Rick Donato The ADX provides a number of loadbalancing methods (also known as predictors) such as round robin and least connections.Within this article we will look at the Dynamic Weighted loadbalancing method. Summary The Dynamic Weighted balancing method is a dynamic predictor that allows you to distribute traffic based upon the resource usage of your server (such … Read more
In order to secure management access you will need to A) enable the firewall and B) create a firewall policy and assign this to your management interface. Enable Firewall First of all enable the firewall. set firewall set firewall state-policy related action accept set firewall state-policy established action accept set firewall state-policy invalid action drop … Read more
Within this article we will show the necessary steps required to build a site to site IPSEC VPN. The following example consists of the following encryption domain: Local Remote Peer 2.2.2.2 1.1.1.1 Endpoint 192.168.3.0/24 172.16.0.0/16 NAT First of all 2 NAT rules are configured to ensure the traffic is not NAT`d. set nat source rule … Read more
Flow accounting provides the ability to display statistics on your network traffic. And is defined on a per interface basis. Below shows you a quick summary on how to enable flow accounting and also how to view the statistics. Enable First of all flow accounting is enabled on each of the interfaces. vyatta@vyatta# set system … Read more
BACKGROUND In order to to maintain persistence between services (such as HTTP and HTTPS) on a single Virtual Server two persistence methods are available ; Cookie Hashing and Source IP. In order to perform “true” Cookie (insert) persistence across services an iRule is required. Note : Though cookie persistence (insert) can be performed within the … Read more
Question How do I configure my F5 to equally distribute HTTP requests so that each request goes to a different server ? Answer To ensure that each request goes to a different server rather then all requests for a single connection going to the same server you will need to: Disable CMP Clustered Multi-Processing (CMP) … Read more
IEEE 802.3ad (LACP) is a technology that provides a method of aggregating multiple Ethernet links into a single logical channel. Configuration To configure LACP the following commands are used. This example aggregates the interfaces fe-0/0/3 and fe-0/0/4 into a logical interface named ‘ae1’. This logical interface is then configured as an access port and assigned … Read more
Within this article we will be showing the various steps required in configuring a Cisco ASA IPSEC VPN using digital certificates. These certificates will be signed by a CA (Cisco Router) and downloaded by the Client/ASA using SCEP (Simple Certificate Enrollment Protocol). Time/Date On the client, router and firewall ensure that NTP is configured and … Read more
Within this article we will look into the ‘keepalive’ command. As this command isn’t greatly documented I thought this would be a good opportunity to explain in a little more detail how it works. Keepalive vs Keep-alive First of all it is worth noting that the ‘keepalive’ command (which is configured under the real server) … Read more