AppDirector負(fù)載均衡器培訓(xùn)資料_第1頁
AppDirector負(fù)載均衡器培訓(xùn)資料_第2頁
AppDirector負(fù)載均衡器培訓(xùn)資料_第3頁
AppDirector負(fù)載均衡器培訓(xùn)資料_第4頁
AppDirector負(fù)載均衡器培訓(xùn)資料_第5頁
已閱讀5頁,還剩109頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

Page1RadwareAppDirector

負(fù)載均衡器培訓(xùn)

2007-08Page2RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置雙機(jī)配置典型組網(wǎng)AgendaPage3RadwareAppDirector產(chǎn)品介紹AD-AppDirectorAD100/200/202

8FastEthernetports2FiberSCGBports200Mbpsthroughput

266MHzRISCProcessor256MBRAMPage4AD1000

16FEand5GBICports1000Mbpsthroughput

500MHzRISCProcessor256MBRAMPage5AD3020

12CopperGBEthernetports8GBICports3000Mbpsthroughput

512MBRAMPage6AD6000

8CopperGBEthernetports7GBICports2TenGBport6000Mbpsthroughput

1GBRAMPage7內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page8終端配置Page9初始化菜單Page10默認(rèn)配置Page11內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page12Web管理登陸默認(rèn)用戶名:radware默認(rèn)密碼:radwarePage13全局界面Page14內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network

3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page15VLANConfigurationDevice>VLANtableSteps:AddVLANAddPortstoVLANPage16VLANConfigurationAddorDeletePortstoVLANAddorDeleteVLANPage17VLANParametersTypeProtocolSave!!!10000XPage18VLANParameters

RegularVLAN

IPProtocol:必須分配IP地址。VALN端口之間所有流量經(jīng)過CPU處理,做負(fù)載均衡或交換。

OtherProtocol:無IP地址。傳輸非IP流量。

SwitchVLAN

SwitchedVLAN

Protocol:無IP地址,不做負(fù)載均衡處理。

IPProtocol:必須分配IP地址。目標(biāo)MAC地址為AppDirectorVLAN的流量經(jīng)過CPU處理,做負(fù)載均衡,其它流量直接基于L2傳輸。OtherProtocol:無IP地址。傳輸非IP流量。Page19DeleteVLAN2.Delete1.CheckPage20PortsChooseVALNChoosePortPage21內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page22AssignIPAddressPortsorVLANnumber

Router>IPRouter>InterfaceParameters>CreatePage23EditIPAddressClicktoEdit

Router>IPRouter>InterfaceParametersPage24內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page25AddRouteDefaultGateway:Dest.Address>NetworkMask>

Router>RoutingTable>CreatePage26EditRoutingTable

Router>RoutingTableClicktoEditPage27內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page28AServerFarmisacollectionofidenticalserversrunningthesameapplication–web,mail,DNS,FTP,etc.AServerFarmisrepresentedbyaVIP–VirtualIPAddressTheAppDirectoronlyloadbalancestrafficthatreachesaFarmTerminology–ServerFarmPage29AppDirectorVIPServerFarmClientsServerFarmBasicsPage30Client=0VIP(00)Client–Server10Server21Server32Client’sRequest

SourceIP=

Destination=VIP–00:80LoadBalancingDecision

AppDirectortoServer

SourceIP=

Destination=0:8080ServertoClient

SourceIP=0

Destination=AppDirectortoClient

SourceIP=VIP–00

Destination=VIPTheVirtualIP-VIPPage31FarmParameters

AppDirector>Farms>FarmTable>CreatePage32FarmParameters

AppDirector>Farms>FarmTable>CreatePage33VIPServer1Server2AppDirectorAppDirectorDispatchMethods

?Cyclic(RoundRobin)?WeightedCyclic(usesRoundRobinbutappliesstaticweightsassignedtoservers)?LeastTraffic(inpackets)?LeastNumberofUsers?NTSNMPParameters?User-ConfigurableSNMPParameters?Hashing?ResponseTimeLoadBalancingPage34AgingTimeandRedundancy

AgingTimeClientTable中的Session保持時(shí)間

RedundancyMode

Primary:主用AppDirector

Backup:備用AppDirectorPage35ConnectivityChecksdeterminewhetheraserverinafarmisavailableforclienttrafficEachfarmcanhaveadifferentConnectivityCheckconfigured,butallserversinthatfarmmustbecapableofrespondingthesamewaytotheAppDirectorchecksIfaserverfailstorespondtoconsecutivechecks,theAppDirectorwillremoveitfromthefarmasacandidateforclienttrafficTheAppDirectorwillcontinuetoperformcheckstothefailedserverinordertobringitbackintothefarmwhenitrecoversConnectivityChecksPage36Server1Server2AppDirectorConnectivityChecks:PingTCPorUDPPortHTTPPagePageContentRadiusRTSPPingPingAppDirectorConnectivityChecks

Page37Server1Server2AppDirectorCode200PageFoundPage.htm?Page.htm?Code404PageNotFoundHTTPPageCheck

Page38FarmAddressClientAddressServerAddressSourcePortDestinationPortServerPortAttachedTime2010628080234110618080332410792121643EnsuresClient-to-ServerPersistenceClientTableSessionmodePage39Server1Server2Server3FarmClientServerSrcPortVIPAS1XXXXVIPBS3YYYYVIPCS2ZZZZRegularSessionModePage40Server1Server2Server3FarmClientServerSrcPortVIPAS1XXXXVIPAS1XXXYVIPAS1XXXZSourcePort=XXXXSourcePort=XXXYSourcePort=XXXZEntryPerSessionModePage41Server1Server2Server3FarmClientServerSrcPortVIPAS1XXXXVIPAS3XXXYVIPAS2XXXZSourcePort=XXXXSourcePort=XXXYSourcePort=XXXZServerPerSessionModePage42內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page43ServerMaintenance

AppDirector>Servers>ApplicationServers>Table>CreatePage44ServerMaintenance

AppDirector>Servers>ApplicationServers>Table>CreatePage45AppDirectorhasseveralsettingswhichallowadministratorstocontroltraffictoeachserverinafarm:AdminStatus(Enable,Disable,Shutdown)WeightsOperationalMode(ActiveorBackup)ConnectionLimitsServerMaintenance

Page46ServerWeightsallowadministratorstotakeintoaccountequipmentthathasgreater(orlesser)capacitythanotherserversinthesamefarm.AppDirectorWeight=1Weight=1Weight=5ServerManagement-Weights

Page47ActiveandBackupServersettingsallowadministratorstohaveserversinafarmthatwon’tbeusedunlessallotherserversbecomeunavailable.AppDirectorActive1Active2BackupServerManagement–OperationalModePage48ServerManagement–OperationalModeSpecificBackupServerscanalsobebroughtonlineifaparticularActiveServerfails.AppDirectorActive1Active2Backup1Backup2Page49GracefulShutdownofServers–existingusersconnectedtoasingleserverareallowedtotime-outnaturally.Allowsforplannedmaintenanceortroubleshootingofservers.CurrentUsersConnectedtoServer#3RadwareTrap–NomoreusersonServer#3Server#3cannowbetakendownwithoutdisconnectinganyusersServerManagement-Shutdown

Page50ServerManagement–WarmUpGracefulRamp-up–AllowsforgradualincreaseintraffictoserverovertimeRadwareServer1UsersServer2UsersServer3UsersPage51內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page52L4PoliciesLayer4Policies–farmselectionbasedonnetworklevelparametersFarm–agroupofserversthatprovideaserviceLayer7Policies–farmselectionbasedonapplicationlevelparametersVirtualIPaddressPage53ClassificationcriteriaVirtualIP:VIPusedforclassificationofincomingtrafficL4Protocol:TCP/UDP/ICMP/Other/AnyL4Port:TCPorUDPdestportClientAddressRangeFrom/ToActionconfigurationFarmNameL7PolicyNameApplication:Defineshowtotreattheclassifiedpackets,forexample:port8081isHTTP,port444isSSL,etcRedundancyStatus:ActiveorBackupSomeLayer4PolicyParametersPage54TheAppDirectorloadbalancestrafficbetweenfarmsbasedonseveralcriteria:FTPWWWDNSLayer4InformationLayer7InformationEnglishSpanishFrenchL4PolicyPage55FTPWWWDNSVIPDestinationIP=VIPDestinationport=53DestinationIP=SelectedserverDestinationport=53DestinationIP=VIPDestinationport=21DestinationIP=SelectedserverDestinationport=21Layer4PolicyPage56AppDirectorloadbalancestrafficbasedonlayer7informationusingthefollowingmethods:URLsHTTPheaderinformationFiletypeBrowserTypeCookie(staticordynamic)RegularExpressionwithintheHTTPHeaderLayer7PolicyPage57GBBVIPDestinationIP=VIPDestinationURL=DestinationIP=SelectedserverDestinationIP=VIPDestinationURL=DestinationIP=SelectedserverLayer7–URLPolicyPage58HTTPHeaderFields:Layer7LoadBalancingPage59Layer7Policies(AppDirector8.0andlater)allowforcombinationsofdecision-makingfactorswhenconfiguringaSuperFarmURL+HeaderInformationURL+FiletypeEtc.Layer7PoliciesPage60(English)SuperFarm00(Spanish)(English)(Spanish)(Spanish)(English)(English)(Spanish)URL–Accept-Language:es*URL–Accept-Language:es*URL–Accept-Language:en*URL–Accept-Language:en*Layer7Policies

Page61Layer7PoliciesTheunderlyinglogicofLayer7Policiesisbasedonthefollowingcomponents:Methods–thesedefinewheretolookinaclient’srequestandwhattolookforbasedonthetype(Header,URL,RegularExpression,etc.)PolicyEntries–thesedefinewhattodowithaclient’srequestthatmatchesoneormorepolicies(i.e.whatfarmtosenditto)Page62Layer7PoliciesDelayedBindingSynSyn/AckAckGetHTTP://OrUserAgent:MozillaOrAccept-Language:esTypicalClient-ServerExchangePage63Layer7PoliciesEnglishSpanishSyn?InitialClientconnectiondoesnotcontainenoughinformationtomakeaLayer7decision.DelayedBindingPage64Layer7PoliciesEnglishSpanishSynSyn/AckAckGetHTTP://Accept-Language:esHTTPHeaderLanguage=SpanishSynSyn/AckAckDelayedBindingPage65PersistenceL3ClientIPbasedpersistencyRegularSessionModeL4ClientIPandportEntryPerSessionServerPerSessionDispatchMethodisHashingL7DelaybindingisneededCookiepersistenceSSLIDHTTPSessionID:StaticIDDynamicIDPage66WEB4WEB4WEB1WEB2WEB3WEB3WEB2WEB1SessionIDPersistencePage67TextMatchSessionIDPersistency

Page68SessionIDPersistencyTableIfusingDynamicSessionIDPersistency,Thistableisenough.Page69StaticSessionIDPersistencyTableIfusingStaticSessionIDPersistency,YouneedsettingbothSessionIDPersistencytableandStaticSessionIDPersistency.SessionIDPersistencytableandStaticSessionIDPersistencyarecombined.AppdwilluseSessionIDPersistencytable’ssettingtochecktheSessionIDvalueinStaticSessionIDPersistency.The‘SessionIDValue’lengthmustbeequalto‘ValueMaxlength’.Forexample,AppDwillcheck‘BF0888’withoffset=10,identifier=JSESSIONIDincookiefield.Page70L4PolicyConfiguration

AppDirector>Layer4FarmSelection>Layer4PolicyTable>CreatePage71L4PolicyConfiguration

AppDirector>Layer4FarmSelection>Layer4PolicyTable>CreatePage72L4PolicyConfigurationSteps

L4PolicyDefineIPAddressSelectProtocolDefinePort(TCP/UDP)DefineL4PolicynameSelectFarm

L7PolicyDefineL7MethodsAppDirector>L7FarmSelection>MethodsDefineL7PoliciesAppDirector>L7FarmSelection>PolicyDefineIPaddressSelectPolicySelectFarmPage73內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置

1,AppDirector-配置-初始化

2,AppDirector-配置-Network3,AppDirector-配置-Vlan4,AppDirector-配置-Interface5,AppDirector-配置-Route6,AppDirector-配置-Farm7,AppDirector-配置-Server8,AppDirector-配置-L4Policy

9,AppDirector-配置-Nat雙機(jī)配置典型組網(wǎng)Page74012VIP–00SourceIP0SourceIP0ServerNATisDisabledPage75012VIP–00SourceIP0SourceIP00ServerNATisEnabledPage76ServerNATConfiguration

AppDirector>NAT>ServerNAT>GlobalParameters>使用Server隸屬的FarmIP或SuperfarmIP列表中選擇>所有服務(wù)器都使用該IP必須EnablePage77Server1Server2Server3ClientIP=VIPSource=Destination=VIPSource=Destination=Server3Server“sees”Client’sActualSourceIPClientNATDisabledPage78ClientNATEnabledServer1Server2Server3ClientIP=VIPSource=Destination=VIPSource=AppDirectorNATIPDestination=Server3Server“sees”anaddressfromAppDirectorNATPage79WebServer1WebServer2AppServer1ClientWebVIPWebFarmAppServer2AppFarmAppVIPClientAccesstoWebServersWeb2isa“client”toAppFarmApp1respondsdirectlytoWeb2?ClientNATUse-ProblemPage80WebServer1WebServer2AppServer1ClientWebVIPWebFarmAppServer2AppFarmAppVIPClientAccesstoWebServersWeb2isa“client”toAppFarmApp1“sees”NATaddressfromAppDirectorNATClientNATUse-Solution

Page81ClientNATConfiguration-Tuning

Services>Tuning>Device>0

檢查內(nèi)存重新啟動設(shè)備Page82ClientNATConfiguration-Global

AppDirector>NAT>ClientNAT>GlobalParameters定義被NAT的用戶范圍必須Enable定義NAT后的地址范圍Page83ClientNATConfiguration-Intercept

AppDirector>NAT>ClientNAT>InterceptTablePage84ClientNATConfiguration-NAT

AppDirector>NAT>ClientNAT>NATTablePage85ClientNATConfiguration–Farm

AppDirector>Farm>AdditionalParametersTablePage86ClientNATConfiguration-Server

AppDirector>Server>ApplicationServerstableFarm內(nèi)的每臺服務(wù)器:設(shè)置為EnablePage87內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安裝與基本配置雙機(jī)配置典型組網(wǎng)Page88Radwaredevicesshouldbeemployedinpairsforfault-toleranceandfail-overTwomethodsavailableforredundancy:Proprietary(usingARP)VRRP(RFC:2338VirtualRouterRedundancyProtocol)RedundancyPage89PairsofAppDirectorscanoperateinActive/ActiveConfigurationRadwareDeviceARadwareDeviceBServerFarmAServerFarmBFarmATrafficFarmBTrafficFarmAandBTrafficRedundancyActive-ActivePage90ProprietaryRedundancyusesARPActiveAppDirectorBackupAppDirectorServerFarmARP?ARP?Redundancy-ProprietaryPage91ProprietaryRedundancyusesARPActiveAppDirectorBackupAppDirectorServerFarmARP?ARP?ARPBroadcast!!NewMACforActiveAppDirectorAddressesARPBroadcast!!NewMACforActiveAppDirectorAddressesRedundancy-ProprietaryPage92AVR(VirtualRouter)islikeavirtualMACaddressOnedeviceisMasterandtheotherisBackupforagivenVRIPaddressesare“associated”withaVR-interfaces,VIPaddresses,etc.IftheMasterdevicestopsadvertisingitspresence,theBackupdevicewillassumecontroloftheVRandtheIPaddressesassociatedwithitRedundancy-VRRPPage93Redundancy-VRRPVirtualRouter(MAC)RedundancyProtocol–VirtualRoutersActiveAppDirectorBackupAppDirectorServerFarmVRID1VRID2MasterBackupVRRPAdvertisementsAssociatedIPs:00AssociatedIPs:Page94Redundancy-VRRPVirtualRouter(MAC)RedundancyProtocol–VirtualRoutersActiveAppDirectorBackupAppDirectorServerFarmVRID1VRID2MasterBackupVRRPAdvertisementsAssociatedIPs:00AssociatedIPs:MasterPage95VRRPConfigurationSteps

VRRPGlobalVRRPVirtualRouteadd(down)AssociateIPtoVRRProuterIDVRRPVirtualRouteSettoUPPage96VRRPConfiguration-Global

AppDirector>Redundancy>GlobalConfigurationVRRP:主/備

Enable:主Disable:備

Page97VRRPConfiguration-VRID

AppDirector>Redundancy>VRRP>VirtualRouter>Create端口:主/備主:255備:<

255

主/備相同主:自身端口IP備:自身端口IPPage98VRRPConfiguration–AssociatedIP

AppDirector>Redundancy>VRRP>AssociatedIP>Create端口:主/備主/備相同主設(shè)備端口FarmIPL4PolicyIPVirtualDNSClientNATPage99VRRPConfiguration–VRIDActivity

AppDirector>Redundancy>VRRP>VirtualRouter選擇UPPage100內(nèi)容RADWAREAppDirector產(chǎn)品介紹AppDirector初始化安

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論