a sample configurations for load balancers

7/25/2019 A Sample Configurations for Load Balancers

1/43

A Sample Configurations for Load Balancers

This appendix provides sample configurations for commonly used load balancers. It contains

these sections:

Section A.1, "Test et!or #onfiguration"

Section A.$, "%& 'ig I( Application S!itch )Soft!are *ersion +.& (T%.&"

Section A.-, "#isco #S -.1)$"

Section A.+, "%oundry Server Iron v/0.1.//cT$+"

Section A.&, "ortel Alteon $+$+ SS )Soft!are *ersion $/.$.$.1"

Section A.2, "3ad!are 4eb Server 5irector ( !ith SynApps 6.&/./&"

A.1 Test Network Configuration

This section identifies the elements of the net!or configuration and considerations for the

operation of 7racle Application Server components.%igure A81sho!s the configuration, its

subnets, and the placement of the 7racle Application Server components in it.

%igure A81 Test et!or #onfiguration

1
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCJCCIGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBFBJhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCDDHDHhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCFEBFGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCGGGIIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCHJCJBhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBFBJhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCDDHDHhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCFEBFGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCGGGIIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCHJCJBhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCJCCIG


2/43

5escription of "%igure A81 Test et!or #onfiguration"

A.1.1 Network Subnets in the Test Configuration

The test net!or consists of several subnets for deployment of the hard!are and 7racle

Application Server components:

Internet

Simulated public net!or

%ire!all8oad 'alancer Transport et

et!or bet!een the border fire!all and load balancer external interface

59 or 4eb Tier

The 7racleAS Single Sign87n middle tiers are installed on this tier. This subnet has t!ogate!ays:

o Internal interface of the load balancer

o %ire!all interface to the data tier

5ata Tier

2
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted009.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted009.htm


3/43

The 7racle Application Server Infrastructure instance are installed on this tier. This is a

protected net!or.

A.1.2 ardware in the Test Configuration

The test configuration contains the follo!ing hard!are:

#isco (ix border or gate!ay fire!all

#hec (oint %ire!all81 internal fire!all )59 to the Intranet

7ne of the follo!ing load balancers )%& 'ig I( !as used in 7racle tests:

%& 'ig I( Application S!itch )Soft!are *ersion +.& (T%.&

#isco #S -.1)$

%oundry Server Iron v/0.1.//cT$+

ortel Alteon $+$+ SS )Soft!are *ersion $/.$.$.1

3ad!are 4eb Server 5irector ( !ith SynApps 6.&/./&

A.1.! Configuration of Load Balancers and "irewalls for #racle Application

Ser$er Component igh A$ailabilit%

7racleAS (ortal and 7racleAS 4ireless use server8to8server communication. This means that an

7racleAS (ortal or 7racleAS 4ireless instance must be able to mae ;TT( or ;TT(S re


4/43

After the (arallel (age =ngine re


5/43

5escription of "%igure A8- 3e$.120.$//./?$+ )59$

Internal: 1>$.120././?$+ )591

T!o interfaces !ere created:

1.1 1>$.120.$//.&?$+ )=xternal

1.$ 1>$.120./.1?$+ )Internal

ote:

5
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htmhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/img_text/asted008.htm


6/43

In the configuration for port 1.$, Secure et!or Address Translation

)SAT automap !as also enabled.

A.2.2 Ser$ers-Nodes for the Big (& Configuration

As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for the

middle tier installations and 7racleAS Single Sign87n servers:

pdln8mid1.pdx.com

pdln8mid$.pdx.com

pdln8sso1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier

pdln8sso$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier

A.2.! &ools for the Big (& Configuration

The follo!ing pools !ere created:

(ool 1: ;TT(

pdln8mid1.pdx.com )(ort 6666

pdln8mid$.pdx.com )(ort 6666

=nable SAT

(ool $: 7racleAS Single Sign87n

pdln8sso1.pdx.com )(ort 6666

pdln8sso$.pdx.com )(ort 6666

=nable SAT

(ersistent rebalance

(ool -: 7racleAS 4eb #ache Invalidation

pdln8mid1.pdx.com )(ort >+/1

6
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEF


7/43

pdln8mid$.pdx.com )(ort >+/1

=nable SAT

A.2.+ *irtual Ser$ers )*(&s, for the Big (& Configuration

The follo!ing virtual servers !ere used:

Table A81 *irtual Servers for the 'ig I( #onfiguration

Name (& Address &ort &ool

*I(1 1>$.120.$//.1/ 0/ 1

*I($ 1>$.120.$//.11 0/ $

*I(- 1>$.120.$//.1/ >+/1 -

A.2.' Load Balancing ethod for the Big (& Configuration

The follo!ing load balancing methods !ere used:

iddle tiers: 3ound 3obin !ith basic ;TT( health chec

Identity anagement: east #onnections !ith 7racleAS Single Sign87n health chec

)in8house

A.2./ ealth onitors for the Big (& Configuration

@ou can create health monitors for 7racle Application Server components as described in thissection.

A.2./.1 #racleAS Single Sign0#n

Send String: =T ?sso?status

3eceive 3ule: The 7#+BS=#C3IT@ instance is running

A.2./.2 iddle Tier Components

7


8/43

Since there are multiple components running on the middle tiers, the best !ay to monitor this is

!ith an ;TT( =T ?. @ou can also create customiDed health checs using 7racleAS (ortal and

7racleAS 4ireless status pages.

A.2./.! #racleAS eb Cache (n$alidation

A health monitor is needed for 7racleAS 4eb #ache invalidation messages. Cse ;TT( 7I

to monitor these messages.

A.2./.+ #racle (nternet irector% LA&

onitor 7racle Internet 5irectory 5A( communication using 5A( 7I.

A.2./.' SSL Configuration

'ecause t!o different hosts )sso8linux and linux !ere used, t!o proxies, each !ith its o!n

certificate, !ere created:

(roxy 1

Type: SS

I(:(ort: 1>$.120.$//.1/:++- )linux.pdx.com

5estination ;ost: 1>$.120.$//.1/:0/ )linux.pdx.com

)#ertificate information here

(roxy $

Type: SS

I(:(ort: 1>$.120.$//.11:++- )sso8linux.pdx.com

5estination ;ost: 1>$.120.$//.11:0/ )sso8linux.pdx.com

)#ertificate information here

These proxies decrypt the ;TT(S session in 'ig I(Es internal SS accelerator and for!ard the;TT( traffic bac to the *I(.

A.2.3 #racleAS &ortal Configuration Notes for Big (&

In order to use the load balancer to handle the (arallel (age =ngine re


9/43

1. In the net!or configuration, chec SAT Automap for the self I( of the internal

interface.

$. In the middle tier pool configuration, ensure that SAT is enabled and AT is disabled.

-. Issue the follo!ing command:

b vlaninternalsnat automap enable

In the preceding command, internal is the I( address of the internal interface.

+. Test the configuration !ith a telnet command from one of the middle tiers to the *I(address on port 0/, !ith a ;=A5 re


10/43

SS, you must also import #A and Site certificates into the 7racleAS 4ireless configuration.

See the 7racle Application Server 4ireless AdministratorEs uide for instructions.

A.2.5 #racleAS eb Cache Configuration Notes for Big (&

If you are using 7racleAS 4eb #ache !ith 'ig I(, ensure that the 'ig I( version is at least +.&(T%&, !ith the fix described in the %& document $01&+. 4ithout this version and the fix, severe

performance problems !ill occur. )In versions later than +.& (T%&, the problems have beenfixed.

A.! Cisco CS !.1)2,

This section describes the net!or configuration necessary to test the #isco #S -.1)$ load

balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$ application server.

A.!.1 Subnets for the CS !.1)2, Configuration

The follo!ing subnets !ere used in the #isco #S -.1)$ configuration:

=xternal: 1>$.120.$//./?$+ )59$

Internal: 1>$.120././?$+ )591

A.!.2 Ser$ers-Nodes for the Cisco CS !.1)2, Configuration



pdln8mid1.pdx.com

pdln8mid$.pdx.com



A.!.! *LANs for the Cisco CS !.1)2, Configuration

The follo!ing *As !ere created:

*A $: #lient

*A $//: Server )4eb tier

10


11/43

*A +//: Server )SS

A.!.+ Ser$er "arms for the Cisco CS !.1)2, Configuration

The follo!ing server farms !ere created:

;TT(SB(77 )3edirection to SS Accelerator

AT server

o AT client

3eal 1>$.120.1//.1/

ICFB%A3

AT server

o AT client

3eal 1>$.120./.1/+ 6666

3eal 1>$.120./.1/& 6666

ICFB%A3$

AT server

AT client S7C3#=AT )for (arallel (age =ngine re$.120./.1/+ 6666

3eal 1>$.120./.1/& 6666

SS7B%A3

AT server

o AT client

3eal 1>$.120./.1/1 6666

SS7 %A3$

AT server

11


12/43

AT client S7C3#=AT

3eal 1>$.120./.1/1

SS7BSS8A )3edirection to SS Accelerator

AT server

o AT client

3eal 1>$.120.1//.11

4#BI*A )4eb #ache Invalidation

AT server

AT client 4='#A#;= )for AT of invalidation re$.120./.1/1 >+/1

3eal 1>$.120./.1/& >+/1

A.!.' *irtual Ser$ers )*(&s, for the Cisco CS !.1)2, Configuration

This section describes the virtual servers in the #isco #S -.1)$ configuration.

A.!.'.1 *irtual Ser$ers for #utside Traffic Access to Ser$er "arms

;TT(SB(77 )3edirect to SS Accelerator

*irtual 1>$.120.$//.1/ tcp https

Serverfarm ;TT(SB(77

Sticy 1$/ group +

o persistent rebalance

;TT(B(77 );TT( direct to servers

*irtual 1>$.120.$//.11 tcp https

*A $

Serverfarm ICFB%A3

12


13/43

Sticy 1$/ group $

Idle 6$//

(eristent rebalance

SS7- )SS redirection to the SS Accelerator


*A $

Serverfarm SS7BSS8A


A.!.'.2 Stick% Configuration

sticy $ netmas $&&.$&&.$&&.$&& timeout 1$/

sticy - ssl timeout 1$/

sticy + netmas $&&.$&&.$&&.$&& timeout 1$/

A.!.'.! *irtual Ser$ers for TT& 6e7uest "orwarding "rom the SSL Accelerator

;TT(B(77- )Accept re$.120.$//.1/ tcp !!!

*A +//

Serverfarm ICFB%A3


SS7 )Accepts ;TT( re$.120.$//.11 tcp https

*A +//

Serverfarm SS7B%A3

Idle 6$//

13


14/43


A.!.'.+ *irtual Ser$ers for Traffic from *LAN for &arallel &age 8ngine 6e7uests

;TT(8$ )Accept re$.120.$//.1/ tcp !!!

*A $//

Serverfarm ICFB%A3$


In order to allo! the !ireless authentication using 7racleAS Single Sign87n, the

follo!ing virtual server must be created on the middle tier *A to allo!

communication from the 7racleAS (ortal middle tier to the 7racleAS Single Sign87nserverEs *I(:

SS7$


*A $//

Serverfarm SS7B%A3$


The follo!ing virtual server is re


15/43

telnet 192.168.200.10 80

HEAD

A response similar to the follo!ing should be returned:

Date: Wed, 02 Jun 200 1!:08:2! "#$

Allo%: "E$, HEAD

&erver: 'ra(leA&)Web)*a(+e)10-10.1.2.0.0

*ontent)$pe: te/t-+tml

*ontent)ent+: 100

*a(+e)*ontrol: publi(

ote:

@ou can perform the same test for the invalidation communication from theInfrastructure database. Syntax errors may occur !ith these re


16/43

(lo( timeone 4&$ )8(lo( summer)time 4D$ re(urrin(lo( (alendar)validredundan(main)(pu auto)sn( standarddianosti( level (ompleteip subnet)erono ip domain)looupno mls ip multi(ast areateno mls ip multi(ast non)rp (emls >os statisti(s)e/port interval 300mls >os statisti(s)e/port delimiter @module *ontent&%it(+in#odule 3vlan 2 (lient ip address 192.168.200.! 2!!.2!!.2!!.0 ate%a 192.168.200.1

vlan 200 server ip address 192.168.0.1 2!!.2!!.2!!.0vlan 00 server ip address 192.168.100.1 2!!.2!!.2!!.0natpool WE?*A*HE 192.168.200.12! 192.168.200.12! netmas 2!!.2!!.2!!.0natpool &'7*E5A$ 192.168.200.100 192.168.200.100 netmas 2!!.2!!.2!!.0serverarm H$$4&B4'' nat serverno nat (lient

real 192.168.100.10 inservi(eserverarm =5;BCA7# nat serverno nat (lient

real 192.168.0.10 inservi(e real 192.168.0.10! inservi(eserverarm =5;BCA7#2 nat servernat (lient &'7*E5A$

real 192.168.0.10 inservi(e real 192.168.0.10! inservi(eserverarm &&'BCA7# nat serverno nat (lient

real 192.168.0.100 no inservi(e

16


17/43

real 192.168.0.101 inservi(eserverarm &&'BCA7#2 nat servernat (lient &'7*E5A$real 192.168.0.101

inservi(eserverarm &&'B&&)A nat serverno nat (lient

real 192.168.100.11 inservi(eserverarm W*B=5A nat servernat (lient WE?*A*HEreal 192.168.0.10 901

inservi(e

real 192.168.0.10! 901 inservi(esti( 2 netmas 2!!.2!!.2!!.2!! timeout 120sti( 3 ssl timeout 120sti( netmas 2!!.2!!.2!!.2!! timeout 120vserver H$$4)2 virtual 192.168.200.10 t(p %%% vlan 200 serverarm =5;BCA7#2 persistent rebalan(e inservi(evserver H$$4&B4'' virtual 192.168.200.10 t(p +ttps serverarm H$$4&B4'' sti( 120 roup idle 200 no persistent rebalan(e inservi(evserver H$$4B4'' virtual 192.168.200.10 t(p %%% vlan 2 serverarm =5;BCA7# sti( 120 roup

idle 200 persistent rebalan(e inservi(evserver H$$4B4''3 virtual 192.168.200.10 t(p %%% vlan 00 serverarm =5;BCA7# persistent rebalan(e inservi(e

17


18/43

vserver &&' virtual 192.168.200.11 t(p %%% vlan 00 serverarm &&'BCA7# idle 200 persistent rebalan(e inservi(evserver &&'2 virtual 192.168.200.11 t(p +ttps vlan 200 serverarm &&'BCA7#2 persistent rebalan(e inservi(evserver &&'3 virtual 192.168.200.11 t(p +ttps vlan 2 serverarm &&'B&&)A

persistent rebalan(e inservi(evserver WE?*A*HEB=5A virtual 192.168.200.10 t(p 901 vlan 200 serverarm W*B=5A persistent rebalan(e inservi(eintera(e "iabitEt+ernet1-1no ip addresss+utdo%nintera(e "iabitEt+ernet1-2no ip addresss+utdo%nintera(e CastEt+ernet2-1 #anaement =ntera(eFip address 138.1.33.10! 2!!.2!!.2!!.128duple/ ullspeed 100intera(e CastEt+ernet2-2

no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 2s%it(+port mode a((essintera(e CastEt+ernet2-3no ip addressduple/ ull

18


19/43

speed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-!no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((ess

intera(e CastEt+ernet2-6no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-no ip addressduple/ ullspeed 100

s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-8no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-9

no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-10no ip address

19


20/43

duple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 00s%it(+port mode a((essintera(e CastEt+ernet2-11no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-12no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200

s%it(+port mode a((essintera(e CastEt+ernet2-13no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e CastEt+ernet2-1no ip addressduple/ ullspeed 100s%it(+ports%it(+port a((ess vlan 200s%it(+port mode a((essintera(e lan1no ip addresss+utdo%nintera(e lan200no ip addressip deault)ate%a 138.1.3.229

ip (lasslessno ip +ttp serverttp)server slot0:(6slb)ap(.2)1)1.binline (on 0line vt 0 pass%ord %el(omeloin

20


21/43

transport input lat pad mop telnet rloin udptn nasiendpd)(at6G

A.+ "oundr% Ser$er (ron $:4.1.::cT2+

This section describes the net!or configuration necessary to test the %oundry Server Ironv/0.1.//cT$+ load balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$

application server.

A.+.1 Subnets for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration

The follo!ing subnets !ere used in the %oundry Server Iron v/0.1.//cT$+ configuration:

=xternal: 1>$.120.$//./?$+ )59$

Internal: 1>$.120././?$+ )591

A.+.2 Ser$ers-Nodes for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration

As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for themiddle tier installations and 7racleAS Single Sign87n servers:

pdln8mid1.pdx.com

pdln8mid$.pdx.com

pdln8cache1.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier

pdln8cache$.pdx.com )Identity anagement, 7racleAS Single Sign87n middle tier

A.+.! 6eal Ser$ers for the "oundr% Ser$er (ron $:4.1.::cT2+ Configuration

Server1/- 1>$.120./.1/& )7racleAS (ortal on pdln.mid1

Source8AT

(ort 6666

(ort >+/1

Server1/$ 1>$.120./.1/+ )7racleAS (ortal on pdln8mid$

Source8AT

21


22/43

(ort 6666

(ort >+/1

Server1/1 1>$.120.$//.1/1 )Identity anagement and 7racleAS Single Sign87n middle

tier on pdln8cache1

(ort 6666

To verify the (arallel (age =ngine communication from the middle tiers, follo! these steps:

1. Test the configuration !ith a telnet command from one of the middle tiers to the *I(

address on port 0/, !ith a ;=A5 re


23/43

In order for invalidation to !or correctly, you must ensure that client AT is enabled on each of

the real servers on !hich 7racleAS 4eb #ache is installed. @ou may also need to create a static

route on the fire!all to ensure that invalidation re


24/43

port ssl no)+ealt+)(+e(server (a(+e)name sslB11 192.168.100.11port +ttpport +ttp no)+ealt+)(+e(port +ttp url HEAD -port sslport ssl no)+ealt+)(+e(server real server100 192.168.0.100sour(e)natport server virtual 200B10 192.168.200.10sm)priorit 2!port +ttpport +ttp spooinport 901port 8

port ssl sti(bind +ttp server102 server103 bind 901 server102 901 server103 901bind ssl sslB10 sslserver virtual 200B11 192.168.200.11sm)priorit 2!port +ttpport +ttp spooinport ssl sti(bind +ttp server100 bind ssl sslB11 sslserver vip)roup 1vip 192.168.200.10vip 192.168.200.11server (a(+e)roup 1(a(+e)name sslB10(a(+e)name sslB11vlan 1 name DECA$)A5 b portvlan 092 name internal b portuntaed et+e 2-! to 2-8 et+e -13 to -18 et+e -23 to -2router)intera(e ve 1

vlan 093 name e/ternal b portuntaed et+e 2-1 to 2- et+e -1 to -12router)intera(e ve 2vlan 09! name && b portuntaed et+e -19 to -21router)intera(e ve 3+ostname &erver=ronB1

24


25/43

ip deault)net%or 192.168.200.1-2ip l)poli( 1 (a(+e t(p 0 lobalip l)poli( 2 (a(+e t(p ssl lobalip route 0.0.0.0 0.0.0.0 192.168.200.1ip route 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200username t%illard pass%ord .....router vrrpsnmp)server (ommunit ..... r%intera(e et+ernet 2-1(onirm)port)up 6intera(e et+ernet 2-2(onirm)port)up 6intera(e et+ernet 2-3(onirm)port)up 6intera(e et+ernet 2-

(onirm)port)up 6intera(e et+ernet 2-!(onirm)port)up 6intera(e et+ernet 2-6(onirm)port)up 6intera(e et+ernet 2-(onirm)port)up 6intera(e et+ernet 2-8(onirm)port)up 6intera(e et+ernet -1speed)duple/ 100)ullintera(e et+ernet -13speed)duple/ 100)ullintera(e ve 1ip address 192.168.0.1 2!!.2!!.2!!.0ip vrrp vrid 1 o%ner advertise ba(up ip)address 192.168.0.1 vip)roup 1

tra()port ve 2 a(tivateintera(e ve 2ip address 192.168.200.! 2!!.2!!.2!!.0ip vrrp vrid 2 o%ner advertise ba(up ip)address 192.168.200.! tra()port ve 1

25


26/43

a(tivateintera(e ve 3ip address 192.168.100.1 2!!.2!!.2!!.0ip vrrp vrid 3 o%ner advertise ba(up ip)address 192.168.100.1 tra()port ve 1 a(tivateend

A.' Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

This section describes the net!or configuration necessary to test the ortel Alteon $+$+ SS

)Soft!are *ersion $/.$.$.1 load balancer !ith the 7racle Application Server 1/g 3elease $)1/.1.$ application server.

A.'.1 Subnets for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

Configuration


=xternal: 1>$.120.$//./?$+ )59$

Internal: 1>$.120././?$+ )591

A.'.2 Ser$ers-Nodes for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

Configuration



pdln8mid1.pdx.com

pdln8mid$.pdx.com



A.'.! 6eal Ser$ers for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

Configuration

26


27/43

@ou must create 3eal Server entries for each middle tier balanced by the load balancer. Table A8$

lists the servers used in the test configuration.

Table A8$ 3eal Servers

6eal 6eal (& Name

1 1>$.120./.1/+ pdln8mid1

$ 1>$.120./.1/& pdln8mid$

- 1>$.120./.1// pdln8sso1

+ 1>$.120./.1/1 pdln8sso$

& 1>$.120.1//.1/ SS Accelerator linux.pdx.com

A.'.+ ;roups for the Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

Configuration

The servers listed in Table A8$must belong to groups, as listed in Table A8-. ote that thegroups contain lie instances, for example, roup 1 contains 7racleAS (ortal instances, roup +

contains the Identity anagement instances, and roup & has only the SS accelerator.

Table A8- roups

;roup Ser$ers etric

1 1, $ 3ound robin

+ -, + 3ound robin

27
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEFFBIhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BGBEHFHEhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEFFBI


28/43

;roup Ser$ers etric

& & 3ound robin

A.'.' *irtual (& Addresses for Nortel Alteon 2+2+ SSL )Software *ersion 2:.2.2.1,

This section describes the virtual I( addresses used in this configuration.

*irtual G1 is set up to listen on port 0/ );TT( using the address 1>$.120.$//.1/, !hich is on theexternal subnet interface. roup 1 is bound to this virtual address, and the remote port 6666 )the

7racleAS 4eb #ache listen port has also been set. (bind is for client sticinessH since !e are

using an 7racleAS 4eb #ache cluster in this scenario, no real session binding is needed on the

load balancer.

*irtual G+ is for 7racleAS Single Sign87n, and is also configured on port 0/ )can be set to ++-

for SS communication, using the address 1>$.120.$//.11, !hich is on the external subnet

interface. roup + is bound to this virtual server and the remote port 6666. o session binding isneeded for the 7racleAS Single Sign87n re$.120.$//.1/ linux.pdx.com 1 #lientip 6666

1 >+/1 1>$.120.$//.1/ ?A 1

+ ;TT( 1>$.120.$//.11 sso8linux.pdx.com + #lientip 6666

A.'./ Additional Ser$er Configuration for Nortel Alteon 2+2+ SSL )Software

*ersion 2:.2.2.1,

To mae the 7racleAS (ortal (arallel (age =ngine and invalidation to !or correctly, you must

enable a proxy on the internal or server ports of the load balancer. This causes AT )!ith (I(

addresses on any re


29/43

(I( #onfiguration: #onfigure (I( addresses that the proxy !ill use: %or example:

-(-slb-pipIG///.///.///.///

3eplace the /s in the preceding example !ith the (I( address. The (I( addresses must be on the

same subnet as the servers.

(ort #onfiguration:

(ort 1 )=xternal: client enable, proxy enable

(ort $ )Internal server: client enable, proxy enable, server enable

(orts -80: client enable

A.'.3 #racleAS &ortal Configuration Notes for Nortel Alteon 2+2+ SSL )Software

*ersion 2:.2.2.1,

In order for invalidation to !or correctly, you must ensure that client AT is enabled on each of

the real servers on !hich 7racleAS 4eb #ache is installed. @ou may also need to create a staticroute on the fire!all to ensure that invalidation re


30/43

pvid 2-(-port 1-astspeed 100(tl nonemode ullauto o-(-port 2pvid 3-(-port 2-astspeed 100(tl nonemode ullauto o-(-port 3pvid 2-(-port 3-astspeed 100(tl bot+mode ullauto on

-(-port pvid -(-port -astspeed 100(tl bot+mode ullauto on-(-port !pvid -(-port !-astspeed 100(tl bot+mode ullauto on-(-port 6pvid -(-port 6-astspeed 100(tl bot+mode ullauto on-(-port pvid -(-port -astspeed 100(tl bot+mode ull

auto on-(-port 8pvid -(-port 8-astspeed 100(tl bot+mode ullauto on-(-port 9ta ena

30


31/43

pvid -(-port 9-astspeed an(tl bot+mode ullauto on-(-vlan 1de 9 10 11 12 13 1 1! 16 1 18 19 20 21 22 23 2 2! 26 2 28-(-vlan 2enaname 'utside)irtualde 1 3-(-vlan 3enaname D#Lde 2-(-vlan enaname &&de ! 6 8 9

-(-vlan 99enaname A5 99de 0-(-stp 1-o-(-stp 1-(lear-(-stp 1-add 1 2 3 99-(-ip-i 1enaaddr 192.168.200.!vlan 2-(-ip-i 2enaaddr 192.168.0.1vlan 3-(-ip-i 3enaaddr 192.168.100.1vlan 090-(-ip-% 1enaaddr 192.168.200.1retr 1-(-ip-routeadd 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200 2-(-slbon

-(-slb-advdire(t ena-(-slb-real 1enarip 192.168.0.10inter 1!retr 6-(-slb-real 2enarip 192.168.0.10!

31


32/43

inter 1!retr 6-(-slb-real 3enarip 192.168.0.100inter 1!retr 6-(-slb-real disrip 192.168.0.101inter 1!retr 6-(-slb-real !enarip 192.168.100.10-(-slb-roup 1metri( roundrobinadd 1add 2-(-slb-roup 2

metri( roundrobin-(-slb-roup metri( roundrobinadd 3add -(-slb-roup !+ealt+ ssl+add !-(-slb-pip-pip1 192.168.0.1!0-(-slb-pip-pip2 192.168.0.1!1-(-slb-pip-pip3 192.168.0.1!2-(-slb-pip-pip 192.168.0.1!3-(-slb-port 1(lient enapro/ ena-(-slb-port 2(lient enaserver enapro/ ena-(-slb-port 3(lient ena-(-slb-port (lient ena-(-slb-port !(lient ena-(-slb-port 6(lient ena

-(-slb-port (lient ena-(-slb-port 8(lient ena-(-slb-virt 1enavip 192.168.200.10dname linu/.pd/.(om-(-slb-virt 1-servi(e +ttproup 1

32


33/43

rport pbind (lientip-(-slb-virt 1-servi(e 901roup 1-(-slb-virt enavip 192.168.200.11dname sso)linu/.pd/.(om-(-slb-virt -servi(e +ttproup rport pbind (lientip-(-slb-virt 2-servi(e 3-pbind sslid-(-slb-ilt !enaa(tion redirproto t(pdport +ttpsroup !rport 0

vlan an-(-slb-port 1ilt enaadd !-(-slb-port 2ilt enaadd !-s(ript end -KKKK D' 5'$ ED=$ $H=& =5E

&& *oniuration:&& *oniurationG dump

Dump private es es-noF MnoN: no*olle(tin data, please %ait...-K-K-K *oniuration dump taen $ue Au 3 12:!:1 4D$ 200-K ersion .1.2.3-K-K-K-(-.-(-ssl-.-(-ssl-dns-. (a(+esie 1000 retransmit 2s

(ount 3 ttl 3+ +ealt+ 10s +do%n 2 +up 2 allt+rou+ o-(-ssl-(ert 1-. name 4D*OA)*A (ert

33


34/43

)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert 1-revoe-.-(-ssl-(ert 1-revoe-automati(-. interval 1d ena disabled-(-ssl-(ert 2-. name linu/.pd/.(om (ert)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert 2-revoe-.-(-ssl-(ert 2-revoe-automati(-. interval 1d ena disabled-(-ssl-(ert -. name sso)linu/.pd/.(om (ert

)))))?E"=5 *E7$=C=*A$E))))))))))E5D *E7$=C=*A$E)))))...-(-ssl-(ert -revoe-.-(-ssl-(ert -revoe-automati(-. interval 1d ena disabled-(-ssl-server 1-. name linu/.pd/.(om vip 192.168.200.10 port 3 +ttpsF rip 0.0.0.0 rport 80 +ttpF tpe +ttp pro/ o ena enabled-(-ssl-server 1-tra(e-.-(-ssl-server 1-ssl-. (ert 2 (a(+esie 900 (a(+ettl !m (a(erts 1 (a(+ain 1 proto(ol ssl3 veri none (ip+ers AP&$7E5"$H ena enabled

-(-ssl-server 1-t(p-. (%rite 1!m (eep 1!m s%rite 1!m s(onne(t 10s (sendbu auto (re(bu auto ssendbu auto sre(bu 6000-(-ssl-server 1-+ttp-.

34


35/43

redire(t on ssl+eader on add/or o addvia on add/isd o addront o add(li(ert o addbeassl o addbea(li o addnostore o (msie s+ut r+ost o ma/r(ount 0 ma/line 8192-(-ssl-server 1-+ttp-re%rite-. re%rite o (ip+ers H="H:#ED=# response i&D 7= -(i)bin-%ea(ip+er-(-ssl-server 1-+ttp-aut+-.

mode basi( realm ;net pro/ o ena disabled-(-ssl-server 1-dns-.-(-ssl-server 1-adv-.-(-ssl-server 1-adv-pool-. timeout 1!s ena disabled-(-ssl-server 1-adv-tralo-. sslo+ost 0.0.0.0 udpport !1 priorit ino a(ilit lo(al ena disabled-(-ssl-server 1-adv-standalone-. ena disabled-(-ssl-server 1-adv-standalone-iplist-.-(-ssl-server 1-adv-loadbalan(in-. tpe all persisten(e none metri( +as+ +ealt+ auto interval 10s ena disabled-(-ssl-server 1-adv-loadbalan(in-s(ript-.-(-ssl-server 1-adv-loadbalan(in-remotessl-.

proto(ol ssl3 (ip+ers A-(-ssl-server 1-adv-loadbalan(in-remotessl-veri-. veri none-(-ssl-server 1-adv-ssl(onne(t-. proto(ol ssl3 (ip+ers E;4)7*)#D!:ADH ena disabled-(-ssl-server 1-adv-ssl(onne(t-veri-. veri none

35


36/43

-(-ssl-server -. 5ame sso)linu/.pd/.(om vip 192.168.200.11 port 3 +ttpsF rip 0.0.0.0 rport 80 +ttpF tpe eneri( pro/ o ena enabled-(-ssl-server -tra(e-.-(-ssl-server -ssl-. (ert (a(+esie 900 (a(+ettl !m proto(ol ssl3 veri none (ip+ers AP&$7E5"$H ena enabled-(-ssl-server -t(p-. (%rite 1!m

(eep 1!m s%rite 1!m s(onne(t 10s (sendbu auto (re(bu auto ssendbu auto sre(bu 6000-(-ssl-server -adv-.-(-ssl-server -adv-standalone-. ena disabled-(-ssl-server -adv-standalone-iplist-.-(-ssl-server -adv-loadbalan(in-. tpe all persisten(e none metri( +as+ +ealt+ auto interval 10s ena disabled-(-ssl-server -adv-loadbalan(in-s(ript-.-(-ssl-server -adv-loadbalan(in-remotessl-. proto(ol ssl3 (ip+ers A-(-ssl-server -adv-loadbalan(in-remotessl-veri-. veri none-(-ssl-server -adv-ssl(onne(t-. proto(ol ssl3 (ip+ers E;4)7*)#D!:ADH

ena disabled-(-ssl-server -adv-ssl(onne(t-veri-. veri none-(-/net-. ttl 1!m lo loin-(-ss-.-(-ss-routes-.-(-ss-time-. tone Ameri(a-osBAneles

36


37/43

-(-ss-time-ntp-.-(-ss-dns-.-(-ss-sslo-.-(-ss-(luster-. mip 192.168.100.1!-(-ss-(luster-+ost 1-. tpe master ip 192.168.100.10 ate%a 192.168.100.1-(-ss-(luster-+ost 1-routes-.-(-ss-(luster-+ost 1-intera(e 1-. ip 192.168.100.10 netmas 2!!.2!!.2!!.0 vlanid 0 mode ailover primar 0-(-ss-(luster-+ost 1-intera(e 1-ports-. add 1-(-ss-a((esslist-.-(-ss-adm-.

(litimeout 10m telnet o ss+ o-(-ss-adm-snmp-.-(-ss-adm-snmp-snmpv2)mib-. snmpEnableAut+en$raps disabled-(-ss-adm-snmp-(ommunit-. read publi( trap trap-(-ss-adm-audit-. vendorid 182 alteonF vendortpe 2 ena alse-(-ss-adm-audit-servers-.-(-ss-adm-+ttp-. port 80 ena alse-(-ss-adm-+ttps-. port 3 ena alse-(-ss-user-. e/pire 0

A./ 6adware eb Ser$er irector N& with S%nApps 3.':.:'

This section describes the net!or configuration necessary to test the 3ad!are 4eb Server

5irector ( load balancer !ith the 7racle Application Server 1/g 3elease $ )1/.1.$ applicationserver.

A./.1 Subnets for the 6adware eb Ser$er irector N& Configuration


37


38/43

=xternal: 1>$.120.$//./?$+ )59$

Internal: 1>$.120././?$+ )591

A./.2 Ser$ers-Nodes for the 6adware eb Ser$er irector N& Configuration

As sho!n in %igure A81, "Test et!or #onfiguration",the follo!ing servers !ere used for themiddle tier installations and 7racleAS Single Sign87n servers:

pdln8mid1.pdx.com

pdln8mid$.pdx.com



A./.! "arms for the 6adware eb Ser$er irector N& Configuration

The follo!ing farms !ere created for the 3ad!are 4eb Server 5irector ( #onfiguration:

%arm 1: 1>$.120./.1&/ ;TT(

%arm $: 1>$.120./.1&1 7racleAS 4eb #ache invalidation

%arm -: 1>$.120./.1&$ 7racleAS Single Sign87n

%arm +: 1>$.120./.1&- #T1// linux.pdx.com

%arm &: 1>$.120./.1&+ #T1// sso8linux.pdx.com

A./.+ Ser$ers for the 6adware eb Ser$er irector N& Configuration

Table A8&lists the servers used in the test configuration.

Table A8& Servers

"armAddress

Ser$erAddress Name

ultiple$.120./.1&/ 1>$.120./.1/+ pdln8mid$ 6666

38
https://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCCDGBGhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCEBCEFhttps://docs.oracle.com/cd/B14099_19/core.1012/b13998/sampleconfig.htm#BHCCDGBG


39/43

"arm

Address

Ser$er

Address Name

ultiple$.120./.1&/ 1>$.120./.1/& pdln8mid1 6666

1>$.120./.1&1 1>$.120./.1/+ pdln8mid$ 6666

1>$.120./.1&1 1>$.120./.1/& pdln8mid$ 6666

1>$.120./.1&$ 1>$.120./.1// pdln8sso1 )7racleAS Single Sign8

7n

6666

1>$.120./.1&$ 1>$.120./.1/1 pdln8sso$ )7racleAS Single Sign8

7n

6666

1>$.120./.1&- 1>$.120.1//.1/ #T1// )linux.pdx.com 6666

1>$.120./.1&+ #T1// )sso8linux.pdx.com 6666

A./.' Additional Ser$er Configuration for the 6adware eb Ser$er irector N&

The follo!ing additional configuration is necessary for the 3ad!are 4eb Server 5irector (:

1. =nable client AT. 5o not specify any address under Cse Specific AT Address.

$. Specify the AT address range to use.

-. Specify the client addresses for AT:

1>$.120./.1/+ 8 1>$.120./.1/& for middle tier

1>$.120.$.1// 8 1>$.120.$.1// for Infrastructure invalidation re


40/43

+. Specify client AT =nable in the server configuration.

A././ Super "arms for the 6adware eb Ser$er irector N& Configuration

Table A82lists the super farms for the 3ad!are 4eb Server 5irector ( configuration:

Table A82 Super %arms

(& Address &ort Number "arm Address "unction

1>$.120.$//.1/ 0/ 1>$.120./.1&/ linux.pdx.com ;TT(

1>$.120.$//.1/ ++- 1>$.120./.1&- linux.pdx.com ;TT(S 88J #T1//

1>$.120.$//.1/ >+/1 1>$.120./.1&1 Invalidation *I(

1>$.120.$//.11 0/ 1>$.120./.1&$ 7racleAS Single Sign87n ;TT(

1>$.120.$//.11 ++- 1>$.120./.1&+ 7racleAS Single Sign87n ;TT(S 88J #T1//

A./.3 Load Balancing ethod for the 6adware eb Ser$er irector N&

Configuration

The follo!ing load balancing methods !ere used:

iddle tiers: #yclic !ith ;TT( health chec on port 6666

Identity anagement: #yclic !ith ;TT( health chec on port 6666

To verify the (arallel (age =ngine communication from the middle tiers, follo! these steps:

1. Test the configuration !ith a telnet command from one of the middle tiers to the *I(

address on port 0/, !ith a ;=A5 re


41/43

HEAD

A response similar to the follo!ing should be returned:

Date: Wed, 02 Jun 200 1!:08:2! "#$

Allo%: "E$, HEAD

&erver: 'ra(leA&)Web)*a(+e)10-10.1.2.0.0

*ontent)$pe: te/t-+tml

*ontent)ent+: 100

*a(+e)*ontrol: publi(

ote:

@ou can perform the same test for the invalidation communication from the

Infrastructure database. Syntax errors may occur !ith these re


42/43

SS, you must also import #A and Site certificates into the 7racleAS 4ireless configuration.

See the 7racle Application Server 4ireless AdministratorEs uide for instructions.

A./.1: Test Configuration9 6adware eb Ser$er irector N&

sstem (oniDevi(e *oniurationDate: 1!)06)200 21::33Devi(e Des(ription: Web &erver Dire(tor 54 %it+ &nApps?ase #A* Address: 00:03:b2:0d:3:(0&ot%are ersion: .!0.0! build 9deeFnet route table (dbset 192.168..2 2!!.2!!.2!!.2!! 192.168.0.200net route table (dbset 192.168.2.0 2!!.2!!.2!!.0 192.168.0.200net route table (dbset 0.0.0.0 0.0.0.0 192.168.200.1manae snmp (ommunit)table (dbset 0.0.0.0 publi( )(a super )st trapsEnablesstem tune bride)t)table (dbset 102sstem tune ip)t)table (dbset 8192sstem tune arp)table (dbset 102sstem tune (lient)table (dbset 1638sstem tune routin)table (dbset !12%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable%sd arm table (dbset 192.168.0.1! *$100)&&' )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1! *$100)&&' )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!3 *$100 )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!3 *$100 )as enable )dm ((li( )(p 3%sd arm table (dbset 192.168.0.1!0 H$$4 )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!0 H$$4 )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!2 &&' )as enable )dm ((li( )(p %sd arm table (dbset 192.168.0.1!2 &&' )as enable )dm ((li( )(p

%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm table (dbset 192.168.0.1!1 W*A*HEB=5A )as enable )dm ((li(%sd arm server table (dbset 192.168.0.1! 192.168.100.11 (t100)sso%sd arm server table (dbset 192.168.0.1!3 192.168.100.10 *$100%sd arm server table (dbset 192.168.0.1!0 192.168.0.10! pdln)mid1%sd arm server table (dbset 192.168.0.1!0 192.168.0.10 pdln)mid2%sd arm server table (dbset 192.168.0.1!2 192.168.0.100 pdln)(a(+e1%sd arm server table (dbset 192.168.0.1!1 192.168.0.10! pdln)mid1%sd arm server table (dbset 192.168.0.1!1 192.168.0.10 pdln)mid2%sd p+si(al)server statisti(s (dbset pdln)(a(+e1%sd p+si(al)server statisti(s (dbset pdln)mid2%sd p+si(al)server statisti(s (dbset (t100)sso%sd p+si(al)server statisti(s (dbset *$100%sd p+si(al)server statisti(s (dbset pdln)mid1%sd super)arm (dbset 192.168.200.11 3 192.168.0.1!%sd super)arm (dbset 192.168.200.10 3 192.168.0.1!3%sd super)arm (dbset 192.168.200.11 80 192.168.0.1!2%sd super)arm (dbset 192.168.200.10 80 192.168.0.1!0%sd super)arm (dbset 192.168.200.10 901 192.168.0.1!1%sd nat server status (dbset disablesstem tune dnami()pro/imit)table (dbset 096%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1! 200

42


43/43

%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!3 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!2 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!0 200%sd arm (onne(tivit)(+e( +ttp(ode (dbset 192.168.0.1!1 200%sd nat server spe(ii()nat)address (dbset 0.0.0.0sstem tune url)table (dbset 2!6sstem tune re>uest)table (dbset 200sstem tune ssl)id)table (dbset 102net ne/t)+op)router (dbset 192.168.200.1net ne/t)+op)router (dbset 138.1.3.229%sd arm n+r (dbset 0.0.0.0 )ip 192.168.200.1%sd arm e/tended)params (dbset 192.168.0.1!0net ip)intera(e (dbset 192.168.200.! 2!!.2!!.2!!.0 2net ip)intera(e (dbset 192.168.100.1 2!!.2!!.2!!.0 16net ip)intera(e (dbset 192.168.0.1 2!!.2!!.2!!.0 1%sd nat (lient address)rane (dbset 192.168.0.2! )t 192.168.0.2!%sd nat (lient rane)to)nat (dbset 192.168.2.100 )t 192.168.2.1!!%sd nat (lient rane)to)nat (dbset 192.168.0.100 )t 192.168.0.10!%sd nat (lient status (dbset enablesstem tune nat)address)table (dbset 1

sstem tune nat)ports)table (dbset 6!12b%m modi poli( (dbset Deault )i 0 )dst an )sr( anb%m modi poli( (dbset Deault )i 0 )dst an )sr( an )dr one%a+ealt+)monitorin response)level)samples (dbset 0manae user table (dbset rad%are )p% rad%are

manae telnet status (dbset enablemanae %eb status (dbset enablemanae ss+ status (dbset enablemanae se(ure)%eb status (dbset enablenet p+si(al)intera(e (dbset 1 )s e100 )d ull )a onnet p+si(al)intera(e (dbset 2 )s e100 )d ull%sdG

a sample configurations for load balancers

Documents