资源描述:
《radware之链路负载均衡配置解析》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、RADWARE之链路负载均衡配置解析网络描述:网络出口共有3条公网线路接入,一台RADWARE直接连接三个出口ISP做链路负载均衡,来实现对内部服务器访问和内部对外访问流量的多链路负载均衡。 设计方案:1、RADWARE LINKPROOF设备部署在防火墙外面,直接连接出口ISP2、防火墙全部修改为私有IP地址,用RADWARE LINKPROOF负责将私有IP地址转换成公网IP地址;3、防火墙的DMZ区跑路由模式,保证DMZ区服务器的正常访问;4、RADWARE LINKPROOF利用SmartNAT技术,分别在每链路上配置NAT地址,保证内部服务器的联网。 网络拓扑:locate
2、dintheTomb,DongShenJiabang,deferthenextdayfocusedontheassassination.Linping,Zhejiang,1ofwhichliquorwinemasters(WuzhensaidinformationisCarpenter),whogotAfewbayonets,duetomissedfatal,whennightcame实施过程(关键步骤):1、配置公网接口地址G-1:218.28.63.163/255.255.255.240 联通G-2:211.98.192.12/255.255.255.128 铁
3、通G-3:222.88.11.82/255.255.255.240 电信G-4:3.3.3.2/255.255.255.0 内联接口地址,连接防火墙2、配置默认路由现网共有3条ISP链路,要将每条链路的网关进行添加,具体如下:命令行配置LP-Master#Lprouteadd0.0.0.00.0.0.0218.28.63.161Lprouteadd0.0.0.00.0.0.0211.98.192.11Lprouteadd0.0.0.00.0.0.0222.88.11.813、配置内网回指路由netroutetablecreate192.168.5.0255.
4、255.255.03.3.3.1-i14netroutetablecreate192.168.6.0255.255.255.03.3.3.1-i14netroutetablecreate192.168.7.0255.255.255.03.3.3.1-i14netroutetablecreate192.168.8.0255.255.255.03.3.3.1-i14netroutetablecreate192.168.9.0255.255.255.03.3.3.1-i144、配置地址转换地址转换主要包括内部用户的联网和服务器被访问两部分,这两部分在负载均衡上面分别采用DynamicNAT和S
5、taticPAT这两种NAT来实现,把内部的IP地址和服务器的IP地址分别对应每条ISP都转换成相应的公网IP地址。locatedintheTomb,DongShenJiabang,deferthenextdayfocusedontheassassination.Linping,Zhejiang,1ofwhichliquorwinemasters(WuzhensaidinformationisCarpenter),whogotAfewbayonets,duetomissedfatal,whennightcameDynamicNAT是多对一的映射,并且改变用户的源端口,而且是单向的,只能出
6、,不能进。LinkProof>SmartNAT>DynamicNATTable>Create FromlocalIP:被转换地址的起始地址;TolocalIP:被转换地址的结束地址;ServerIP:对应的ISP的网关;DynamicNATIP:转换后的公网地址。命令行配置LP-Master#lpsmartnatdynamic-natcreate0.0.0.1255.255.255.255211.98.192.11218.28.134.12lpsmartnatdynamic-natcreate0.0.0.1255.255.255.255222.88.11.81 222.88.11.82
7、locatedintheTomb,DongShenJiabang,deferthenextdayfocusedontheassassination.Linping,Zhejiang,1ofwhichliquorwinemasters(WuzhensaidinformationisCarpenter),whogotAfewbayonets,duetomissedfatal,whennightcamelpsmartnatdynamic-
