to the whole service not just the default domain SSL Session Identifier Persistence Websites that use SSL encrypt all transmitted information in the SSL session except the SSL session identifier SS...

Страница 72: ...called network address translation NAT Full NAT Mode In full NAT mode the server load balancer translates both the source and destination IP addresses those of the client and the server before sending...

Страница 73: ...itch is running Boot the application switch for the proxy IP information to take effect Server only Half NAT Mode In half NAT mode the application switch only translates the server IP address when dis...

Страница 74: ...d on both the application switch and the attached layer 3 switch To enable half NAT on the Px series application switch use the following command config nat mode server only On an Extreme switch use t...

Страница 75: ...ode add ip ip address vlan vlan tag If VLAN tags are enabled you must specify the VLAN tag for gateway mode If gateway mode is enabled set up a policy rule on the server s default gateway to forward t...

Страница 76: ...max con 500 weight 1 server groups config server group name yourdomain policy rr config server group name yourdomain add server index 1 3 config server group name ecom policy lc config server group n...

Страница 77: ...guration config system ip 64 1 1 10 24 config default gateway 64 1 1 1 disable vlan config mgmt ipaddress 10 10 10 10 24 vlan 100 enable vlan enable syslog config syslog ip 10 10 10 20 config nat mode...

Страница 78: ...6 20 Px Series Application Switch Installation and Configuration Guide...

Страница 79: ...s a proxy and looking inside each request using domain or URL switching The chapter covers the following topics Domain and URL Switching on page 7 1 Configuring URL Switching on page 7 4 Creating Doma...

Страница 80: ...g scenario Domain Switching Domain switching uses the requested domain name to select the appropriate server group For example in Figure 7 2 there are three server groups www buystuff com www speakyou...

Страница 81: ...policy round robin weighted round robin least connections or weighted least connections to select a particular server within the server group The request is then forwarded to the selected server in s...

Страница 82: ...into the request In addition to examining the domain name the Px series application switch examines the entire requested URL and matches it against a list of pattern rules Each of the pattern rules h...

Страница 83: ...tion switch you have the flexibility to move these resources without changing dozens of links You can also split out different sections of your website virtually on the fly The larger the website the...

Страница 84: ...uff com ebooks ISBNXXXXXXX is directed to server group 1 www buystuff com ebooks ISBNXXXXXXX is directed to server group 2 In fact a unique rule could be used for each book in the catalog with little...

Страница 85: ...group 3 and so on This hierarchical approach has most of the advantages of the first approach and is also well suited to unindexed browsable static content All of the content can be browsed using a s...

Страница 86: ...combinations The allowable wildcards are described in Table 7 1 Every layer 7 rule needs a default domain which can contain only a default pattern rule This rule is used to decide where to forward tra...

Страница 87: ...st first enter the virtual service that you want to modify using the following command config service vip 10 65 31 201 port 8080 proto tcp l7 class http Then you can add new domains or delete an exist...

Страница 88: ...fig server index 11 ip 64 1 1 71 port 80 max con 5000 weight 1 config server index 20 ip 64 1 1 80 port 80 max con 5000 weight 1 server groups config server group name appserv policy rr config server...

Страница 89: ...e mov server group name media config pattern rule mp3 server group name media config domain name default config pattern rule default server group name yourdomain cookie name session id cookie type lea...

Страница 90: ...Configuration Guide config snmp sysName balancer config snmp sysLocation Exodus Colo config snmp sysContact Web Admin config add trap receiver 10 10 10 21 public 162 config snmp add community readonl...

Страница 91: ...redundant systems using VRRP an industry standard failover mechanism RFC 2338 In the event of the failure of the primary active system the secondary system automatically takes over for the failed syst...

Страница 92: ...eWare Before configuring VRRP make the following decisions Select which system should initially be primary and which should be secondary Configure the secondary switch with a lower priority Assign a v...

Страница 93: ...is being used for layer 2 redundancy or where VRRP or HSRP is being used for the layer 3 redundancy without problems Because the ESRP protocol in ExtremeWare is a custom layer 2 and 3 hybrid redundan...

Страница 94: ...es two things Synchronizes a master VRRP to its backup by sending a set of configuration commands from the master to the backup replacing the corresponding commands WS_019 Aggregation Routing Internet...

Страница 95: ...ow vrrp auto sync This displays the current state of synchronization For example Auto sync Enabled Master Partner IP Not Configured N A Backup Partner IP 10 65 4 250 Connected MD5 local config c409f49...

Страница 96: ...ESRP master is the presence or absence of the heartbeat signal from the PxM to the MSM If there is an FPGA fatal error or if the PHY link fails the PxM stops sending the heartbeat signal and the ESRP...

Страница 97: ...f it were the only VLAN See Using ESRP with the PxM on page 8 6 The following example ExtremeWare script sets up several VLANs as domain members of a master VLAN and configures ESRP for two redundant...

Страница 98: ...v3 enable esrp vlan master Configuring a Default Gateway The Px series application switch supports two gateways If the primary default gateway router fails the application switch will change to a sec...

Страница 99: ...lication switch supports the following types of health checks ICMP Ping Ensures that the host is reachable In general this does not provide any information about application health but provides the si...

Страница 100: ...he following command config server startup pacing initial limit number of connections The initial maximum defaults to 5 connections To set the global interval use the following command config server s...

Страница 101: ...se default timer settings locally on an individual server or globally If you set them globally the timers are modified on all hosts that use the default settings If health checks are enabled but not s...

Страница 102: ...se the following command config server group name sg1 health check tcp open To check for a return code add the following command config server group name sg1 health check tcp open return HELLO HTTP he...

Страница 103: ...ver group which take precedence over the global settings Use the following commands config server group name health check interval number of seconds config server group name health check retry interva...

Страница 104: ...9 6 Px Series Application Switch Installation and Configuration Guide...

Страница 105: ...contains the following sections Showing Traffic Statistics on page 10 1 Showing Configuration Details on page 10 3 Managing and Troubleshooting Operation on page 10 7 Showing Traffic Statistics Table...

Страница 106: ...group config details summary Displays configuration commands detailed information such as current total and peak connections a summary of information such as total number of services show service ipa...

Страница 107: ...obalPx Content Director agent show healthcheck config down summary details verbose Displays the current health check configuration show iparp Displays the current layer 2 ARP table entries show iprout...

Страница 108: ...dex 2 ip 10 65 8 51 port 8080 config server index 40 ip 10 65 8 52 port 80 config server index 41 ip 10 65 8 53 port 80 server groups config server group name web1_layer4 policy rr server last resort...

Страница 109: ...mac is resolved N mac is not resolved F forced down run than or than 0 number of consecutive passed or failed respectively ra restore after fa fail after left secs till next check index IP port proto...

Страница 110: ...health checks REQ SENT applies to TCP and HTTP health checks IDLE PINGING ping sent waiting for response left The number of seconds left until the next health check run When positive the number of con...

Страница 111: ...tions for the server Not shown for virtual services max connections The configured maximum number of connections for the server Not shown for virtual services run When positive the number of consecuti...

Страница 112: ...og level Displays the contents of the switch log Level values are a errors displays error messages b fatal displays fatal messages c info displays informational messages d warning displays warning mes...

Страница 113: ...4 2 using 4 2 community strings 4 10 configuring the system 2 6 connecting to console server 2 2 connectivity verifying 4 15 console port connecting to 2 6 description of 2 2 content analysis 1 4 conv...

Страница 114: ...reating 5 3 layer 7 load balancing 1 4 layer 7 persistence 6 5 layer 7 virtual services 5 4 learned cookie persistence mode 6 5 6 10 least connections policy 6 2 line editing keys 4 3 load defined 4 1...

Страница 115: ...ommands 10 1 SNMP community strings 4 10 configuring 4 9 settings 4 9 system contact 4 9 system location 4 9 system name 4 9 traps 4 10 socket power 2 3 SSL session identifier persistence 5 4 6 13 sta...

Страница 116: ...iv Index Px Series Application Switch Installation and Configuration Guide...

Страница 117: ...config proxy ip 6 15 config server index ipaddress 5 1 config server group health check fail after 9 5 config server group health check interval 9 5 config server group health check restore after 9 5...

Страница 118: ...le server startup pacing 9 2 enable ssh2 4 12 enable sticky client ip 6 5 enable syslog 4 16 enable vlan 4 8 enable vrrp 8 2 8 3 H history 4 4 N nslookup 4 11 P ping 4 15 S scp 4 14 scp2 4 14 show acc...

Отзывы:

Нет отзывов

Похожие инструкции для Px Series

Бренд: Barksdale Страницы: 6

Бренд: tbs electronics Страницы: 2

Бренд: FELA Страницы: 13

Бренд: IBM Страницы: 166

Бренд: Communica Страницы: 5

CentreCOM GS970M Series

Бренд: Allied Telesis Страницы: 21

Бренд: QSFPTEK Страницы: 12

Бренд: Cabletron Systems Страницы: 83

MediaHub Mini TA-3350

Бренд: TeleAdapt Страницы: 23

Бренд: Grizzly Страницы: 2

Бренд: HDTV Supply Страницы: 15

Бренд: Advantech Страницы: 28

Бренд: Heyer Страницы: 29

ProSafe GSM5212P

Бренд: NETGEAR Страницы: 2

Бренд: KDS Страницы: 10

Бренд: Advantech Страницы: 73

GoControl WA00Z-1

Бренд: Nortek Страницы: 4

Бренд: Icy Box Страницы: 8

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды