Contents
ix
Catalyst 6500 Series Content Switching Module Configuration Note
OL-4612-01
CHAPTER
11 Configuring Firewall Load Balancing 11-1
Understanding How Firewalls Work 11-1
Firewalls Types 11-2
How the CSM Distributes Traffic to Firewalls 11-2
Supported Firewalls 11-2
Layer 3 Load Balancing to Firewalls 11-2
Types of Firewall Configurations 11-3
IP Reverse-Sticky for Firewalls 11-3
CSM Firewall Configurations 11-3
Fault-Tolerant CSM Firewall Configurations 11-6
Configuring Stealth Firewall Load Balancing 11-7
Stealth Firewall Configuration 11-7
Stealth Firewall Configuration Example 11-8
Configuring CSM A (Stealth Firewall Example) 11-9
Configuring CSM B (Stealth Firewall Example) 11-12
Configuring Regular Firewall Load Balancing 11-16
Packet Flow in a Regular Firewall Configuration 11-16
Regular Firewall Configuration Example 11-17
Configuring CSM A (Regular Firewall Example) 11-18
Configuring CSM B (Regular Firewall Example) 11-21
Configuring Reverse-Sticky for Firewalls 11-24
Understanding Reverse-Sticky for Firewalls 11-24
Configuring Reverse-Sticky for Firewalls 11-26
Configuring Stateful Firewall Connection Remapping 11-26
APPENDIX
A Configuration Examples A-1
Configuring Router Mode with the MSFC on the Client Side A-1
Configuring Bridged Mode with the MSFC on the Client Side A-4
Configuring Probes A-5
Configuring Source NAT for Server-Originated Connections to the VIP A-7
Configuring Session Persistence (Stickiness) A-9
Direct Access to Servers in Router Mode A-10
Server-to-Server Load Balanced Connections A-12
Route Health Injection A-13
Server Names A-16
Backup Server Farm A-18
Balancing Based on the Source IP Address A-24
To Next Page
Loading...
