of 43
7/25/2019 A Sample Configurations for Load Balancers
1/43
A Sample Configurations for Load Balancers
This appendix provides sample configurations for commonly used load balancers. It contains
these sections:
Section A.1, "Test et!or #onfiguration"
Section A.$, "%& 'ig I( Application S!itch )Soft!are *ersion +.& (T%.&"
Section A.-, "#isco #S -.1)$"
Section A.+, "%oundry Server Iron v/0.1.//cT$+"
Section A.&, "ortel Alteon $+$+ SS )Soft!are *ersion $/.$.$.1"
Section A.2, "3ad!are 4eb Server 5irector ( !ith SynApps 6.&/./&"
A.1 Test Network Configuration
This section identifies the elements of the net!or configuration and considerations for the
operation of 7racle Application Server components.%igure A81sho!s the configuration, its
subnets, and the placement of the 7racle Application Server components in it.
%igure A81 Test et!or #onfiguration
1
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCJCCIGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBFBJhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCDDHDHhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCFEBFGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCGGGIIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCHJCJBhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBFBJhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCDDHDHhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCFEBFGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCGGGIIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCHJCJBhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCJCCIG7/25/2019 A Sample Configurations for Load Balancers
2/43
5escription of "%igure A81 Test et!or #onfiguration"
A.1.1 Network Subnets in the Test Configuration
The test net!or consists of several subnets for deployment of the hard!are and 7racle
Application Server components:
Internet
Simulated public net!or
%ire!all8oad 'alancer Transport et
et!or bet!een the border fire!all and load balancer external interface
59 or 4eb Tier
The 7racleAS Single Sign87n middle tiers are installed on this tier. This subnet has t!ogate!ays:
o Internal interface of the load balancer
o %ire!all interface to the data tier
5ata Tier
2
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted009.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted009.htm7/25/2019 A Sample Configurations for Load Balancers
3/43
The 7racle Application Server Infrastructure instance are installed on this tier. This is a
protected net!or.
A.1.2 ardware in the Test Configuration
The test configuration contains the follo!ing hard!are:
#isco (ix border or gate!ay fire!all
#hec (oint %ire!all81 internal fire!all )59 to the Intranet
7ne of the follo!ing load balancers )%& 'ig I( !as used in 7racle tests:
%& 'ig I( Application S!itch )Soft!are *ersion +.& (T%.&
#isco #S -.1)$
%oundry Server Iron v/0.1.//cT$+
ortel Alteon $+$+ SS )Soft!are *ersion $/.$.$.1
3ad!are 4eb Server 5irector ( !ith SynApps 6.&/./&
A.1.! Configuration of Load Balancers and "irewalls for #racle Application
Ser$er Component igh A$ailabilit%
7racleAS (ortal and 7racleAS 4ireless use server8to8server communication. This means that an
7racleAS (ortal or 7racleAS 4ireless instance must be able to mae ;TT( or ;TT(S re
7/25/2019 A Sample Configurations for Load Balancers
4/43
After the (arallel (age =ngine re
7/25/2019 A Sample Configurations for Load Balancers
5/43
5escription of "%igure A8- 3e$.120.$//./?$+ )59$
Internal: 1>$.120././?$+ )591
T!o interfaces !ere created:
1.1 1>$.120.$//.&?$+ )=xternal
1.$ 1>$.120./.1?$+ )Internal
ote:
5
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htm7/25/2019 A Sample Configurations for Load Balancers
6/43
In the configuration for port 1.$, Secure et!or Address Translation
)SAT automap !as also enabled.
A.2.2 Ser$ers-Nodes for the Big (& Configuration
As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for the
middle tier installations and 7racleAS Single Sign87n servers:
pdln8mid1.pdx.com
pdln8mid$.pdx.com
pdln8sso1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
pdln8sso$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
A.2.! &ools for the Big (& Configuration
The follo!ing pools !ere created:
(ool 1: ;TT(
pdln8mid1.pdx.com )(ort 6666
pdln8mid$.pdx.com )(ort 6666
=nable SAT
(ool $: 7racleAS Single Sign87n
pdln8sso1.pdx.com )(ort 6666
pdln8sso$.pdx.com )(ort 6666
=nable SAT
(ersistent rebalance
(ool -: 7racleAS 4eb #ache Invalidation
pdln8mid1.pdx.com )(ort >+/1
6
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEF7/25/2019 A Sample Configurations for Load Balancers
7/43
pdln8mid$.pdx.com )(ort >+/1
=nable SAT
A.2.+ *irtual Ser$ers )*(&s, for the Big (& Configuration
The follo!ing virtual servers !ere used:
Table A81 *irtual Servers for the 'ig I( #onfiguration
Name (& Address &ort &ool
*I(1 1>$.120.$//.1/ 0/ 1
*I($ 1>$.120.$//.11 0/ $
*I(- 1>$.120.$//.1/ >+/1 -
A.2.' Load Balancing ethod for the Big (& Configuration
The follo!ing load balancing methods !ere used:
iddle tiers: 3ound 3obin !ith basic ;TT( health chec
Identity anagement: east #onnections !ith 7racleAS Single Sign87n health chec
)in8house
A.2./ ealth onitors for the Big (& Configuration
@ou can create health monitors for 7racle Application Server components as described in thissection.
A.2./.1 #racleAS Single Sign0#n
Send String: =T ?sso?status
3eceive 3ule: The 7#+BS=#C3IT@ instance is running
A.2./.2 iddle Tier Components
7
7/25/2019 A Sample Configurations for Load Balancers
8/43
Since there are multiple components running on the middle tiers, the best !ay to monitor this is
!ith an ;TT( =T ?. @ou can also create customiDed health checs using 7racleAS (ortal and
7racleAS 4ireless status pages.
A.2./.! #racleAS eb Cache (n$alidation
A health monitor is needed for 7racleAS 4eb #ache invalidation messages. Cse ;TT( 7I
to monitor these messages.
A.2./.+ #racle (nternet irector% LA&
onitor 7racle Internet 5irectory 5A( communication using 5A( 7I.
A.2./.' SSL Configuration
'ecause t!o different hosts )sso8linux and linux !ere used, t!o proxies, each !ith its o!n
certificate, !ere created:
(roxy 1
Type: SS
I(:(ort: 1>$.120.$//.1/:++- )linux.pdx.com
5estination ;ost: 1>$.120.$//.1/:0/ )linux.pdx.com
)#ertificate information here
(roxy $
Type: SS
I(:(ort: 1>$.120.$//.11:++- )sso8linux.pdx.com
5estination ;ost: 1>$.120.$//.11:0/ )sso8linux.pdx.com
)#ertificate information here
These proxies decrypt the ;TT(S session in 'ig I(Es internal SS accelerator and for!ard the;TT( traffic bac to the *I(.
A.2.3 #racleAS &ortal Configuration Notes for Big (&
In order to use the load balancer to handle the (arallel (age =ngine re
7/25/2019 A Sample Configurations for Load Balancers
9/43
1. In the net!or configuration, chec SAT Automap for the self I( of the internal
interface.
$. In the middle tier pool configuration, ensure that SAT is enabled and AT is disabled.
-. Issue the follo!ing command:
b vlaninternalsnat automap enable
In the preceding command, internal is the I( address of the internal interface.
+. Test the configuration !ith a telnet command from one of the middle tiers to the *I(address on port 0/, !ith a ;=A5 re
7/25/2019 A Sample Configurations for Load Balancers
10/43
SS, you must also import #A and Site certificates into the 7racleAS 4ireless configuration.
See the 7racle Application Server 4ireless AdministratorEs uide for instructions.
A.2.5 #racleAS eb Cache Configuration Notes for Big (&
If you are using 7racleAS 4eb #ache !ith 'ig I(, ensure that the 'ig I( version is at least +.&(T%&, !ith the fix described in the %& document $01&+. 4ithout this version and the fix, severe
performance problems !ill occur. )In versions later than +.& (T%&, the problems have beenfixed.
A.! Cisco CS !.1)2,
This section describes the net!or configuration necessary to test the #isco #S -.1)$ load
balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$ application server.
A.!.1 Subnets for the CS !.1)2, Configuration
The follo!ing subnets !ere used in the #isco #S -.1)$ configuration:
=xternal: 1>$.120.$//./?$+ )59$
Internal: 1>$.120././?$+ )591
A.!.2 Ser$ers-Nodes for the Cisco CS !.1)2, Configuration
As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for the
middle tier installations and 7racleAS Single Sign87n servers:
pdln8mid1.pdx.com
pdln8mid$.pdx.com
pdln8sso1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
pdln8sso$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
A.!.! *LANs for the Cisco CS !.1)2, Configuration
The follo!ing *As !ere created:
*A $: #lient
*A $//: Server )4eb tier
10
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEF7/25/2019 A Sample Configurations for Load Balancers
11/43
*A +//: Server )SS
A.!.+ Ser$er "arms for the Cisco CS !.1)2, Configuration
The follo!ing server farms !ere created:
;TT(SB(77 )3edirection to SS Accelerator
AT server
o AT client
3eal 1>$.120.1//.1/
ICFB%A3
AT server
o AT client
3eal 1>$.120./.1/+ 6666
3eal 1>$.120./.1/& 6666
ICFB%A3$
AT server
AT client S7C3#=AT )for (arallel (age =ngine re$.120./.1/+ 6666
3eal 1>$.120./.1/& 6666
SS7B%A3
AT server
o AT client
3eal 1>$.120./.1/1 6666
SS7 %A3$
AT server
11
7/25/2019 A Sample Configurations for Load Balancers
12/43
AT client S7C3#=AT
3eal 1>$.120./.1/1
SS7BSS8A )3edirection to SS Accelerator
AT server
o AT client
3eal 1>$.120.1//.11
4#BI*A )4eb #ache Invalidation
AT server
AT client 4='#A#;= )for AT of invalidation re$.120./.1/1 >+/1
3eal 1>$.120./.1/& >+/1
A.!.' *irtual Ser$ers )*(&s, for the Cisco CS !.1)2, Configuration
This section describes the virtual servers in the #isco #S -.1)$ configuration.
A.!.'.1 *irtual Ser$ers for #utside Traffic Access to Ser$er "arms
;TT(SB(77 )3edirect to SS Accelerator
*irtual 1>$.120.$//.1/ tcp https
Serverfarm ;TT(SB(77
Sticy 1$/ group +
o persistent rebalance
;TT(B(77 );TT( direct to servers
*irtual 1>$.120.$//.11 tcp https
*A $
Serverfarm ICFB%A3
12
7/25/2019 A Sample Configurations for Load Balancers
13/43
Sticy 1$/ group $
Idle 6$//
(eristent rebalance
SS7- )SS redirection to the SS Accelerator
*irtual 1>$.120.$//.11 tcp https
*A $
Serverfarm SS7BSS8A
(ersistent rebalance
A.!.'.2 Stick% Configuration
sticy $ netmas $&&.$&&.$&&.$&& timeout 1$/
sticy - ssl timeout 1$/
sticy + netmas $&&.$&&.$&&.$&& timeout 1$/
A.!.'.! *irtual Ser$ers for TT& 6e7uest "orwarding "rom the SSL Accelerator
;TT(B(77- )Accept re$.120.$//.1/ tcp !!!
*A +//
Serverfarm ICFB%A3
(ersistent rebalance
SS7 )Accepts ;TT( re$.120.$//.11 tcp https
*A +//
Serverfarm SS7B%A3
Idle 6$//
13
7/25/2019 A Sample Configurations for Load Balancers
14/43
(ersistent rebalance
A.!.'.+ *irtual Ser$ers for Traffic from *LAN for &arallel &age 8ngine 6e7uests
;TT(8$ )Accept re$.120.$//.1/ tcp !!!
*A $//
Serverfarm ICFB%A3$
(ersistent rebalance
In order to allo! the !ireless authentication using 7racleAS Single Sign87n, the
follo!ing virtual server must be created on the middle tier *A to allo!
communication from the 7racleAS (ortal middle tier to the 7racleAS Single Sign87nserverEs *I(:
SS7$
*irtual 1>$.120.$//.11 tcp https
*A $//
Serverfarm SS7B%A3$
(ersistent rebalance
The follo!ing virtual server is re
7/25/2019 A Sample Configurations for Load Balancers
15/43
telnet 192.168.200.10 80
HEAD
A response similar to the follo!ing should be returned:
Date: Wed, 02 Jun 200 1!:08:2! "#$
Allo%: "E$, HEAD
&erver: 'ra(leA&)Web)*a(+e)10-10.1.2.0.0
*ontent)$pe: te/t-+tml
*ontent)ent+: 100
*a(+e)*ontrol: publi(
ote:
@ou can perform the same test for the invalidation communication from theInfrastructure database. Syntax errors may occur !ith these re
7/25/2019 A Sample Configurations for Load Balancers
16/43
(lo( timeone 4&$ )8(lo( summer)time 4D$ re(urrin(lo( (alendar)validredundan(main)(pu auto)sn( standarddianosti( level (ompleteip subnet)erono ip domain)looupno mls ip multi(ast areateno mls ip multi(ast non)rp (emls >os statisti(s)e/port interval 300mls >os statisti(s)e/port delimiter @module *ontent&%it(+in#odule 3vlan 2 (lient ip address 192.168.200.! 2!!.2!!.2!!.0 ate%a 192.168.200.1
vlan 200 server ip address 192.168.0.1 2!!.2!!.2!!.0vlan 00 server ip address 192.168.100.1 2!!.2!!.2!!.0natpool WE?*A*HE 192.168.200.12! 192.168.200.12! netmas 2!!.2!!.2!!.0natpool &'7*E5A$ 192.168.200.100 192.168.200.100 netmas 2!!.2!!.2!!.0serverarm H$$4&B4'' nat serverno nat (lient
real 192.168.100.10 inservi(eserverarm =5;BCA7# nat serverno nat (lient
real 192.168.0.10 inservi(e real 192.168.0.10! inservi(eserverarm =5;BCA7#2 nat servernat (lient &'7*E5A$
real 192.168.0.10 inservi(e real 192.168.0.10! inservi(eserverarm &&'BCA7# nat serverno nat (lient
real 192.168.0.100 no inservi(e
16
7/25/2019 A Sample Configurations for Load Balancers
17/43
real 192.168.0.101 inservi(eserverarm &&'BCA7#2 nat servernat (lient &'7*E5A$real 192.168.0.101
inservi(eserverarm &&'B&&)A nat serverno nat (lient
real 192.168.100.11 inservi(eserverarm W*B=5A nat servernat (lient WE?*A*HEreal 192.168.0.10 901
inservi(e
real 192.168.0.10! 901 inservi(esti( 2 netmas 2!!.2!!.2!!.2!! timeout 120sti( 3 ssl timeout 120sti( netmas 2!!.2!!.2!!.2!! timeout 120vserver H$$4)2 virtual 192.168.200.10 t(p %%% vlan 200 serverarm =5;BCA7#2 persistent rebalan(e inservi(evserver H$$4&B4'' virtual 192.168.200.10 t(p +ttps serverarm H$$4&B4'' sti( 120 roup idle 200 no persistent rebalan(e inservi(evserver H$$4B4'' virtual 192.168.200.10 t(p %%% vlan 2 serverarm =5;BCA7# sti( 120 roup
idle 200 persistent rebalan(e inservi(evserver H$$4B4''3 virtual 192.168.200.10 t(p %%% vlan 00 serverarm =5;BCA7# persistent rebalan(e inservi(e
17
7/25/2019 A Sample Configurations for Load Balancers
18/43
vserver &&' virtual 192.168.200.11 t(p %%% vlan 00 serverarm &&'BCA7# idle 200 persistent rebalan(e inservi(evserver &&'2 virtual 192.168.200.11 t(p +ttps vlan 200 serverarm &&'BCA7#2 persistent rebalan(e inservi(evserver &&'3 virtual 192.168.200.11 t(p +ttps vlan 2 serverarm &&'B&&)A
persistent rebalan(e inservi(evserver WE?*A*HEB=5A virtual 192.168.200.10 t(p 901 vlan 200 serverarm W*B=5A persistent rebalan(e inservi(eintera(e "iabitEt+ernet1-1no ip addresss+utdo%nintera(e "iabitEt+ernet1-2no ip addresss+utdo%nintera(e CastEt+ernet2-1 #anaement =ntera(eFip address 138.1.33.10! 2!!.2!!.2!!.128duple/ ullspeed 100intera(e CastEt+ernet2-2
no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 2s%it(+port mode a((essintera(e CastEt+ernet2-3no ip addressduple/ ull
18
7/25/2019 A Sample Configurations for Load Balancers
19/43
speed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-!no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((ess
intera(e CastEt+ernet2-6no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-no ip addressduple/ ullspeed 100
s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-8no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-9
no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-10no ip address
19
7/25/2019 A Sample Configurations for Load Balancers
20/43
duple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-11no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-12no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200
s%it(+port mode a((essintera(e CastEt+ernet2-13no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-1no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e lan1no ip addresss+utdo%nintera(e lan200no ip addressip deault)ate%a 138.1.3.229
ip (lasslessno ip +ttp serverttp)server slot0:(6slb)ap(.2)1)1.binline (on 0line vt 0 pass%ord %el(omeloin
20
7/25/2019 A Sample Configurations for Load Balancers
21/43
transport input lat pad mop telnet rloin udptn nasiendpd)(at6G
A.+ "oundr% Ser$er (ron $:4.1.::cT2+
This section describes the net!or configuration necessary to test the %oundry Server Ironv/0.1.//cT$+ load balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$
application server.
A.+.1 Subnets for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration
The follo!ing subnets !ere used in the %oundry Server Iron v/0.1.//cT$+ configuration:
=xternal: 1>$.120.$//./?$+ )59$
Internal: 1>$.120././?$+ )591
A.+.2 Ser$ers-Nodes for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration
As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for themiddle tier installations and 7racleAS Single Sign87n servers:
pdln8mid1.pdx.com
pdln8mid$.pdx.com
pdln8cache1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
pdln8cache$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
A.+.! 6eal Ser$ers for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration
Server1/- 1>$.120./.1/& )7racleAS (ortal on pdln.mid1
Source8AT
(ort 6666
(ort >+/1
Server1/$ 1>$.120./.1/+ )7racleAS (ortal on pdln8mid$
Source8AT
21
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEF7/25/2019 A Sample Configurations for Load Balancers
22/43
(ort 6666
(ort >+/1
Server1/1 1>$.120.$//.1/1 )Identity anagement and 7racleAS Single Sign87n middle
tier on pdln8cache1
(ort 6666
To verify the (arallel (age =ngine communication from the middle tiers, follo! these steps:
1. Test the configuration !ith a telnet command from one of the middle tiers to the *I(
address on port 0/, !ith a ;=A5 re
7/25/2019 A Sample Configurations for Load Balancers
23/43
In order for invalidation to !or correctly, you must ensure that client AT is enabled on each of
the real servers on !hich 7racleAS 4eb #ache is installed. @ou may also need to create a static
route on the fire!all to ensure that invalidation re
7/25/2019 A Sample Configurations for Load Balancers
24/43
port ssl no)+ealt+)(+e(server (a(+e)name sslB11 192.168.100.11port +ttpport +ttp no)+ealt+)(+e(port +ttp url HEAD -port sslport ssl no)+ealt+)(+e(server real server100 192.168.0.100sour(e)natport server virtual 200B10 192.168.200.10sm)priorit 2!port +ttpport +ttp spooinport 901port 8
port ssl sti(bind +ttp server102 server103 bind 901 server102 901 server103 901bind ssl sslB10 sslserver virtual 200B11 192.168.200.11sm)priorit 2!port +ttpport +ttp spooinport ssl sti(bind +ttp server100 bind ssl sslB11 sslserver vip)roup 1vip 192.168.200.10vip 192.168.200.11server (a(+e)roup 1(a(+e)name sslB10(a(+e)name sslB11vlan 1 name DECA$)A5 b portvlan 092 name internal b portuntaed et+e 2-! to 2-8 et+e -13 to -18 et+e -23 to -2router)intera(e ve 1
vlan 093 name e/ternal b portuntaed et+e 2-1 to 2- et+e -1 to -12router)intera(e ve 2vlan 09! name && b portuntaed et+e -19 to -21router)intera(e ve 3+ostname &erver=ronB1
24
7/25/2019 A Sample Configurations for Load Balancers
25/43
ip deault)net%or 192.168.200.1-2ip l)poli( 1 (a(+e t(p 0 lobalip l)poli( 2 (a(+e t(p ssl lobalip route 0.0.0.0 0.0.0.0 192.168.200.1ip route 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200username t%illard pass%ord .....router vrrpsnmp)server (ommunit ..... r%intera(e et+ernet 2-1(onirm)port)up 6intera(e et+ernet 2-2(onirm)port)up 6intera(e et+ernet 2-3(onirm)port)up 6intera(e et+ernet 2-
(onirm)port)up 6intera(e et+ernet 2-!(onirm)port)up 6intera(e et+ernet 2-6(onirm)port)up 6intera(e et+ernet 2-(onirm)port)up 6intera(e et+ernet 2-8(onirm)port)up 6intera(e et+ernet -1speed)duple/ 100)ullintera(e et+ernet -13speed)duple/ 100)ullintera(e ve 1ip address 192.168.0.1 2!!.2!!.2!!.0ip vrrp vrid 1 o%ner advertise ba(up ip)address 192.168.0.1 vip)roup 1
tra()port ve 2 a(tivateintera(e ve 2ip address 192.168.200.! 2!!.2!!.2!!.0ip vrrp vrid 2 o%ner advertise ba(up ip)address 192.168.200.! tra()port ve 1
25
7/25/2019 A Sample Configurations for Load Balancers
26/43
a(tivateintera(e ve 3ip address 192.168.100.1 2!!.2!!.2!!.0ip vrrp vrid 3 o%ner advertise ba(up ip)address 192.168.100.1 tra()port ve 1 a(tivateend
A.' Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
This section describes the net!or configuration necessary to test the ortel Alteon $+$+ SS
)Soft!are *ersion $/.$.$.1 load balancer !ith the 7racle Application Server 1/g 3elease $)1/.1.$ application server.
A.'.1 Subnets for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
Configuration
The follo!ing subnets !ere used in the %oundry Server Iron v/0.1.//cT$+ configuration:
=xternal: 1>$.120.$//./?$+ )59$
Internal: 1>$.120././?$+ )591
A.'.2 Ser$ers-Nodes for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
Configuration
As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for the
middle tier installations and 7racleAS Single Sign87n servers:
pdln8mid1.pdx.com
pdln8mid$.pdx.com
pdln8sso1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
pdln8sso$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
A.'.! 6eal Ser$ers for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
Configuration
26
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEF7/25/2019 A Sample Configurations for Load Balancers
27/43
@ou must create 3eal Server entries for each middle tier balanced by the load balancer. Table A8$
lists the servers used in the test configuration.
Table A8$ 3eal Servers
6eal 6eal (& Name
1 1>$.120./.1/+ pdln8mid1
$ 1>$.120./.1/& pdln8mid$
- 1>$.120./.1// pdln8sso1
+ 1>$.120./.1/1 pdln8sso$
& 1>$.120.1//.1/ SS Accelerator linux.pdx.com
A.'.+ ;roups for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
Configuration
The servers listed in Table A8$must belong to groups, as listed in Table A8-. ote that thegroups contain lie instances, for example, roup 1 contains 7racleAS (ortal instances, roup +
contains the Identity anagement instances, and roup & has only the SS accelerator.
Table A8- roups
;roup Ser$ers etric
1 1, $ 3ound robin
+ -, + 3ound robin
27
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEFFBIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEFFBI7/25/2019 A Sample Configurations for Load Balancers
28/43
;roup Ser$ers etric
& & 3ound robin
A.'.' *irtual (& Addresses for Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,
This section describes the virtual I( addresses used in this configuration.
*irtual G1 is set up to listen on port 0/ );TT( using the address 1>$.120.$//.1/, !hich is on theexternal subnet interface. roup 1 is bound to this virtual address, and the remote port 6666 )the
7racleAS 4eb #ache listen port has also been set. (bind is for client sticinessH since !e are
using an 7racleAS 4eb #ache cluster in this scenario, no real session binding is needed on the
load balancer.
*irtual G+ is for 7racleAS Single Sign87n, and is also configured on port 0/ )can be set to ++-
for SS communication, using the address 1>$.120.$//.11, !hich is on the external subnet
interface. roup + is bound to this virtual server and the remote port 6666. o session binding isneeded for the 7racleAS Single Sign87n re$.120.$//.1/ linux.pdx.com 1 #lientip 6666
1 >+/1 1>$.120.$//.1/ ?A 1
+ ;TT( 1>$.120.$//.11 sso8linux.pdx.com + #lientip 6666
A.'./ Additional Ser$er Configuration for Nortel Alteon 2+2+ SSL )Software
*ersion 2:.2.2.1,
To mae the 7racleAS (ortal (arallel (age =ngine and invalidation to !or correctly, you must
enable a proxy on the internal or server ports of the load balancer. This causes AT )!ith (I(
addresses on any re
7/25/2019 A Sample Configurations for Load Balancers
29/43
(I( #onfiguration: #onfigure (I( addresses that the proxy !ill use: %or example:
-(-slb-pipIG///.///.///.///
3eplace the /s in the preceding example !ith the (I( address. The (I( addresses must be on the
same subnet as the servers.
(ort #onfiguration:
(ort 1 )=xternal: client enable, proxy enable
(ort $ )Internal server: client enable, proxy enable, server enable
(orts -80: client enable
A.'.3 #racleAS &ortal Configuration Notes for Nortel Alteon 2+2+ SSL )Software
*ersion 2:.2.2.1,
In order for invalidation to !or correctly, you must ensure that client AT is enabled on each of
the real servers on !hich 7racleAS 4eb #ache is installed. @ou may also need to create a staticroute on the fire!all to ensure that invalidation re
7/25/2019 A Sample Configurations for Load Balancers
30/43
pvid 2-(-port 1-astspeed 100(tl nonemode ullauto o-(-port 2pvid 3-(-port 2-astspeed 100(tl nonemode ullauto o-(-port 3pvid 2-(-port 3-astspeed 100(tl bot+mode ullauto on
-(-port pvid -(-port -astspeed 100(tl bot+mode ullauto on-(-port !pvid -(-port !-astspeed 100(tl bot+mode ullauto on-(-port 6pvid -(-port 6-astspeed 100(tl bot+mode ullauto on-(-port pvid -(-port -astspeed 100(tl bot+mode ull
auto on-(-port 8pvid -(-port 8-astspeed 100(tl bot+mode ullauto on-(-port 9ta ena
30
7/25/2019 A Sample Configurations for Load Balancers
31/43
pvid -(-port 9-astspeed an(tl bot+mode ullauto on-(-vlan 1de 9 10 11 12 13 1 1! 16 1 18 19 20 21 22 23 2 2! 26 2 28-(-vlan 2enaname 'utside)irtualde 1 3-(-vlan 3enaname D#Lde 2-(-vlan enaname &&de ! 6 8 9
-(-vlan 99enaname A5 99de 0-(-stp 1-o-(-stp 1-(lear-(-stp 1-add 1 2 3 99-(-ip-i 1enaaddr 192.168.200.!vlan 2-(-ip-i 2enaaddr 192.168.0.1vlan 3-(-ip-i 3enaaddr 192.168.100.1vlan 090-(-ip-% 1enaaddr 192.168.200.1retr 1-(-ip-routeadd 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200 2-(-slbon
-(-slb-advdire(t ena-(-slb-real 1enarip 192.168.0.10inter 1!retr 6-(-slb-real 2enarip 192.168.0.10!
31
7/25/2019 A Sample Configurations for Load Balancers
32/43
inter 1!retr 6-(-slb-real 3enarip 192.168.0.100inter 1!retr 6-(-slb-real disrip 192.168.0.101inter 1!retr 6-(-slb-real !enarip 192.168.100.10-(-slb-roup 1metri( roundrobinadd 1add 2-(-slb-roup 2
metri( roundrobin-(-slb-roup metri( roundrobinadd 3add -(-slb-roup !+ealt+ ssl+add !-(-slb-pip-pip1 192.168.0.1!0-(-slb-pip-pip2 192.168.0.1!1-(-slb-pip-pip3 192.168.0.1!2-(-slb-pip-pip 192.168.0.1!3-(-slb-port 1(lient enapro/ ena-(-slb-port 2(lient enaserver enapro/ ena-(-slb-port 3(lient ena-(-slb-port (lient ena-(-slb-port !(lient ena-(-slb-port 6(lient ena
-(-slb-port (lient ena-(-slb-port 8(lient ena-(-slb-virt 1enavip 192.168.200.10dname linu/.pd/.(om-(-slb-virt 1-servi(e +ttproup 1
32
7/25/2019 A Sample Configurations for Load Balancers
33/43
rport pbind (lientip-(-slb-virt 1-servi(e 901roup 1-(-slb-virt enavip 192.168.200.11dname sso)linu/.pd/.(om-(-slb-virt -servi(e +ttproup rport pbind (lientip-(-slb-virt 2-servi(e 3-pbind sslid-(-slb-ilt !enaa(tion redirproto t(pdport +ttpsroup !rport 0
vlan an-(-slb-port 1ilt enaadd !-(-slb-port 2ilt enaadd !-s(ript end -KKKK D' 5'$ ED=$ $H=& =5E
&& *oniuration:&& *oniurationG dump
Dump private es es-noF MnoN: no*olle(tin data, please %ait...-K-K-K *oniuration dump taen $ue Au 3 12:!:1 4D$ 200-K ersion .1.2.3-K-K-K-(-.-(-ssl-.-(-ssl-dns-. (a(+esie 1000 retransmit 2s
(ount 3 ttl 3+ +ealt+ 10s +do%n 2 +up 2 allt+rou+ o-(-ssl-(ert 1-. name 4D*OA)*A (ert
33
7/25/2019 A Sample Configurations for Load Balancers
34/43
)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert 1-revoe-.-(-ssl-(ert 1-revoe-automati(-. interval 1d ena disabled-(-ssl-(ert 2-. name linu/.pd/.(om (ert)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert 2-revoe-.-(-ssl-(ert 2-revoe-automati(-. interval 1d ena disabled-(-ssl-(ert -. name sso)linu/.pd/.(om (ert
)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert -revoe-.-(-ssl-(ert -revoe-automati(-. interval 1d ena disabled-(-ssl-server 1-. name linu/.pd/.(om vip 192.168.200.10 port 3 +ttpsF rip 0.0.0.0 rport 80 +ttpF tpe +ttp pro/ o ena enabled-(-ssl-server 1-tra(e-.-(-ssl-server 1-ssl-. (ert 2 (a(+esie 900 (a(+ettl !m (a(erts 1 (a(+ain 1 proto(ol ssl3 veri none (ip+ers AP&$7E5"$H ena enabled
-(-ssl-server 1-t(p-. (%rite 1!m (eep 1!m s%rite 1!m s(onne(t 10s (sendbu auto (re(bu auto ssendbu auto sre(bu 6000-(-ssl-server 1-+ttp-.
34
7/25/2019 A Sample Configurations for Load Balancers
35/43
redire(t on ssl+eader on add/or o addvia on add/isd o addront o add(li(ert o addbeassl o addbea(li o addnostore o (msie s+ut r+ost o ma/r(ount 0 ma/line 8192-(-ssl-server 1-+ttp-re%rite-. re%rite o (ip+ers H="H:#ED=# response i&D 7= -(i)bin-%ea(ip+er-(-ssl-server 1-+ttp-aut+-.
mode basi( realm ;net pro/ o ena disabled-(-ssl-server 1-dns-.-(-ssl-server 1-adv-.-(-ssl-server 1-adv-pool-. timeout 1!s ena disabled-(-ssl-server 1-adv-tralo-. sslo+ost 0.0.0.0 udpport !1 priorit ino a(ilit lo(al ena disabled-(-ssl-server 1-adv-standalone-. ena disabled-(-ssl-server 1-adv-standalone-iplist-.-(-ssl-server 1-adv-loadbalan(in-. tpe all persisten(e none metri( +as+ +ealt+ auto interval 10s ena disabled-(-ssl-server 1-adv-loadbalan(in-s(ript-.-(-ssl-server 1-adv-loadbalan(in-remotessl-.
proto(ol ssl3 (ip+ers A-(-ssl-server 1-adv-loadbalan(in-remotessl-veri-. veri none-(-ssl-server 1-adv-ssl(onne(t-. proto(ol ssl3 (ip+ers E;4)7*)#D!:ADH ena disabled-(-ssl-server 1-adv-ssl(onne(t-veri-. veri none
35
7/25/2019 A Sample Configurations for Load Balancers
36/43
-(-ssl-server -. 5ame sso)linu/.pd/.(om vip 192.168.200.11 port 3 +ttpsF rip 0.0.0.0 rport 80 +ttpF tpe eneri( pro/ o ena enabled-(-ssl-server -tra(e-.-(-ssl-server -ssl-. (ert (a(+esie 900 (a(+ettl !m proto(ol ssl3 veri none (ip+ers AP&$7E5"$H ena enabled-(-ssl-server -t(p-. (%rite 1!m
(eep 1!m s%rite 1!m s(onne(t 10s (sendbu auto (re(bu auto ssendbu auto sre(bu 6000-(-ssl-server -adv-.-(-ssl-server -adv-standalone-. ena disabled-(-ssl-server -adv-standalone-iplist-.-(-ssl-server -adv-loadbalan(in-. tpe all persisten(e none metri( +as+ +ealt+ auto interval 10s ena disabled-(-ssl-server -adv-loadbalan(in-s(ript-.-(-ssl-server -adv-loadbalan(in-remotessl-. proto(ol ssl3 (ip+ers A-(-ssl-server -adv-loadbalan(in-remotessl-veri-. veri none-(-ssl-server -adv-ssl(onne(t-. proto(ol ssl3 (ip+ers E;4)7*)#D!:ADH
ena disabled-(-ssl-server -adv-ssl(onne(t-veri-. veri none-(-/net-. ttl 1!m lo loin-(-ss-.-(-ss-routes-.-(-ss-time-. tone Ameri(a-osBAneles
36
7/25/2019 A Sample Configurations for Load Balancers
37/43
-(-ss-time-ntp-.-(-ss-dns-.-(-ss-sslo-.-(-ss-(luster-. mip 192.168.100.1!-(-ss-(luster-+ost 1-. tpe master ip 192.168.100.10 ate%a 192.168.100.1-(-ss-(luster-+ost 1-routes-.-(-ss-(luster-+ost 1-intera(e 1-. ip 192.168.100.10 netmas 2!!.2!!.2!!.0 vlanid 0 mode ailover primar 0-(-ss-(luster-+ost 1-intera(e 1-ports-. add 1-(-ss-a((esslist-.-(-ss-adm-.
(litimeout 10m telnet o ss+ o-(-ss-adm-snmp-.-(-ss-adm-snmp-snmpv2)mib-. snmpEnableAut+en$raps disabled-(-ss-adm-snmp-(ommunit-. read publi( trap trap-(-ss-adm-audit-. vendorid 182 alteonF vendortpe 2 ena alse-(-ss-adm-audit-servers-.-(-ss-adm-+ttp-. port 80 ena alse-(-ss-adm-+ttps-. port 3 ena alse-(-ss-user-. e/pire 0
A./ 6adware eb Ser$er irector N& with S%nApps 3.':.:'
This section describes the net!or configuration necessary to test the 3ad!are 4eb Server
5irector ( load balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$ applicationserver.
A./.1 Subnets for the 6adware eb Ser$er irector N& Configuration
The follo!ing subnets !ere used in the %oundry Server Iron v/0.1.//cT$+ configuration:
37
7/25/2019 A Sample Configurations for Load Balancers
38/43
=xternal: 1>$.120.$//./?$+ )59$
Internal: 1>$.120././?$+ )591
A./.2 Ser$ers-Nodes for the 6adware eb Ser$er irector N& Configuration
As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for themiddle tier installations and 7racleAS Single Sign87n servers:
pdln8mid1.pdx.com
pdln8mid$.pdx.com
pdln8sso1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
pdln8sso$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier
A./.! "arms for the 6adware eb Ser$er irector N& Configuration
The follo!ing farms !ere created for the 3ad!are 4eb Server 5irector ( #onfiguration:
%arm 1: 1>$.120./.1&/ ;TT(
%arm $: 1>$.120./.1&1 7racleAS 4eb #ache invalidation
%arm -: 1>$.120./.1&$ 7racleAS Single Sign87n
%arm +: 1>$.120./.1&- #T1// linux.pdx.com
%arm &: 1>$.120./.1&+ #T1// sso8linux.pdx.com
A./.+ Ser$ers for the 6adware eb Ser$er irector N& Configuration
Table A8&lists the servers used in the test configuration.
Table A8& Servers
"armAddress
Ser$erAddress Name
ultiple$.120./.1&/ 1>$.120./.1/+ pdln8mid$ 6666
38
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCCDGBGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCCDGBG7/25/2019 A Sample Configurations for Load Balancers
39/43
"arm
Address
Ser$er
Address Name
ultiple$.120./.1&/ 1>$.120./.1/& pdln8mid1 6666
1>$.120./.1&1 1>$.120./.1/+ pdln8mid$ 6666
1>$.120./.1&1 1>$.120./.1/& pdln8mid$ 6666
1>$.120./.1&$ 1>$.120./.1// pdln8sso1 )7racleAS Single Sign8
7n
6666
1>$.120./.1&$ 1>$.120./.1/1 pdln8sso$ )7racleAS Single Sign8
7n
6666
1>$.120./.1&- 1>$.120.1//.1/ #T1// )linux.pdx.com 6666
1>$.120./.1&+ #T1// )sso8linux.pdx.com 6666
A./.' Additional Ser$er Configuration for the 6adware eb Ser$er irector N&
The follo!ing additional configuration is necessary for the 3ad!are 4eb Server 5irector (:
1. =nable client AT. 5o not specify any address under Cse Specific AT Address.
$. Specify the AT address range to use.
-. Specify the client addresses for AT:
1>$.120./.1/+ 8 1>$.120./.1/& for middle tier
1>$.120.$.1// 8 1>$.120.$.1// for Infrastructure invalidation re
7/25/2019 A Sample Configurations for Load Balancers
40/43
+. Specify client AT =nable in the server configuration.
A././ Super "arms for the 6adware eb Ser$er irector N& Configuration
Table A82lists the super farms for the 3ad!are 4eb Server 5irector ( configuration:
Table A82 Super %arms
(& Address &ort Number "arm Address "unction
1>$.120.$//.1/ 0/ 1>$.120./.1&/ linux.pdx.com ;TT(
1>$.120.$//.1/ ++- 1>$.120./.1&- linux.pdx.com ;TT(S 88J #T1//
1>$.120.$//.1/ >+/1 1>$.120./.1&1 Invalidation *I(
1>$.120.$//.11 0/ 1>$.120./.1&$ 7racleAS Single Sign87n ;TT(
1>$.120.$//.11 ++- 1>$.120./.1&+ 7racleAS Single Sign87n ;TT(S 88J #T1//
A./.3 Load Balancing ethod for the 6adware eb Ser$er irector N&
Configuration
The follo!ing load balancing methods !ere used:
iddle tiers: #yclic !ith ;TT( health chec on port 6666
Identity anagement: #yclic !ith ;TT( health chec on port 6666
To verify the (arallel (age =ngine communication from the middle tiers, follo! these steps:
1. Test the configuration !ith a telnet command from one of the middle tiers to the *I(
address on port 0/, !ith a ;=A5 re
7/25/2019 A Sample Configurations for Load Balancers
41/43
HEAD
A response similar to the follo!ing should be returned:
Date: Wed, 02 Jun 200 1!:08:2! "#$
Allo%: "E$, HEAD
&erver: 'ra(leA&)Web)*a(+e)10-10.1.2.0.0
*ontent)$pe: te/t-+tml
*ontent)ent+: 100
*a(+e)*ontrol: publi(
ote:
@ou can perform the same test for the invalidation communication from the
Infrastructure database. Syntax errors may occur !ith these re
7/25/2019 A Sample Configurations for Load Balancers
42/43
SS, you must also import #A and Site certificates into the 7racleAS 4ireless configuration.
See the 7racle Application Server 4ireless AdministratorEs uide for instructions.
A./.1: Test Configuration9 6adware eb Ser$er irector N&
sstem (oniDevi(e *oniurationDate: 1!)06)200 21::33Devi(e Des(ription: Web &erver Dire(tor 54 %it+ &nApps?ase #A* Address: 00:03:b2:0d:3:(0&ot%are ersion: .!0.0! build 9deeFnet route table (dbset 192.168..2 2!!.2!!.2!!.2!! 192.168.0.200net route table (dbset 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200net route table (dbset 0.0.0.0 0.0.0.0 192.168.200.1manae snmp (ommunit)table (dbset 0.0.0.0 publi( )(a super )st trapsEnablesstem tune bride)t)table (dbset 102sstem tune ip)t)table (dbset 8192sstem tune arp)table (dbset 102sstem tune (lient)table (dbset 1638sstem tune routin)table (dbset !12%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable%sd arm table (dbset 192.168.0.1! *$100)&&' )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1! *$100)&&' )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!3 *$100 )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!3 *$100 )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!0 H$$4 )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!0 H$$4 )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!2 &&' )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!2 &&' )as enable )dm ((li( )(p
%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm server table (dbset 192.168.0.1! 192.168.100.11 (t100)sso%sd arm server table (dbset 192.168.0.1!3 192.168.100.10 *$100%sd arm server table (dbset 192.168.0.1!0 192.168.0.10! pdln)mid1%sd arm server table (dbset 192.168.0.1!0 192.168.0.10 pdln)mid2%sd arm server table (dbset 192.168.0.1!2 192.168.0.100 pdln)(a(+e1%sd arm server table (dbset 192.168.0.1!1 192.168.0.10! pdln)mid1%sd arm server table (dbset 192.168.0.1!1 192.168.0.10 pdln)mid2%sd p+si(al)server statisti(s (dbset pdln)(a(+e1%sd p+si(al)server statisti(s (dbset pdln)mid2%sd p+si(al)server statisti(s (dbset (t100)sso%sd p+si(al)server statisti(s (dbset *$100%sd p+si(al)server statisti(s (dbset pdln)mid1%sd super)arm (dbset 192.168.200.11 3 192.168.0.1!%sd super)arm (dbset 192.168.200.10 3 192.168.0.1!3%sd super)arm (dbset 192.168.200.11 80 192.168.0.1!2%sd super)arm (dbset 192.168.200.10 80 192.168.0.1!0%sd super)arm (dbset 192.168.200.10 901 192.168.0.1!1%sd nat server status (dbset disablesstem tune dnami()pro/imit)table (dbset 096%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1! 200
42
7/25/2019 A Sample Configurations for Load Balancers
43/43
%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!3 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!2 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!0 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!1 200%sd nat server spe(ii()nat)address (dbset 0.0.0.0sstem tune url)table (dbset 2!6sstem tune re>uest)table (dbset 200sstem tune ssl)id)table (dbset 102net ne/t)+op)router (dbset 192.168.200.1net ne/t)+op)router (dbset 138.1.3.229%sd arm n+r (dbset 0.0.0.0 )ip 192.168.200.1%sd arm e/tended)params (dbset 192.168.0.1!0net ip)intera(e (dbset 192.168.200.! 2!!.2!!.2!!.0 2net ip)intera(e (dbset 192.168.100.1 2!!.2!!.2!!.0 16net ip)intera(e (dbset 192.168.0.1 2!!.2!!.2!!.0 1%sd nat (lient address)rane (dbset 192.168.0.2! )t 192.168.0.2!%sd nat (lient rane)to)nat (dbset 192.168.2.100 )t 192.168.2.1!!%sd nat (lient rane)to)nat (dbset 192.168.0.100 )t 192.168.0.10!%sd nat (lient status (dbset enablesstem tune nat)address)table (dbset 1
sstem tune nat)ports)table (dbset 6!12b%m modi poli( (dbset Deault )i 0 )dst an )sr( anb%m modi poli( (dbset Deault )i 0 )dst an )sr( an )dr one%a+ealt+)monitorin response)level)samples (dbset 0manae user table (dbset rad%are )p% rad%are
manae telnet status (dbset enablemanae %eb status (dbset enablemanae ss+ status (dbset enablemanae se(ure)%eb status (dbset enablenet p+si(al)intera(e (dbset 1 )s e100 )d ull )a onnet p+si(al)intera(e (dbset 2 )s e100 )d ull%sdG