Filter
Top Products
Web OS 10.0 Application Guide
Chapter 13: Firewall Load Balancing
325
212777-A, February 2002
15. Add the filters to the ingress ports for the outbound packets.
Redirection filters are needed on all the ingress ports on the clean-side Web switch. Ingress
ports are any that attach to real servers or internal clients on the clean-side of the network. In
this case, two real servers are attached to the clean-side Web switch on port 4 and port 5.
16. Define static routes to the dirty-side IP interfaces, using the firewalls as gateways.
One static route is required for each firewall path being load balanced. In this case, two paths
are required: one that leads to dirty-side IF 2 (10.1.1.1) through the first firewall (10.1.3.10) as
its gateway, and one that leads to dirty-side IF 3 (10.1.2.1) through the second firewall
(10.1.4.10) as its gateway.
NOTE – Configuring static routes for FWLB does not require IP forwarding to be turned on.
17. Apply and save the configuration changes.
>> Filter 15# ../port 4 (Select ingress port 4)
>> SLB Port 4# add 10 (Add the filter to the ingress port)
>> SLB Port 4# add 15 (Add the filter to the ingress port)
>> SLB Port 4# filt ena (Enable filtering on the port)
>> SLB Port 4# ../port 5 (Select ingress port 5)
>> SLB Port 5# add 10 (Add the filter to the ingress port)
>> SLB Port 5# add 15 (Add the filter to the ingress port)
>> SLB Port 5# filt ena (Enable filtering on the port)
>> SLB Port 5# /cfg/ip/route
>> IP Static Route# add 10.1.1.1 255.255.255.255 10.1.3.10
>> IP Static Route# add 10.1.2.1 255.255.255.255 10.1.4.10
>> # apply
>> # save