beautypg.com

Configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade LB Cards User Manual

Page 221

background image

210

Configuration example

Network requirements

As shown in

Figure 102

, configure devices as follows:

LB connects to Host and Router.

NAT is enabled on GigabitEthernet 0/2 of LB.

Configure IP virtual fragment reassembly on security zone Trust of LB.

Figure 102 Network diagram

Configuration procedure

1.

As shown in

Figure 102

, assign IP addresses to the interfaces and add them into security zones.

(Details not shown.)

2.

Configure the host:
# Configure a route so that the Host, LB, and Router can communicate with each other. (Details not
shown.)

3.

Configure LB:
# Configure NAT and IP virtual fragment reassembly.

system-view

[LB] nat static 10.1.1.1 11.2.2.3

[LB] interface gigabitethernet 0/2

[LB-GigabitEthernet0/2] nat outbound static

[LB-GigabitEthernet0/2] quit

[LB-GigabitEthernet0/2] ip virtual-reassembly

# Configure IP virtual fragment reassembly on security zone Trust.

[LB] zone name trust

[LB-zone-trust] ip virtual-reassembly

With the IP virtual fragment reassembly feature, LB checks, sequences, and caches fragments that

do not arrive in order at GigabitEthernet 0/2. You can use the display ip virtual-reassembly
command to display related information.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: