Riverbed Steelhead 1050 Series Скачать руководство пользователя страница 73

Страница: 73 / 104

Steelhead Appliance Installation and Configuration Guide

Disabling SMB Signing

Installing and Configuring the Steelhead Appliance

Important:

If your deployment requires SMB signing, you can optimize signed CIFS messages by selecting Enable

SMB Signing

in the Optimization - CIFS page. Before you enable SMB Signing, make sure you disable

Optimize Connections with Security Signatures

. For detailed information about enabling SMB signing,

including procedures for your Windows server, see the Steelhead Management Console User’s Guide.

Disabling SMB Signing Using Active Directory

If the Secure-CIFS feature does not disable SMB signing, you must revise the default SMB registry
parameters. SMB signing is controlled by the following registry parameters:

enablesecuritysignature (SSEn)

requiresecuritysignature (SSReq)

The registry settings are located in:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters

The following table summarizes the default SMB signing registry parameters.

With these default registry parameters, SMB signing is negotiated in the following manner:

SMB/CIFS exchanges between the Client/Workstation and the Member Server are not signed.

SMB/CIFS exchanges between the Client/Workstation and the Domain Controller are always signed.

Machine Role

SSEn

SSReq

Client/Workstation

OFF

Member Server

OFF

Domain Controller

Содержание Steelhead 1050 Series

Страница 1: ...Steelhead Appliance Installation and Configuration Guide Version 5 5 4 July 2009...

Страница 2: ...8 2000 Copyright 1996 1998 2000 The Regents of the University of California All rights reserved OpenSSH 1983 1990 1992 1993 1995 1993 The Regents of the University of California All rights reserved pa...

Страница 3: ...d Documentation and the Support Knowledge Base 10 Related Reading 10 Safety Guidelines 11 Contacting Riverbed 11 Internet 11 Technical Support 11 Professional Services 11 Documentation 12 Chapter 1 Ov...

Страница 4: ...igabit Ethernet PCI E Bypass Card 40 Two Port SX Fiber Gigabit Ethernet PCI E Bypass Card 40 Four Port SX Fiber Gigabit Ethernet PCI E Bypass Card 41 Two Port LX Fiber Gigabit Ethernet PCI E Bypass Ca...

Страница 5: ...ifying Your Configuration 65 Configuring Out of Path Steelhead Appliances 66 Before You Begin 66 Connecting the Steelhead Appliance to Your Network 69 Configuring the Client Side Appliance 69 Disablin...

Страница 6: ...vi Steelhead Appliance Installation and Configuration Guide Contents...

Страница 7: ...0 Safety Guidelines on page 11 Contacting Riverbed on page 11 About This Guide The Steelhead Appliance Installation and Configuration Guide describes how to install and configure the Steelhead applian...

Страница 8: ...appear in bold typeface Courier Information displayed on your terminal screen and information that you are instructed to enter appears in Courier font Within syntax descriptions values that you speci...

Страница 9: ...otiates speed and duplex mode for all data rates and supports full duplex mode and flow control IEEE 802 3 2002 The Steelhead appliance with a Gigabit Ethernet card supports Jumbo Frames on in path an...

Страница 10: ...contains important information about this release of the Steelhead appliance Riverbed Documentation and the Support Knowledge Base For a complete list and the most current version of Riverbed document...

Страница 11: ...ce Guide Before you install operate or service the Riverbed products you must be familiar with the safety information Refer to the Safety and Compliance Guide if you do not clearly understand the safe...

Страница 12: ...ction Contacting Riverbed Documentation We continually strive to improve the quality and usability of our documentation We appreciate any suggestions you may have about our online documentation or pri...

Страница 13: ...Ports on page 35 Bypass Card Status Lights on page 39 Overview of the Steelhead Appliance The causes for slow throughput in WANs are well known high delay round trip time or latency limited bandwidth...

Страница 14: ...liances These techniques ensure that efficient retransmission methods such as TCP selective acknowledgements are used negotiate optimal TCP window sizes to minimize the impact of latency on throughput...

Страница 15: ...ally discovers the first Steelhead appliance in the path The difference is only seen in environments where there are three or more Steelhead appliances in the network path for connections to be optimi...

Страница 16: ...the Accept peering rule action If enhanced auto discovery is enabled the Steelhead appliance only becomes the optimization peer if it is the last Steelhead appliance in the path to the server For deta...

Страница 17: ...ass mode the traffic passes through uninterrupted Traffic that was optimized might be interrupted depending on the behavior of the application layer protocols When connections are restored they succee...

Страница 18: ...nterface Reference Manual and the Network Interface Card Installation Guide Note The desktop Series 250 and 550 support fail to block mode Note The desktop Models 50 100 200 and 300 do not support fai...

Страница 19: ...FS performance even when the CIFS traffic is signed by the server In previous releases of RiOS signed CIFS traffic would receive Data and Transport Streamlining optimizations but no CIFS Application S...

Страница 20: ...This change only affects the 1U xx20 platforms which previously ran 32 bit code and with v5 5 and later now run 64 bit code With RiOS v5 5 all of the 1U xx20s 520 1020 1520 2020 2520 use a 64 bit imag...

Страница 21: ...Overview of the Steelhead Appliance All subsequent v4 1 x and v5 0 x releases allow for a normal upgrade to v5 5 Upgrading RiOS Software Follow these steps to upgrade your RiOS software These instruct...

Страница 22: ...h device Do not press Ctrl C unplug or otherwise shut down the system during this first boot There is no indication displayed during the system boot that the recovery flash device is being configured...

Страница 23: ...2 550 Desktop 66 5 W 541 A 66 5 227 BTU 160 GB 80 GB RSP Partition 55 GB 1 65 x 7 1 x 12 in 4 2 x 18 0 x 30 5 cm 4 12 lb 2 15 kg 100 240 V 50 60 Hz Single 100 W Internal 2 2 2 1050 1U L M H 138 151 W...

Страница 24: ...0 60 Hz 12 VDC 5 A 60 W Power Adaptor Single 60 W 200 55 31 5 W 0 5 A 0 5 107 BTU 60 GB 35 GB 1 75 x 8 75 x 6 in 4 4 x 22 2 x 15 2 cm 7 5 lb 3 4 kg 100 240 V 50 60 Hz 12 VDC 5 A 60 W Power Adaptor Sin...

Страница 25: ...1 spare 500 GB 5 2 x 17 7 x 25 5 in 13 2 x 45 x 64 7 cm 92 lb 42 kg 100 240 V 50 60 Hz Triple 760 W 5520 3U 435 425 W 3 7 A 0 97 1450 BTU 6 x 250 GB SATA 1 spare 700 GB 5 2 x 17 7 x 25 5 in 13 2 x 45...

Страница 26: ...1 x 42 7 x 40 9 cm 17 lb 7 7 kg 100 240 V 50 60 Hz Single 250 W 1010 1U 250 W 8A 4 A 2 27 A 110 V 1 76A 853 BTU 1 x 200 GB 80 GB 1 7 x 16 8 x 16 1 in 4 31 x 42 7 x 40 9 cm 17 lb 7 7 kg 100 240 V 50 60...

Страница 27: ...below Model 3000 3010 3510 5000 and 5010 Output Power 460 W Voltage 90 264 VAC Full Range Frequency 47 63Hz Input Current 8 0 4 0A for 115 230 VAC Inrush Current 60A 80A Max for 115 230 VAC per power...

Страница 28: ...10 000 ft 2020 10 35 C 50 95 F 40 65 C 40 149 F 20 80 non condensing 5 95 non condensing Up to 10 000 ft 2050 10 40 C 50 95 F 40 65 C 40 149 F 20 80 non condensing 5 95 non condensing Up to 10 000 ft...

Страница 29: ...s light and port locations Figure 1 2 Front Panel Figure 1 3 Back Pane The following table summarizes the system LEDs SYSTEM Healthy Blue Degraded Yellow Critical Red System Boot Yellow HDD ACT HDD Ac...

Страница 30: ...locations Figure 1 4 Front Panel Figure 1 5 Back Panel The following table summarizes the system LEDs SYSTEM LEDs Healthy Blue Degraded Yellow Critical Red System Boot Yellow NETWORK STATUS LEDs Fron...

Страница 31: ...nking Green Unit is halted but the power supplies are still connected to AC power Solid Orange AC power is not connected to this power supply but the unit is still powered on due to the other power su...

Страница 32: ...Figure 1 7 Back Panel SYSTEM LEDs Healthy Blue Degraded Yellow Critical Red System Boot Yellow NETWORK STATUS LEDs Link Solid Blue Activity Blinking Blue BYP BLK Bypass or Block Disconnect Mode Normal...

Страница 33: ...Green Healthy power supply with AC power connected Blinking Green Unit is halted but the power supplies are still connected to AC power Solid Orange AC power is not connected to this power supply but...

Страница 34: ...owing figure illustrates the Model 500 510 1000 1010 2001 and 2010 Figure 1 10 Front Panel Figure 1 11 Back Panel LED Button Color Condition Description Power Green ON System On WAN Green ON Linked Am...

Страница 35: ...w of the Steelhead Appliance Model 3000 3010 5000 and 5010 The following figure illustrates the Model 3000 3010 5000 and 5010 Figure 1 12 Front Panel Figure 1 13 Back Panel Series xx20 Rev A and Rev B...

Страница 36: ...hts and Ports Model 520 1020 1520 and 2020 Rev A The following figure illustrates the Model 520 1020 1520 and 2020 Rev A Figure 1 14 Front Panel Figure 1 15 Back Panel Model 520 1020 1520 and 2020 Rev...

Страница 37: ...6120 LED Indicator Description Blue amber system status indicator The blue system status indicator lights up during normal system operation To stop the indicator from blinking press the system status...

Страница 38: ...dition Description Power Green ON System On OFF System Off Hard Disk Drive Amber FLASHING Hard Disk Drive Activity OFF No Activity Network Green ON Linked FLASHING LAN Activity OFF Disconnected Overhe...

Страница 39: ...Port SX Fiber Gigabit Ethernet PCI E Bypass Card on page 41 Two Port LX Fiber Gigabit Ethernet PCI E Bypass Card on page 41 Four Port LX Fiber Gigabit Ethernet PCI E Bypass Card on page 42 Bypass Card...

Страница 40: ...rt Copper Gigabit Ethernet PCI E Bypass card status and LED lights Two Port SX Fiber Gigabit Ethernet PCI E Bypass Card The following section describes the Two Port SX Fiber Gigabit Ethernet PCI E Byp...

Страница 41: ...Port SX Fiber Gigabit Ethernet PCI E Bypass card status and LED lights Two Port LX Fiber Gigabit Ethernet PCI E Bypass Card The following section describes the Two Port LX Fiber Gigabit Ethernet PCI...

Страница 42: ...tus lights for the bypass cards supported on Series xx00 xx10 and xx20 platforms It includes the following sections Bypass Card Manufacturing Numbers Series xx00 xx10 and xx20 next Two Port Copper Fas...

Страница 43: ...lights on the right correspond to the WAN link Description Old Manufacturing Part New Manufacturing Part Orderable Part Two Port Copper Fast Ethernet Bypass Card CMP 00005 150 00001 Only on existing...

Страница 44: ...path_ipaddr b broadcast_ip_addr For example where the netmask is 24 ping c 1 I 10 11 128 8 b 10 11 128 255 This ping command creates a loop for testing the Steelhead appliance in isolation Two Port Co...

Страница 45: ...abit Ethernet Bypass Card B The following section describes the Two Port Copper Gigabit Ethernet Bypass Two Port Copper Gig E Bypass Card B 150 00002 status lights Figure 1 27 Two Port Copper Gigabit...

Страница 46: ...sole and the CLI are a combination of the slot number and the port pairs lan slot _ pair wan slot _ pair For example if a four port bypass card is located in slot 0 of your system the interface names...

Страница 47: ...our port bypass card is located in slot 0 of your appliance the interface names are lan0_0 wan0_0 lan0_1 and wan0_1 respectively Alternatively if the bypass card is located in slot 1 of your appliance...

Страница 48: ...SX Fiber Gig E Bypass card 150 00010 status lights Figure 1 32 Four Port SX Fiber Gig E Bypass Card The Bypass LED is ON Green if the Four Port Copper Gig E Bypass card is in bypass mode it is OFF if...

Страница 49: ...on page 71 Important Please read and follow the safety guidelines described in the Safety and Compliance Guide Failure to follow these safety guidelines can result in damage to the equipment Choosing...

Страница 50: ...N traffic can pass through or be redirected to the Steelhead appliance For detailed information about your deployment options and best practices for deploying Steelhead appliances see the Steelhead Ap...

Страница 51: ...ath In an out of path deployment the Steelhead appliance is not in the direct path between the client and the server In an out of path deployment the Steelhead appliance acts as a proxy This type of d...

Страница 52: ...Steelhead appliance is completely assembled with all the equipment parts in place and securely fastened Before you install the Steelhead appliance make sure your site meets the following requirements...

Страница 53: ...o complete the initial configuration of the Steelhead appliance Be prepared to provide values for the parameters listed in the following checklist Note The Steelhead appliance automatically negotiates...

Страница 54: ...tion Guide Port Description Console Connects the serial cable to a terminal device You establish a serial connection to a terminal emulation program for console access to the configuration wizard and...

Страница 55: ...ote If your model has multiple power supplies you must plug in all the power cords or you will hear an alarm Important The Model 50 100 200 or 300 is designed for the desktop If you install the Model...

Страница 56: ...ol Note If you are using the Steelhead appliance with a terminal server the terminal server must use hardware flow control for the port connected to the Steelhead appliance Tip Riverbed recommends you...

Страница 57: ...alf duplex This duplex mismatch passes traffic but it causes late collisions and results in degraded optimization To achieve maximum optimization set your network devices to 100 and full To avoid dupl...

Страница 58: ...nter yes at the system prompt For example Do you want to use the configuration wizard for initial configuration yes 3 Complete the configuration wizard steps on the client side and the server side Ste...

Страница 59: ...nterface Make sure this value matches the settings on your router or switch The default value is auto Step 12 Set the primary interface duplex auto auto Step 13 Would you like to activate the in path...

Страница 60: ...17 Set the in path LAN interface speed auto 18 Set the in path LAN interface duplex auto 19 Set the in path WAN interface speed auto 20 Set the in path WAN interface duplex auto To change an answer e...

Страница 61: ...ch Cross over cable WAN port on the appliance to the WAN router To connect to your network 1 Plug the straight through cable into the Primary port of the Steelhead appliance and the LAN switch This ca...

Страница 62: ...s to verify that you have properly connected the Steelhead appliance To verify your connections 1 Verify that you can connect to the CLI using one of the following devices An ASCII terminal or emulato...

Страница 63: ...Steelhead Appliance Installation and Configuration Guide 63 Configuring In Path Steelhead Appliances Installing and Configuring the Steelhead Appliance Figure 2 10 Resolving IP Connectivity...

Страница 64: ...zard Note Cookies and Javascript must be enabled in your Web browser To connect to the Management Console 1 Enter the URL for the Management Console in the location box of your Web browser protocol ho...

Страница 65: ...aces you must make sure that the Steelhead appliance negotiated the speed and duplex at the rate your devices expect For example ensure settings are auto on the LAN and WAN and 100 FULL on the LAN and...

Страница 66: ...optimization might be degraded The configuration wizard automatically starts when you log into the Steelhead CLI for the first time For detailed information about the configuration wizard and how to r...

Страница 67: ...server 10 0 0 2 Step 7 Domain name Enter the domain name for the network where the Steelhead appliance is to reside If you set a domain name you can enter host names in the system without the domain...

Страница 68: ...system enter the following command at the system prompt amnesiac exit Step 12 Set the primary interface duplex Enter the duplex mode on the primary interface type a value at the system prompt Make sur...

Страница 69: ...ration you configure the client side Steelhead appliance in the same way as an in path configuration For optimization to occur you must define a fixed target rule on the client side Steelhead applianc...

Страница 70: ...out of path deployment and you want to optimize MAPI Exchange you must specify the MAPI end point port 135 the Steelhead appliance port used for Exchange traffic 7830 and the Steelhead appliance port...

Страница 71: ...enabled on Windows 2000 Service Pack 3 Critical fix Q329170 Identifying Poor CIFS Performance You can identify poor CIFS performance by the examining the Steelhead appliance log files in the Managemen...

Страница 72: ...ng factors If the client side machine has Required signing enabling the Secure CIFS feature prevents the client from connecting to the server If the server side machine has Required signing the client...

Страница 73: ...Secure CIFS feature does not disable SMB signing you must revise the default SMB registry parameters SMB signing is controlled by the following registry parameters enablesecuritysignature SSEn requir...

Страница 74: ...f SMB signing is set to required do not disable it on the server For the best performance it should be enabled on the clients disabled on file servers and enabled on domain controllers Number Paramete...

Страница 75: ...r servers that you want to optimize Tip You can also open a command prompt and enter gpupdate exe Force which forces the group policy you just modified to become active without rebooting You can verif...

Страница 76: ...ling SMB Signing 3 Click the Group Policy tab 4 Click Default Domain Controllers Policy and select Edit 5 Click Default Domain Controllers Policy Computer Configuration Windows Settings Security Setti...

Страница 77: ...ck Reports to display the Reports Bandwidth Optimization page 3 Under Network click Current Connections to display the Reports Network Current Connections page 4 Check for protocol errors Protocol err...

Страница 78: ...78 Steelhead Appliance Installation and Configuration Guide Installing and Configuring the Steelhead Appliance Disabling SMB Signing...

Страница 79: ...ent Guide Common Problems The problems described in this section are common problems encountered by customers who have contacted Riverbed Technical Support for assistance Riverbed recommends that you...

Страница 80: ...device deployed prior to the Steelhead appliance Manually configure the same speed for your router switch the Steelhead appliance primary interface the Steelhead appliance LAN interface the Steelhead...

Страница 81: ...but applications are not 2x you might be experiencing op lock issues This is often due to an old anti virus For example McAfee 4 5 on the client or an anti virus is competing with the application for...

Страница 82: ...r example at the system prompt enter the CLI command in path enable In path client out of path support If necessary disable in path client out of path support For example at the system prompt enter th...

Страница 83: ...get rules that points to the remote Steelhead appliance port 7800 or you change the configuration on the firewall LAN and WAN bandwidth and reliability Check client and server duplex issues or VoIP tr...

Страница 84: ...port at https support riverbed com because it is possible the appliance has a defective power supply that needs to be replaced The Steelhead appliance blocks traffic when going into bypass mode If a S...

Страница 85: ...mode 6 Enter 1 to select the boot parameters and then enter E to enter edit mode 7 A partial line of text is displayed 8 Append single to the end of the partial line of text that is displayed IMPORTA...

Страница 86: ...lem occurs in single user mode contact Riverbed Technical Support at https support riverbed com The Steelhead appliance fails to boot Ensure that The Steelhead appliance is properly plugged in The pow...

Страница 87: ...activated For example at the system prompt enter the show licenses CLI command For questions about licenses contact Riverbed Technical Support at https support riverbed com The power light on a Steelh...

Страница 88: ...other cases run the CLI command show raid diagram and contact Riverbed Technical Support at https support riverbed com 3020 3520 5520 6020 6120 Interceptor 9200 Loud periodic beep Indicates a RAID iss...

Страница 89: ...Directory ADS Active Directory Services AES Advanced Encryption Standard APT Advanced Packaging Tool AR Asymmetric Routing ARP Address Resolution Protocol BDP Bandwidth Delay Product BW Bandwidth CA...

Страница 90: ...DHCP Dynamic Host Configuration Protocol DNS Domain Name Service DR Data Replication DSA Digital Signature Algorithm DSCP Differentiated Services Code Point ECC Error Correcting Code ERP Enterprise Re...

Страница 91: ...Gateway Protocol IOS Cisco Internetwork Operating System IKE Internet Key Exchange IP Internet Protocol IPMI Intelligent Platform Management Interface IPSec Internet Protocol Security Protocol ISL In...

Страница 92: ...Translate NFS Network File System NIS Network Information Services NSPI Name Service Provider Interface NTLM Windows NT LAN Manager NTP Network Time Protocol OSI Open System Interconnection OSPF Open...

Страница 93: ...rds SDR Scalable Data Referencing SEL System Event Log SFQ Stochastic Fairness Queuing SMB Server Message Block SMI Structure of Management Information SMTP Simple Mail Transfer Protocol SNMP Simple N...

Страница 94: ...Service U Unit UDP User Diagram Protocol UNC Universal Naming Convention URL Uniform Resource Locator UTC Universal Time Code VGA Video Graphics Array VLAN Virtual Local Area Network VoIP Voice over...

Страница 95: ...twork segments that use the same communications protocol Bridges operate at the data link layer Layer 2 of the OSI reference model In general a bridge filters forwards or floods an incoming frame base...

Страница 96: ...y is required for optimization to occur Ethernet The most widely used Local Area Network LAN access method Fat Client A client computer which provides large size applications independently of the cent...

Страница 97: ...tion is made between two elements systems or devices so that they can communicate with one another Internet The collection of networks tied together to provide a global network that use the TCP IP sui...

Страница 98: ...class of the address and the subnet field should be contiguous with the network portion Neural Network A modeling technique based on the observed behavior of biological neurons and used to mimic the...

Страница 99: ...most expedient route traffic load line costs speed bad lines etc Routers work at Layer 3 in the protocol stack whereas bridges and switches work at Layer 2 SDR Scalable Data Referencing Process that...

Страница 100: ...gured LAN or broadcast domain Instead of going to the wiring closet to move a cable to a different LAN network administrators can remotely configure a port on an 802 1Q compliant switch to belong to a...

Страница 101: ...rview of 71 SMB signing viewing current settings for 72 troubleshooting 81 Client side appliance configuring 69 CMC overview of 14 Common problems 79 Configuration information required 53 configuratio...

Страница 102: ...ss through rules overview of 15 Peering rules overview of 16 Physical in path deployment diagram of 50 Physical in path overview of 50 Ports definitions of 54 Power light 84 87 Preparing your site 52...

Страница 103: ...A CMP 00053 illustration of 44 Two Port Gig E Bypass card B CMP 00028 illustration of 45 V Virtual in path deployments overview of 50 W WAN and LAN connections troubleshooting 80 WAN port connecting 6...

Страница 104: ...104 Steelhead Appliance Installation and Configuration Guide Index...

Результаты поиска

Содержание Steelhead 1050 Series

Отзывы:

Бренды по названию

Популярные бренды

Riverbed Steelhead 1050 Series, Руководство по установке и настройке

Результаты поиска

Содержание Steelhead 1050 Series

Отзывы:

Бренды по названию

Популярные бренды