Coyote Point Systems Equalizer Especificaciones Pagina 340
- Pagina / 594
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Match Rules
When a match rule is configured you can specify that persistence methods for that match rule -- which supercede
those the persistence method specified for a cluster. This is the persistence type to be used when the match rules
conditions are met. For example, if you configured a match rule expression to redirect requests to Server A based
on the criteria configured in an expression, you can also configure the persistence type to be used when that
criteria is met.
To configure persistence with match rules select a configured match rule on the left navigational pane of the GUI.
Select the Persistence tab to display the configuration screen. It is configured the same as the configuration of
HTTP and HTTPS cluster persistence.
Changing the Spoof (SNAT) Setting Using Match Rules
By default, Equalizer uses the client IP address as the source address in the packets it forwards to server pools,
and then translates the server IP in server responses to Equalizer’s cluster IP. This is commonly called a
Half-
NAT
configuration, since Equalizer is
not
performing Network Address translation (or NAT) on client requests.
Because the server pools behind Equalizer see the source IP of the client, the server pools need to be configured
to route client requests back through Equalizer -- either by making Equalizer the default. This behavior is controlled
by the Spoof option, which is enabled by default. Half-NAT configurations are only a problem when a client is on
the same subnet as the servers behind Equalizer, since the servers will try to respond directly back to the client --
which will not recognize the server connection as a response to it’s original request and so refuse the connection.
This "local client" problem is solved by
disabling
the Spoof option. When Spoof is disabled, Equalizer translates
the source IP address in the request to one of Equalizer’s IP addresses before sending it on to the server. This is
called
Source Network Address Translation
, or
SNAT
-- and this configuration is often called
Full-NAT
, since
Equalizer is translating the client IP in packets from clients, as well as the server IP in packets from servers. In
this case, servers will send responses to Equalizer’s IP address, so no special routing or gateway is needed on the
server.
So, clusters with clients on a different subnet than the server pools behind it can have the spoof option enabled,
while clusters with only local clients should have spoof disabled.
But what do you do if you expect client requests to come to the cluster from the local server subnet as well as
other subnets?
In network configurations where Equalizer needs to be able to forward server responses to clients on the server
subnet as well as other subnets for the same virtual cluster IP, the Spoof option can be selectively enabled or
disabled by creating a Layer 7 match rule that looks for specific client IP addresses in incoming requests. When an
incoming request’s source IP matches the rule, Spoof will be set as appropriate for that connection. This is
commonly called
Selective SNAT
.
On Equalizer, implementing Selective SNAT using a Match Rule is the recommended method to allow local
access to Layer 7 clusters with Spoof enabled; other alternatives include:
l adding static routes on all your server pools to clients on the server’s local subnet
l creating two clusters -- one on the non-server subnet with spoof enabled, and one on the server subnet with
spoof disabled
Selective SNAT using a match rule is more easily implemented and maintained than either of the above methods,
but can be configured only for Layer 7 clusters. If you require Selective SNAT with a Layer 4 cluster, you’ll need to
use one of the above methods.
Selective SNAT Example
340
Copyright © 2013 Coyote Point Systems. A subsidiary of Fortinet, Inc.
- Equalizer 1
- Administration Guide 1
- Table of Contents 3
- Upgrading and Downgrading 57 4
- Licensing Equalizer 67 4
- Configuring Access 73 4
- Network Configuration 77 4
- Working in the CLI 127 5
- Using the GUI 191 7
- Servers 243 8
- Clusters 259 9
- Match Rules 317 10
- Logging 399 13
- Failover 423 13
- Alerts 483 14
- Using SNMP Traps 493 14
- User and Group Management 499 15
- Using Envoy 513 15
- Glossary 577 17
- Chapter 1 19
- Introduction 19
- Chapter Summary 20
- Using the WebHelp 22
- Glossary 24
- Server pools 25
- Typographical Conventions 26
- Where to Go for More Help 27
- Chapter 2 29
- Equalizer Overview 29
- About Equalizer 30
- Intelligent Load Balancing 30
- Load Balancing Configuration 31
- How a Server is Selected 33
- Server Selection Process Flow 35
- Persistence 37
- Geographic Load Balancing 39
- Sizing of Equalizer Objects 40
- Chapter 3 41
- Installation 41
- Warnings and Precautions 42
- Power Requirements 43
- Power Consumption 43
- Operating Environment 45
- Regulatory Certification 45
- Hardware Installation 46
- Chapter 4 49
- Chapter 5 57
- Upgrading and Downgrading 57
- Version 8.6 Upgrade Procedure 58
- Downgrading to Version 8.6 62
- Chapter 6 67
- Licensing Equalizer 67
- Removing Licenses 69
- Chapter 7 73
- Configuring Access 73
- Default Login 74
- Creating Additional Logins 74
- Serial Access 74
- Network Access 74
- VLAN Subnet Network Services 75
- Chapter 8 77
- Networking Conventions 78
- Networking Technologies 78
- Blank Configuration 82
- Single VLAN/Subnet 82
- Rules 4 and 5 84
- Dual VLAN/Network 85
- Rules 5 and 6 86
- Networks 95
- Configuring VLANs 100
- All Rights Reserved 101
- Configuring Subnets 103
- About Permitted Subnets 104
- Configuring Outbound NAT 105
- Managing Interface Ports 107
- Network Configuration 108
- Displaying Port Statistics 109
- Policy Routing 110
- Source Selection 113
- Source Routing Scenarios 115
- Source, Destination Specified 119
- Generated by Equalizer 120
- Enabling DNS 121
- Configuring NTP 121
- NTP and Plotting 122
- Default NTP Configuration 122
- Selecting an NTP Server 122
- Managing NTP 123
- Default Source Selection 124
- Source Routing Table 124
- IP Filter Rules 124
- Network Troubleshooting Tools 126
- Chapter 9 127
- Working in the CLI 127
- Starting the CLI 128
- Exiting the CLI 129
- Object Relationships 132
- Command Line Editing 133
- Enabling and Disabling Flags 134
- Queued Commands 137
- Context Help 138
- Global Parameters 139
- Context Command Summaries 140
- Global Commands 141
- Licensing Commands 143
- Certificate Commands 144
- Cluster Flags 150
- External Services Commands 155
- GeoCluster Context Commands 156
- Geosite Instance Flags 157
- GeoSite Commands 159
- Interface Commands 160
- TransmitCounters 161
- Receive Counters 161
- Object List Commands 163
- Peer Commands 164
- Peer Context Commands 165
- Peer Context Command Flags 165
- Responder Commands 166
- (quotes are optional) 167
- Server Commands 168
- Server Instance Flags 171
- Health Check Instance Flags 172
- Load Balancing Policies 173
- Aggressive Load Balancing 175
- Dynamic Weight Oscillations 175
- SNMP Commands 176
- Enabling SNMP (CLI) 177
- 172net:Default 178
- Tunnel Commands 179
- User Commands 180
- User-alertContext Commands 181
- User Alert Notify Type Flags 181
- User Flags 182
- Setting the Locale 182
- Creating a User 182
- Deleting a User 183
- User Passwords 183
- User Permissions 183
- Displaying User Information 185
- VLAN and Subnet Commands 186
- VLAN Subnet Flags 187
- VLAN and Subnet Command Notes 188
- VLAN Subnets 189
- VLAN IP Addresses 189
- VLAN Services 189
- Routing Between VLANs 189
- Chapter 11 191
- Using the GUI 191
- Logging In 192
- 1. Left Navigational Pane 193
- 2. Help Buttons/Options 195
- Global Settings 196
- Failover Section 197
- Global Service Settings Flags 198
- MIB Compliance 200
- Certificates 201
- Certificate Revocation Lists 202
- Events Log 205
- Export to CSV 206
- Filtering Status Details 206
- Remote Syslog 206
- External Services 207
- VLB Manager 208
- Maintenance 210
- Licensing 211
- Manage Software 211
- Current Boot Image 212
- EQ/OS Release Status 212
- Interfaces 215
- Modifying Port Settings 217
- Reporting 220
- Chapter 12 223
- Configuring an IPv6 Tunnel 223
- IPv6 Tunnel Overview 224
- Chapter 13 229
- Managing Server Pools 230
- Server Pool Summary (GUI) 233
- Adding Server Instances(GUI) 236
- Adding Server Instances (CLI) 239
- > context 240
- Deleting a Server Pool (GUI) 241
- Deleting a Server Pool (CLI) 242
- Chapter 14 243
- Spoof Controls SNAT 245
- How Spoof Influences Routing 245
- Managing Servers 246
- Layer 7 HTTPS 247
- "Maximum Connections 248
- Adding a Server (CLI) 249
- Modifying a Server (CLI) 249
- Server Summary Screen 250
- Server Software Configuration 250
- Adding a Server to a Cluster 251
- Processing 255
- Deleting a Server 257
- Chapter 15 259
- Clusters 259
- Cluster Connection Timeouts 261
- Layer 4 Connection Timeouts 265
- Application Server Timeouts 266
- Adding and Deleting Clusters 267
- Cluster Summary 270
- Customizing the Display 271
- "Configuring 274
- TCP Cluster Persistence 275
- TCP Cluster Timeouts 276
- Layer 7 TCP Cluster Settings 288
- Persistence Methods 291
- Cookie Parameters 292
- Source IP Parameters 293
- Layer 7 Cluster Reporting 296
- Server Name Indication 299
- Security > 300
- About Passive FTP Translation 303
- Enabling Sticky Connections 303
- HTTPS Header Injection 309
- FTP Cluster Configuration 311
- Chapter 16 317
- Match Rules 317
- Using Match Rules 318
- How Match Rules are Processed 319
- Match Rule Order 319
- Match Rule Expressions 321
- Match Bodies 323
- Match Rule Functions 324
- Match Rule Operators 327
- Match Rule Definitions 327
- /var/eq/eq.conf 328
- Match Rule Expression Notes 329
- Regular Expressions 330
- Supported Headers 330
- HTTPS Protocol Matching 331
- Supported Characters in URIs 331
- Managing Match Rules 332
- Creating a New Match Rule 333
- Modifying a Match Rule 336
- Removing a Match Rule 336
- Example Match Rules 337
- Selective SNAT Example 340
- Add Match Rule form 342
- Chapter 17 347
- Automatic Cluster Responders 347
- Overview 348
- Managing Responders 348
- Modifying a Responder 350
- More Responder Examples 356
- Responders and Hot Spares 356
- Chapter 18 359
- HTTP Multiplexing 360
- Outbound NAT 362
- Direct Server Return (DSR) 363
- /etc/sysctl: 366
- Chapter 19 369
- Server Health Check Probes 369
- Layer 3 ICMP Probes 370
- Requests 371
- L4 UDP Probes 372
- L4 TCP/IP Probes 373
- Enabling/Disabling ACV Probes 374
- Testing ACV Probes 375
- Simple Health Check Probes 378
- Server Agents 382
- Sample Server Agent 383
- VLB Health Check Probes 384
- Configure VLB Managers 386
- Add health checks 388
- Add Health Checks 392
- Health Check Timeouts 394
- Chapter 20 399
- Displaying Logs 400
- Remote System Logging 400
- Chapter 21 403
- CLI Term GUITerm Definition 405
- Statistics pane on the 409
- (CLI and GUI) 410
- Reporting tab to display 416
- Server Statistic Definitions 417
- Chapter 22 423
- Failover 423
- Understanding Failover 424
- Both Units Using EQ/OS 10 425
- Active/Passive Failover 432
- Active/Active Failover 432
- Failover Modes 433
- Failover Status display: 434
- Global Failover Parameters: 437
- Between Two EQ/OS 10 Systems 439
- 172net is displayed 442
- Perform Steps 1 and 2 on 443
- Equalizers 443
- Perform Step 3 on the 444
- Perform Steps 4 and 5 on the 445
- Perform Step 6 on the 446
- Perform Step 7 on 447
- Failover flag 451
- Perform Steps 7 on 453
- Failover is not configured.: 455
- Two EQ/OS 10 Systems 456
- Primary Equalizer 457
- Backup Equalizer 457
- 10 Systems 460
- Configuration 461
- Monitoring N+1 Failover 462
- Rebalancing 466
- Eq-B and Eq-C: 468
- Eq-A and Eq-B: 470
- Eq-A or Eq-B 470
- Eq-A, Eq-C, and Eq-D: 480
- Chapter 23 483
- Overview of Alerts 484
- Alert Object Names 484
- Alert Types and Object Types 484
- Alert Notification Types 485
- Configuring Alerts 486
- Configuring Alerts in the CLI 487
- Alert Parameters 488
- Server Instance Alerts 488
- Server Alerts 488
- AlertNotifications 489
- Displaying Notifications 490
- Setting the Interval 491
- Removing Notification Alerts 491
- Chapter 24 493
- Using SNMP Traps 493
- Setting Up SNMP Traps 494
- Enabling SNMP 495
- Enabling SNMP Traps 497
- Chapter 25 499
- User and Group Management 499
- Practices 500
- Object Permission Types 500
- Administrative Setup 507
- Chapter 26 513
- Using Envoy 513
- Balancing 514
- DNSConfiguration 515
- Using Envoy with NAT Devices 517
- Configuring GeoClusters 518
- Adding a GeoCluster (GUI) 521
- Deleting a GeoCluster (GUI) 522
- Adding a GeoCluster (CLI) 522
- Deleting a GeoCluster (CLI) 522
- Configuring GeoSites 526
- Adding a GeoSite (GUI) 527
- Deleting a GeoSite (GUI) 528
- Adding a GeoSite (CLI) 528
- Deleting GeoSite (CLI) 528
- GeoSite Instance Parameters 528
- Resources 534
- Name a GeoSite Resource (GUI) 536
- Name a GeoSite Resource (CLI) 537
- Chapter 27 541
- Backup and Restore 541
- Backup (GUI) 542
- Backup (CLI) 543
- Restore (GUI) 544
- Restore (CLI) 545
- Chapter 28 547
- Regular Expression Terms 548
- Learning About Atoms 548
- Creating a Bracket Expression 549
- Appendix A 553
- Physical Dimensions 553
- Appendix B 555
- Using the File Editor 555
- Editing Files 556
- Main and Submenu Commands 557
- Appendix C 559
- Conversion Process 560
- _000 and _001 561
- Migration Process 562
- Appendix D 567
- Equalizer OnDemand 567
- What is Equalizer OnDemand? 568
- OnDemand 570
- Licensing Equalizer OnDemand 573
- Upgrading Equalizer OnDemand 575
Relacionado con productos y manuales para Ecualizadores de audio Coyote Point Systems Equalizer
(22 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.060 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales