beautypg.com

Configuring four-subnet fwlb, Configuring four-subnet fwlb 329, Figure 13-7: four-subnet fwlb example network 329 – Nortel Networks WEB OS 212777 User Manual

Page 329

background image

Web OS 10.0 Application Guide

Chapter 13: Firewall Load Balancing

n

329

212777-A, February 2002

Configuring Four-Subnet FWLB

An example network for four-subnet FWLB is illustrated in

Figure 13-7

. While other complex

topologies are possible, this example assumes a high-availability network using block (rather
than diagonal) interconnections between switches.

Figure 13-7 Four-Subnet FWLB Example Network

N

OTE

The port designations of both dirty-side Web switches are identical, as are the port

designations of both clean-side Web switches. This simplifies configuration by allowing you to
synchronize each primary Web switch’s configuration with the secondary.

Four-subnet FWLB configuration is summarized as follows:

n

Configure routers and firewalls and test them for proper operation.

n

Configure VLANs, IP interfaces, and static routes on all Web switches and test them.

n

Configure secondary web switches with VRRP support settings.

n

Configure FWLB groups and redirection filters on the primary dirty-side Web switch.

n

Configure and synchronize VRRP on the primary dirty-side Web switch.

n

Configure FWLB and SLB groups, and add FWLB redirection filters on the primary
clean-side Web switch.

n

Configure VRRP on the primary clean-side Web switch and synchronize the secondary.

These steps are explained in detail in the following sections.

Subnet 1 (VLAN 1):
195.1.1.0/24

Subnet 2 (VLAN 2):
10.10.2.0/24

Subnet 3 (VLAN 3):
10.10.3.0/24

Subnet 4 (VLAN 4):
10.10.4.0/24

Dirty Side

Clean Side

Internet

1

1

2

2

9

9

3

3

4

4

9

9

Router

195.1.1.1

Router

195.1.1.2

Firewall #1

Dirty: 10.10.2.3

Clean: 10.10.3.3

Firewall #2

Dirty: 10.10.2.4

Clean: 10.10.3.4

10.10.4.20

10.10.4.21

10.10.4.22

Web Switch #3
IF1: 10.10.4.10

IF2: 10.10.3.1

IF3: 10.10.3.2/32

VIP: 10.10.4.100

Web Switch #4
IF1: 10.10.4.11
IF2: 10.10.3.11

IF3: 10.10.3.12/32

VIP: 10.10.4.100

Web Switch #1
IF1: 195.1.1.10

IF2: 10.10.2.1

IF3: 10.10.2.2/32

Web Switch #2
IF1: 195.1.1.11
IF2: 10.10.2.11

IF3: 10.10.2.12/32

VIR

195.1.1.9

VIR
10.10.2.9

VIR

10.10.3.9

VIR
10.10.4.9

See also other documents in the category Nortel Networks Hardware: