11-10
Catalyst 6500 Series Content Switching Module Configuration Note
OL-4612-01
Chapter 11 Configuring Firewall Load Balancing
Configuring Stealth Firewall Load Balancing
Configuring Server Farms on CSM A
Note Because the IP addresses of CSM B are listed in the INSIDE-SF server farm as real servers, CSM
A will load balance the two firewalls that exist in the path to CSM B.
To configure two server farms on CSM A, perform this task:
Step 8
Switch-A(config-slb-vlan-server)# alias
10.0.101.100 255.255.255.0
Specifies an alias IP address and netmask for VLAN
101
1
.
Step 9
Switch-A(config-slb-vlan-server)# exit
Returns to VLAN configuration mode.
Step 10
Switch-A(config-module-csm)# vlan 103
server
Specifies VLAN 103 as the VLAN that is being
configured, identifies it as a server VLAN, and
enters VLAN configuration mode.
Step 11
Switch-A(config-slb-vlan)# ip address
10.0.102.35 255.255.255.0
Specifies an IP address and netmask for VLAN 103.
Step 12
Switch-A(config-slb-vlan)# alias
10.0.102.100 255.255.255.0
Specifies an alias IP address and netmask for VLAN
103
1
.
1. This step provides a target for CSM B to use in making a load-balancing decision.
Command Purpose
Command Purpose
Step 1
Switch-A(config)# module csm 5
Enters multiple module configuration mode and
specifies that CSM A is installed in slot 5.
Step 2
Switch-A(config-module-csm)# serverfarm
FORWARD-SF
Creates and names the FORWARD-SF
1
server farm
(actually a forwarding policy) and enters server farm
configuration mode.
Step 3
Switch-A(config-slb-sfarm)# no nat server
Disables the NAT of server IP addresses and port
numbers
2
.
Step 4
Switch-A(config-slb-sfarm)# predictor
forward
Forwards traffic in accordance with its internal
routing tables rather than a load-balancing
algorithm.
Step 5
Switch-A(config-slb-sfarm)# exit
Returns to multiple module configuration mode.
Step 6
Switch-A(config-module-csm)# serverfarm
TO-INSIDE-SF
Creates and names the INSIDE-SF
3
server farm (that
will contain alias IP addresses rather than real
servers) and enters server farm configuration mode.
Step 7
Switch-A(config-slb-sfarm)# no nat server
Disables the NAT of server IP address and port
number
4
.
Step 8
Switch-A(config-slb-sfarm)# predictor
hash address source 255.255.255.255
Selects a server using a hash value based on the
source IP address
5
.
Step 9
Switch-A(config-slb-sfarm)# real
10.0.101.200
Identifies the alias IP address of CSM B that lies on
the path to Firewall 1 as a real server and enters real
server configuration submode.
Step 10
Switch-A(config-slb-real)# inservice
Enables the firewall.
Step 11
Switch-A(config-slb-real)# exit
Returns to server farm configuration mode.
To Next Page
Loading...
Need help?
General