LP 6 10

Radware LinkProof
6.10

Radware LinkProof ...................................................................................................................... i
..................................................................................................................................... i
6.10 ..................................................................................................................................... i
1 Radware LinkProof ...................................................................................................3
1.1 LinkProof
1.2
................................................................................................................3
.................................................................................................................................5
2 LinkProof ................................................................................................7
.........................................................................................................................7
2.2 .........................................................................................................................7
2.3 .......................................................................................................8
2.4 LP ...........................................................................................................................9
2.5 NAT ...................................................................................................................... 10
2.6 ...................................................................................................................... 10
2.7 DNS ............................................................................................................................ 10
2.1
3 LinkProof .........................................................................................................11
console LP ...................................................................................................... 11
3.2 .............................................................................................................................. 12
3.3 .......................................................................................................................... 13
3.3.1 ............................................................................................................ 13
3.3.2 IP ................................................................................................... 14
3.4 .......................................................................................................................... 15
3.5 WEB ............................................................................................................ 16
3.6 ........................................................................................................... 17
3.7 License ..................................................................................................... 19
3.8 ........................................................................................................... 20
3.9 .............................................................................................................................. 20
3.10 ............................................................................................................................ 22
3.11 ............................................................................................................................ 23
3.12 .................................................................................................................... 25
3.12.1 ................................................................................................................. 25
3.12.2 ...................................................................................................... 26
3.12.3 IP ............................................................................................................ 28
3.1
3.12.4 Routing Table ......................................................................................................... 32

3.12.5
VLAN Tag....................................................................................................... 34
4 .........................................................................................................................35
VRRP .................................................................................................................. 35
4.1.1 VRRP ................................................................................................. 35
4.1.2 VR (Virtual Router) ........................................................................................... 37
4.2 VRRP .................................................................................................................. 41
4.2.1 VRRP ................................................................................................. 41
4.2.2 VR (Virtual Router) ........................................................................................... 42
4.1
5 FLow .......................................................................................................................45
.............................................................................................................................. 45
5.2 Farm ........................................................................................................................... 46
5.3 .......................................................................................................................... 50
5.4 Flow Policy .................................................................................................................. 54
5.4.1 Farm Flow ........................................................................................................ 54
5.4.2 Network ............................................................................................................ 55
5.4.3 Policy ................................................................................................................ 56
5.1
6 Smart NAT ..............................................................................................................59

6.1 Static NAT ........................................................................................................................... 59
6.2 Dynamic NAT ...................................................................................................................... 62
6.3 Static PAT ........................................................................................................................... 64
7 DNS ........................................................................................................................67
TTL ............................................................................................................................. 67
7.2 Host ............................................................................................................................ 68
7.3 BIND DNS ........................................................................................................ 70
7.4 Windows DNS .................................................................................................. 71
7.1
8 (Proixmity) ....................................................................................................76
.............................................................................................................................. 76
8.2 .............................................................................................................................. 77
8.3 ................................................................................................................... 79
8.4 Flow Policy .................................................................................................. 80
8.1
9 .........................................................................................................................81
9.1
........................................................................................................ 81
9.2 Cluster ................................................................................................................................. 83
10 .......................................................................................................................85
.................................................................................................................... 85
10.2 Associated IP ................................................................................................. 87
10.1
VR...................................................................................................................... 90
10.4 APSolute Insite ................................................................................................. 92
10.5 APSolute Insite ................................................................................................. 93
10.5.1 LP ......................................................................................... 93
10.6 ............................................................................................................................ 96
10.6.1 ............................................................................................................... 100
10.6.2 VR ......................................................................................................... 101
10.3
11 .....................................................................................................................102
.................................................................................................................. 102
11.2 .................................................................................................................. 103
11.3 SNMP ........................................................................................................... 104
11.4 ........................................................................................................... 105
11.5 ........................................................................................................... 106
11.6 NTP ......................................................................................................................... 107
11.7 Syslog ..................................................................................................................... 108
11.8 ........................................................................................................... 109
11.9 ............................................................................................................... 113
11.10 CPU ............................................................................................................... 115
11.11 ......................................................................................................... 115
11.12 ................................................................................................................ 117
11.13 Support ....................................................................................... 117
11.14 .................................................................................................................... 118
11.15 ........................................................................................................................ 121
11.16 ........................................................................................................................ 122
11.16.1 ............................................................................................................. 122
11.16.2 ............................................................................................................. 123
11.16.3 Policy.......................................................................................................... 125
11.16.4 ............................................................................................................. 126
11.17 ..................................................................................................... 129
11.17.1 Console .............................................................................................. 129
11.17.2 Telnet ................................................................................................. 130
11.17.3 Web .................................................................................................... 130
11.18 ........................................................................................................................ 130
11.19 ................................................................................................................ 132
11.20 ............................................................................................................. 133
11.20.1 ...................................................................................................... 133
11.1
......................................................................................................... 133
11.20.3 CPU ............................................................................................................ 134
11.20.4 ...................................................................................................... 134
11.20.5 ...................................................................................................... 135
11.20.6 ( ODS) ................................................................................... 135
11.20.7 ....................................................................................... 135
11.20.8 LinkProof ..................................................................................... 136
11.20.9 LinkProof ............................................................................. 138
11.20.10 LinkProof ........................................................................ 139
11.20.2
12 Radware license .................................................................................................140

.................................................................................................................... 140
12.2 License .................................................................................................................... 140
12.3 ODS License ........................................................................................................... 141
12.4 Licenses Passwords ....................................................................................... 142
12.1 License

Radware LinkProof
Radware
LP6.0ODS
LP
LinkProof
LPB
LinkProof Branch
NAT
Network address translation
NHR
Next Hop Router
VRRP
Virtual Router Redundancy Protocol
AS
Application Switch
ODS
On Demand Switch
Internet Radware
1
Radware LinkProof
1.1 LinkProof
LPB/5/25/50
LP208/508/1008/2008/4008 (ODS VL ) LP2016/4016 ODS2
LP8016/12016/16016(ODS3 ) LinkProof
ODS license
LPB 5 5M
LinkProof 108: 100M
LPB 25 25M
LinkProof 208: 200M
LPB 50 50M
LinkProof 1008: 1Gbps
LinkProof 2008: 2 Gbps
LinkProof 4008: 4 Gbps
CAS
ODS-VL
LinkProof
Motorola PowerPC (RISC)
(DRAM) 256 MB
8 Gbps
ASIC
ASIC
1U432mm x 475mm x 44mm

810/100Base-T
Layer4-7 5/25/50MByte/s
Unlimited
OSPF, RIP II, RIP
JAVA
SNMP based GUI,
Web based management/SSL
Command line/Telnet/SSH
HP OpenView
1300
(DRAM) 2 GB /4GB
48Gbps
ASIC

2U
610/100/1000Base-T +
21000Base-SFP
100M/200M/1G/2G/4G
2M
OSPF, RIP II, RIP
JAVA
SNMP based GUI,

HP OpenView
1300
DoS/DDoS
ASIC
1 Gbps
2 Gbps
4 Gbps
8 Gbps
12 Gbps
16 Gbps
LinkProof 1016:
LinkProof 2016:
LinkProof 4016:
ODS-2
LinkProof 8016:
LinkProof 12016:
LinkProof 16016:
ODS-3
(DRAM) 2 GB /4GB
48Gbps
(DRAM) 4 GB /8GB
400Gbps
1610/100/1000Base-T +
41000Base-SFP+
210/100/1000Base-T
410GB
810/100/1000Base-T +
41000Base-SX+
210/100/1000Base-T
8G/12G/16G
5M
OSPF, RIP II, RIP
ASIC

2U
1G/2G/4G
2M
OSPF, RIP II, RIP
JAVA
Layer4-7
SNMP based GUI,

HP OpenView
1300
DoS/DDoS
ASIC

2U
JAVA
SNMP based GUI,

HP OpenView
1300
1.2
Farm
LP
ADFarm
Farm
farm serverserver
LPclientserverclient
serverLP
Farm
Farm
Flow Policy
linkProofFlow Policy
NATNetwork Address Translation
NATIPIPIP
Static NAT
Static NAT
NAT
Dynamic NAT
Dynamic NAT
LP
LPIPTCPUDP
Connectivity Check Farm

Ping
Health Monitoring
C
/24 (255.255.255.0) Radware
/24
FIFO
(NHR)
IP
Radware
ISP Internet
Radware LinkProof
LinkProof
IP
LinkProof
C
Redundancy
LPARP
VRRPVRRP
2
LinkProof
LinkProof
2.1
LinkProof
Users
Router1
Headquarter
Local Network
Switch
ISP1
LinkProof
Router2
ERP, CRM, email, Web

servers
ISP2
2.2
3 2
SW-A-1
LP
Vlan Trunk
SW-A-3
SW-B-1
LP
SW-B-3
VLANs
: 4,2,
SW-A-NSW-AL2VLAN
SW-A-1SW-B-1VLAN trunk3VLAN
VLA100
VLAN20
VLAN30
VLAN
LP Vlan100 (192.168.1.X)Vlan20 (61.1.1.X)Vlan30
(210.1.1.x)LP F1 F2 F8
LP
IP IP
2.3
( 2 )
2. ( 3 )
3.3.11
4. IPVlan Tag(3.12 )
5. (3.12 )
6. VR (Virtual Router) ( 4 )
7. 5
1.
Router Farm
Router Server(NHR)
Farm Flow
Flow Policy
Smart NAT
Proximity
8.
2.4 LP
LP NAT
LinkProof
LP-Master
IP
IP (
)
()
F-1
61.1.1.10 / 24
61.1.1.100
61.1.1.1
F-2
210.1.1.10 / 24
210.1.1.100
210.1.1.1
F-8
192.168.1.10/24
192.168.1.100
N/A
F-1
61.1.1.20 / 24
61.1.1.100
61.1.1.1
F-2
210.1.1.20 / 24
210.1.1.100
210.1.1.1
LP-Backup
F-8
192.168.1.20/24
192.168.1.100
N/A
192.168.1.10 /24 IP 192.168.1.10 255.255.255.024 1

2.5 NAT
2 NAT NAT
NAT
192.168.1.80
192.168.1.110
192.168.1.53
3
NAT
192.168.1.1192.168.1.200
IP (
)
61.1.1.80 / 24
61.1.1.100
210.1.1.80 / 24
210.1.1.100
61.1.1.110 / 24
61.1.1.100
61.1.1.123:53
192.168.1.89
61.1.1.100
61.1.1.123:3389
61.1.1.200 / 24
61.1.1.100
210.1.1.200 / 24
210.1.1.100
2.6
192.168.1.110
192.168.1.80
Internet
2.7 DNS
2 NAT NAT
NAT
10
DNS
192.168.1.80
www.test.com
192.168.1.110
mail.test.com
3
LinkProof
3.1 console LP
WINDOWS
:19200
:8
:
:1
:None
11
> login radware

#
Console
LinkProofmanage terminal grid-mode set disable
>> BootRom
LinkProof
3.2
radware
LinkProof >login
User: radware
Password: radware
23-11-2008 17:06:11 INFO User radware logged in via terminal
12
LinkProof #
3.3
3.3.1
IP
CPU: Cougar 7410

Cougar HW version:4.40
DRAM size: 256M
Flash size: 8M
BSP version: Boot 5.47
Creation date: Aug 23 2005, 11:07:24
Press any key to stop auto-boot...

3
ODS
//
VxWorks System Boot

Copyright 1984-2004 Wind River Systems, Inc.
Bios VER
: 0602.041
CPU
: AMD OPTERON
Version
: VxWorks5.5.1
DRAM size
: 2048M
BSP version : Boot6.131

Active boot : Main
Creation date: Jun 4 2008, 17:06:17
13
//
>
>
>q0 //
Erasing configuration ...
fl:/ - Volume is OK
config file is not foundErasing Network Section ...
done
1 //
>q
Erasing configuration ...
cm:/ - Volume is OK
Erasing Network Section ...
fl:/ - Volume is OK
done
>@
//
Attaching to memory device...

Looking for software version on Compact Flash...
3.3.2 IP
Startup Configuration
0 IP Address
1 IP subnet mask
192.168.1.1
255.255.255.0
14
2 Port number
3 Default router IP address
IP
192.168.1.254 //
//
4 RIP version (0,1,2) [0]

5 Enable OSPF (y/n) [n]
6 OSPF area ID
7 User Name
8 User Password
radware
//
radware
9 Enable Web Access (y/n) [n]
//
//http
10 Enable Secure Web Access (y/n) [n]

11 Enable Telnet Access (y/n) [n]
//
telnet
12 Enable SSH Access (y/n) [n]
SNMP Configuration
//
0 Supported SNMP versions [1 2 3]

1 Community [Public]
2 SNMP Root User
3 Privacy Protocol (NONE/DES)[NONE]
4 Privacy Password
5 Authentication Protocol (NONE/SHA/MD50[NONE]
6 Authentication Password
7 NMS IP Address
8 Configuration File Name
30 IP:
192.168.1.1mask 255.255.255.0, Port Number: 1 ODS MNG-1 Username:
radware, Password: radware IP
3.4
<>>
15
LinkProof>
login
#
LinkProof >login
User: radware
Password: radware
LinkProof #
LinkProof #
Radware
l c t lp client table
>>() BootRom
LinkProof
3.5 WEB
WEB IP IP Radware ODS

MNG-1 MNG-2
net ip-interface create 192.168.1.1 255.255.255.0 1
WEB manage web status set 1

IE IE6.0 http://192.168.1.1
/ radware/radware WEB
16
3.6
WEB
Device->Device Information
Base MAC Address MAC
17
#
LinkProof # system license get
18
Device Information
Type:
LinkProof Application Switch with BWM, IPS
//
Platform:
OnDemand Switch 2
//
Ports:
18
Ports Config: 12 Copper Giga Ethernet + 4 Fiber Giga Ethernet + 2 Giga Ethernet
HW Version: C.4
SW version: 6.00.00DL
Build:
Mar 5 2009, 13:00:02 (Build: 8)
//
Throughput: Limited to 4Gbps
//
ODS
APSolute OS: 10.31-03.05:2.06.09
Network Driver: 11.53.01
Active Boot: 6.23
Secondary Boot: 6.23
Power Supply: Single Power Supply OK
//
RAM size:
2048 MB
//
CM Flash size: 991 MB
Flash size: 97 MB
Hard Disk(s): 1
Registered: No
Serial Number: 20831258
Date:
12.06.2009
Time:
12:21:23
Up time:
0 days, 0 hours, 12 minutes, 53 seconds
//
Base MAC:
00:03:b2:4b:d6:00
//
MAC
Version State: Final
3.7 License
LinkProof # system license get
License key : lp-bwm-ips-8xCFrcg9
//
MAC address : 0003b226c3c0

License ID : 1e0-bea-527
19

system license get License codeMAC addressLicense ID
license
license
radware license
3.8
LinkProof # net ip
Interface Table
etwork Mask f Number lanTag

IP Address
2.2.2.1
?55.255.255.0
?
?
3.3.3.1
?55.255.255.0
?
?
LinkProof# manage terminal grid-mode set dis

Display of ascii graphics characters: disabled
LinkProof# net ip
Interface Table
IP Address
2.2.2.1
3.3.3.1
Network Mask
255.255.255.0
255.255.255.0
If Number
2
3
VlanTag
0
0
3.9
LinkProof
20

Device->Global Parameters
Web
LinkProof# manage terminal prompt set LP-Master // CLI
LinkProof# system mib2-name set LP-Master
//
LP-Master#
21
Web
LinkProof# manage terminal prompt set LP-Backup // CLI
LinkProof# system mib2-name set LP-Backup //
LP-Backup#
3.10
Service
22
CLI
telnet/ssh/http/https1enable set 2
LinkProof# manage telnet status set 1

LinkProof# manage ssh status set 1
LinkProof# manage web status 1
LinkProof# manage secure-web status 1
3.11
/ PPS
PPS
LinkProof# system tune ip-fft-table set 256000
ODS client-table-extension table

Client table n Farm Flow Policy Client table
n client table Farm Persistency
table Client extension table Client table
client table
LinkProof# system tune client-table set 1000000
LinkProof# system tune client-table-extension set 1000000
LinkProof# system tune farm-persistecny-table set 1000000
4096 ODS
LinkProof# system tune dynamic-proximity-table set 80000
Service-> Tuning -> Device -> General
23
LinkProof# system tune nhr-track-table set 4096

nhr-track-table
LP
LP
LinkProof# system tune dynamic-nat-table set 128

NAT
IP
30
setmemory check, perform test

24
3.12
vlan IP Vlan IP
Radware IP
LP VLAN()
3.12.1
LP200/202 LP1000
FastEthernet (100M)
.
25
Device -> Physical Interface
LinkProof# net physical-interface set 1 -s "Fast Ethernet" -d Full

LinkProof# net physical-interface set 2 -s "Fast Ethernet" -d Full
3.12.2
LP1008 (ODS VL)
26
G7-G8 SFP 1-8

LP1008 G6
G1-G6
LP4016 (ODS2)
G13-G16 SFP 1-16

LP4016 MNG-1
MNG-2 17 18
G1-G12
LP8016 (ODS3)
G9-G12 SFP 1-12

XG1-XG4 XFP
LP8016 MNG-1
MNG-2
G1-G8
27
3.12.3 IP
Router->IP Router->interface Parameters

creat,
28
IP
Network mansk:
If Number: Vlan interface Number
One Ip: IP LP NAT
Set
IP Address:
IP IP IP
T-1 T-7 Trunk /

10000 Vlan Radware Vlan Vlan
Vlan
Radware LinkProof
IP Address: 61.1.1.10
Network mansk: 255.255.255.0
If Number:
G-1
Vlan interface Number ,

29
Set
If Number: G-2
IP Address: 192.168.1.10
If Number: G-8
(
)
If Number: G-1
If Number: G-2
IP Address: 192.168.1.20
If Number: G-8
30
> <> <>
LinkProof# net ip-interface create IP <
LP-Master# net ip-interface create 61.1.1.10 255.255.255.0 1

LP-Backup# net ip-interface create 61.1.1.20 255.255.255.0 1

LP-Backup # net ip-interface create 210.1.1.20 255.255.255.0 2
LP-Backup # net ip-interface create 192.168.1.20 255.255.255.0 8
LP-Master# #net ip-interface help

net ip-interface help:
<get>
<IP Address>
set
<IP Address>
<-switch value>
destroy/del <IP Address>
create/add <IP Address> <Network Mask> <If Number> <-switch value>
help
<-switch>
Switches:
-m : Network Mask
-i : If Number
-f : Fwd Broadcast
-ba : Broadcast Addr
-v : VlanTag
-oi : One Ip (Router Interface Only)
31
3.12.4 Routing Table
Router > Routing Table, Create
NHR Metric 1
LP
Farm Router Server
32
Set
LP-Master# net route table create 0.0.0.0 0.0.0.0 61.1.1.1 -i 1
LP-Master# net route table create 0.0.0.0 0.0.0.0 210.1.1.1 -i 2 -m 20
-i
LP-Master# net route table help

net route table help:
<get>
<Destination Address> <Network Mask> <Next Hop>
set
<Destination Address> <Network Mask> <Next Hop> <-switch value>
destroy/del <Destination Address> <Network Mask> <Next Hop>
create/add <Destination Address> <Network Mask> <Next Hop> <-switch value>
help
<-switch>
Switches:
-i : Interface Index
-t : Type
-m : Metric
up
1 IP 192.168.1.1 255.255.255.0
192.168.1.254 1 up
help
LP
Metric
Radware LinkProof
33
3.12.5 VLAN Tag
LP 802.1Q Vlan Trunk

Vlan Vlan Vlan Trunk VLAN
Tagging
Vlan
Device -> VLAN Tagging
Enable
VLAN Tag Handling: Overwrite
802.1q Environment:
LP-Master# net vlan-tag-environment set 1
VLAN Tag Vlan
34

LP-Master# net ip-interface set 10.61.1.10 255.255.255.0 1 -v 100
LinkProof
VRRP ARP
4.1 VRRP
VRRP ARP VRRP
4.1.1 VRRP
LinkProof > Redundancy > Global Configuration >.
35
36
VRRP VRRP
Interface Grouping: enable
disable
IP Redundancy Admin Status:
LP-Master# redundancy mode set VRRP
LP-Master# redundancy interface-group set enable
4.1.2 VR (Virtual Router)
LinkProof > Redundancy > VRRP > Virtual Routers >.
VR.
If IndexVR
VR IDVRIDVlanID
Admin StatusVRdownAssociated IPup.
37
VR255200
Primary IP IP IP
Priority
38
VR Up Associated IP
If Index: 1
VR ID: 10
Admin Status: down
Priority: 200
If Index: 2
VR ID: 20
Admin Status: down
Priority: 200
If Index: 8
VR ID: 100
39
Admin Status: down

Priority: 200
LP
LP-Master# redundancy vrrp virtual-routers create 1 10 -as 2 -p 200
LP-Master# redundancy vrrp virtual-routers help
redundancy vrrp virtual-routers help
redundancy vrrp virtual-routers help:
<get>
set
<If Index> <VR ID>

<If Index> <VR ID> <-switch value>
destroy/del <If Index> <VR ID>

create/add <If Index> <VR ID> <-switch value>
help
<-switch>
Switches:
-as : Admin Status
-p
: Priority
-pip : Primary IP
-at : Auth Type
-ak : Auth Key
-ai : Advertise Interval
-pm : Preempt Mode
-pr : Protocol
VRRP NAT Assoicated IP

VR
40
4.2 VRRP
VRRP ARP VRRP
4.2.1 VRRP
LinkProof > Redundancy > Global Configuration >.
VRRP VRRP
Interface Grouping: disable
Backup Interface Grouping: enable
IP Redundancy Admin Status:
41

LP-Backup# redundancy mode set VRRP
LP-Backup# redundancy interface-group set enable
LP-Backup# redundancy backup-interface-grouping set enable
4.2.2 VR (Virtual Router)
VR.
If IndexVR
VR IDVRIDVlanID
Admin StatusVRdownAssociated IPup.
PriorityVR255200
Primary IP IP IP
42
43
VR Up Associated IP
LP
LP-Backup# redundancy vrrp virtual-routers create 1 10 -as 2 -p 100
If Index: 1
VR ID: 10
Admin Status: down
Priority: 100
If Index: 2
VR ID: 20
Admin Status: down
Priority: 100
If Index: 8
VR ID: 100
Admin Status: down
Priority: 100
Associated IP
44

VRRP Assoicated IP
VR
5
FLow
Router Farm Router Server(

NHR) Farm Flow Table Flow Policy Smart NAT Proximity
5.1
FarmServerFlow PolicyHealth Check

-
Radware
45
5.2 Farm
Router Farm Firewall FarmRouter Farm Firewall Farm
Farm
LinkProof >Farms> Router Farm Table
46
Farm Name: CT
Aging Time: 60
Dispatch Method: Cyclic
Connectivity Check Status: Ping Only
Packet Translation: Nat
Persistency Mode: Client Table
Farm Name: ALL
Aging Time: 60
Dispatch Method: Cyclic
Connectivity Check Status: Ping Only
Packet Translation: Nat
Persistency Mode: Client Table
set
Mail Farm Router Server

FarmFarm ALL
Aging time , , ,
Dispatch Method
Cyclic (Round Robin)
Weighted Cyclic ()
47

Least Number of Users
Response Time Load Balancing
NT SNMP Parameters Windows SNMP
Windows Windows SNMP
User-Configurable SNMP Parameters NT Windows
SNMP SNMP OID
Hashing, , VIP
, ,
Least Traffic
LP-Master# lp farms all-farms create CT -t Router

LP-Master# lp farms all-farms create ALL -t Router
LP-Master# lp farms all-farms help
lp farms all-farms help:
<get>
<Farm Name>
create/add <Farm Name> <-switch value>

help
<-switch>
Switches:
-t
: Type
-tc : Clear Client Table Condition
IP default-farm ALL Farm
LP
lp farms default-farm set 61.1.1.1 -fn CT -sn Telecom

lp farms default-farm set 210.1.1.1 -fn ALL -sn CNC
48

Radware LinkProof client table
Client table mode
Entry Per Session4 IP, IP .
IP ,
Client table
Server Per Session4 IP IP LinkProof

, Client table
Layer 3 Client Table Mode
Source IP address
Destination IP address
IP IP
,LinkProof
3
IP
.
Half Layer 4 Client Table Mode
Source IP address
Destination port
In Half Layer 4 mode, all the sessions destined to the same address and port are represented by
a single entry in the Client Table, regardless of the source port/s. For example, in a simple Web
page retrieval, a client may open several TCP sessions with the server, using each session to
transfer different parts of the page, such as text, GIF files, and so on. All of these sessions,
identified by
Destination port 80 and different Source ports, constitute a single entry in the Client Table.
LinkProof performs the search using source and destination IP addresses, protocol, and
destination
port only. The source port displayed in the Client Table will be the first source port that initiated
the
session.
Half Layer 4 mode is the minimum mode required whenever sessions to different destination ports
must be tracked separatelyfor example:
When different flows are configured for different applications
When farms of proxy servers are defined on the device (using the VIP option of Packet
Translation parameter)
49
Full Layer 4 Client Table Mode
Source IP address
Source port
Destination port
IP IP LinkProof
,
Client table
4
:
FarmNAT
.
SYN Flood .
Port Hashing.
Full Layer 4 mode
Port Hashing
The Port Hashing option, when enabled, determines which source and destination ports are to
be taken into consideration. When the Hashing Dispatch Method is selected and the Port
Hashing option is enabled, LinkProof selects a server for a session using a hash function. This
is a static method where the NHR is chosen for a session purely by the session information. The
input for the hash function is source and destination IP addresses.
Note: You can enable the Port Hashing option only when Client Table Mode is Full Layer 4
(LinkProof > Global Configuration > Client Table > General > Client Table
Mode).
Port Hashing accelerates device performance and reduces memory consumption.
Port Hashing is available only with the Full Layer 4 Client Mode (see Client Table Modes, page
150).
Port Hashing is enabled by default. Therefore, by default, all entries in L4 Full are presented by
the L4 entries in the Client Table and are hashed accordingly.
LinkProof manages Client Table entries according to Source IP, Destination IP, Source Port,
and Destination Port.
LinkProof distinguishes between two options: Client Table mode and hash function. LinkProof
does the hash function on the Client Table entry to shorten the search time.
5.3
Farm FarmIP
50
Open LinkProof >Server > Logical Routers Server,
creat
51

Farm Name: CT
Router Name: Telecom
//
Farm Name: ALL
Router Name: Telecom
Farm Name: ALL
Router Name: CNC
52
set
Console
LP-Master>15-05-2009 12:19:24 INFO Cold Start
15-05-2009 12:23:00 INFO User radware logged in via web
15-05-2009 12:23:10 INFO Server CT Telecom up
15-05-2009 12:24:02 INFO Server ALL TEL up
15-05-2009 12:24:54 INFO Server ALL CNC up
LP-Master# lp servers all-servers create CT Telecom -ip 61.1.1.1

LP-Master# lp servers all-servers create ALL TEL -ip 61.1.1.1
LP-Master# lp servers all-servers create ALL CNC -ip 210.1.1.1
LP-Master# lp servers all-servers help
lp servers all-servers help:
<get>
<Farm Name> <Firewall Name>
create/add <Farm Name> <Firewall Name> <-switch value>

help
<-switch>
Switches:
-ip : IP Address
-w
: Weight
-om : OperMode
-cl : Connection Limit
-as : AdminStatus
-b
-i
-o
: Kbps Limit
: Inbound Kbps Limit
: Outbound Kbps Limit
-ft : Farm Type
53
5.4 Flow Policy
Farm Flow
Network IP/ Policy AD L4 Policy
VIP
Flow Policy
5.4.1 Farm Flow

Farm Flow
Flow Farm
LinkProof > Flow Management >Farms Flow Table> Create
LP-Master# lp flow-management farms-flow-table create Mail_Flow CT
54
5.4.2 Network
IP IP
IP +
any network
Network
Classes > Modify Networks > Create
Name: mail_server
Sub Index: 0
//
From IP: 192.168.1.110
55
To IP Address: 192.168.1.110
Mode: IP Range
LP-Master# classes modify network create mail_server 0 -f 192.168.1.110 -t \

192.168.1.110 -m "IP Range"
LP-Master# classes modify network help
classes modify network help:
<get>
set
<Name> <Sub Index>

<Name> <Sub Index> <-switch value>
destroy/del <Name> <Sub Index>

create/add <Name> <Sub Index> <-switch value>
help
<-switch>
Switches:
-a
: Address
-s
: Mask
-f
: From IP
-t
: To IP
-m
: Mode
Displays the temporary network database.

These are the networks that will be used for classification.
A network can be a range or a subnet/mask, or a combination of few ranges and
subnet masks. Use the same network name for multiple entries in the table to
create such combination.
5.4.3 Policy
LinkProof > Flow Management > Modify Policies > Create
56
Default Policy
mail server Flow Policy
Name: Mail_Policy
Index: 1
Destination: any
Source: mail_server
Direction: Two way
Farm Flow: Mail_Flow
57

LP-Master# lp flow-management modify-policy-table create Mail_Policy -dst mail_\
server -fc Mail_Flow
LP-Master# lp flow-management modify-policy-table help
lp flow-management modify-policy-table help:
<get>
set
<Name>
<Name> <-switch value>
destroy/del <Name>
create/add <Name> <-switch value>
help
<-switch>
Switches:
-i
: Index
-dst : Destination
-src : Source
-dr : Direction
-d
: Description
-pt : Service Type

-p
: Service
-os : Operational Status

-fc : Farm Flow
-pp : Inbound Physical Port Group
-vt : VLAN Tag Group
-mrk : Packet Marking
Displays temporary policies
58
6
Smart NAT
NAT 2 NAT
Smart NAT
6.1 Static NAT

Static NAT
NAT
LinkProof > Smart NAT > Static NAT Table > Create
59
From Local Server IP: 192.168.1.80

To Local Server IP: 192.168.1.80
Server IP: 61.1.1.1
From Static NAT IP: 61.1.1.80
60
To Static NAT IP: 61.1.1.80

Redundancy Mode: Regular
Regular
//

Server IP: 210.1.1.1
Server IP: 61.1.1.1
LP-Master# lp smartnat static-nat create 192.168.1.80 192.168.1.80 61.1.1.1 \

61.1.1.80 61.1.1.80
210.1.1.80 210.1.1.80
61
61.1.1.110 61.1.1.110
LP-Master# lp smartnat static-nat help
lp smartnat static-nat help:
<get>
<From Local Server IP> <To Local Server IP> <Server IP>
set
<-switch value>
<From Local Server IP> <To Local Server IP> <Server IP>
destroy/del <From Local Server IP> <To Local Server IP> <Server IP>
create/add <From Local Server IP> <To Local Server IP> <Server IP> <From Static NAT IP>
<To Static NAT IP> <-switch value>
help
<-switch>
Switches:
-fn : From Static NAT IP
-tn : To Static NAT IP
-m
: Redundancy Mode
6.2 Dynamic NAT

Dynamic NAT
LinkProof > Smart NAT > Dynamic NAT Table > Create
62
From Local IP: 192.168.1.1

To Local IP: 192.168.1.200
Server IP: 61.1.1.1
Dynamic NAT IP: 61.1.1.200
From Local IP: 192.168.1.1
To Local IP: 192.168.1.200
Server IP: 210.1.1.1
Dynamic NAT IP: 210.1.1.200
NAT NAT
LP NAT Static NAT,Dynamic NAT,
No NAT Dynamic NAT Static NAT Static NAT
63
LP-Master# lp smartnat dynamic-nat create 192.168.1.1 192.168.1.200 61.1.1.1 61.1.1.200

LP-Master# lp smartnat dynamic-nat create 192.168.1.1 192.168.1.200 210.1.1.1 \ 210.1.1.200
LP-Master#lp smartnat dynamic-nat help
lp smartnat dynamic-nat help:
<get>
set
<From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP>
<From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP> <-switch value>
destroy/del <From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP>
create/add <From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP> <-switch value>
help
<-switch>
Switches:
-m
: Redundancy Mode
6.3 Static PAT
IP
Static PAT
LinkProof > Smart NAT > Static PAT Table > Create
64
Internal IP: 192.168.1.53

Internal Port: 53
Protocol: UDP
Server IP: 61.1.1.1
External IP: 61.1.1.123
External Port: 53
Static PAT Mode: Regular
Static PAT Name: test
65
Internal IP: 192.168.1.89

Internal Port: 3389
Protocol: TCP
Server IP: 61.1.1.1
External IP: 61.1.1.123
External Port: 3389
Static PAT Mode: Regular
Static PAT Name: test
LP-Master# lp smartnat static-pat create 192.168.1.53 53 udp 61.1.1.1

61.1.1.123 53 -pn test
LP-Master# lp smartnat static-pat create 192.168.1.89 3389 tcp 61.1.1.1 \
61.1.1.123 3389 -pn test
LP-Master# lp smartnat static-pat help
lp smartnat static-pat help:

<get>
set
<Internal IP> <Internal Port> <Protocol> <Server IP>

<Internal IP> <Internal Port> <Protocol> <Server IP>
<-switch value>
destroy/del <Internal IP> <Internal Port> <Protocol> <Server IP>

create/add <Internal IP> <Internal Port> <Protocol> <Server IP> <External IP>
<External Port> <-switch value>
help
<-switch>
Switches:
-eip : External IP
-ep : External Port
-pm : Static PAT Mode
-pn : Static PAT Name
Protocol:
(1) tcp
(2) udp
(3) icmp
66
7
DNS
InBound LPDNS
ISP
7.1 TTL
DNS DNS Cache 0

300 5 DNS LP
IP
TTL
LinkProof > DNS Configuration > Response
67

LP-Master# lp dns response-ttl set 300
LP-Master#lp dns response-ttl help
lp dns response-ttl help:
<get>
set
help
response-ttl: type=integer, lower bound=none, upper bound=none
7.2 Host
DNS A LP DNS
DNS A
Host Table
LinkProof > DNS Configuration > Name To Local IP
68
Host Name: www.test.com

Local IP Address: 192.168.1.80
69
Host Name: mail.test.com

Local IP Address: 192.168.1.110
LP-Master# lp dns host-to-ip-tables name-to-ip create www.test.com -lia 192.168.1.80

LP-Master# lp dns host-to-ip-tables name-to-ip create mail.test.com -lia 192.168.1.110
LP-Master# lp dns host-to-ip-tables name-to-ip help
lp dns host-to-ip-tables name-to-ip help:
<get>
set
<Host Name>
<Host Name> <-switch value>
destroy/del <Host Name>

create/add <Host Name> <-switch value>
help
<-switch>
Switches:
-lia : Local IP Address
7.3 BIND DNS
LP DNS A DNS
LP DNS Bind LP DNS
A TTL 10 A
A 1
BIND
70
www.test.com.
61.1.1.80
www.test.com.
NS
lp.test.com.
lp.test.com.
61.1.1.100
lp.test.com.
210.1.1.100
7.4 Windows DNS
LP DNS A DNS
LP DNS Windows Server DNS LP
DNS A TTL 10 A
A 1 Windows DNS
Linux/Unix DNS
(Area) test.com
(delegation)
71
72
73
LP Virutal DNS IP
LP
IP 61.1.1.100 210.1.1.100
74
NS DNS 61.1.1.100
( 2 ) 210.1.1.100
75
8
(Proixmity)
(Proiximity)InternetLP
LPIP
8.1
Proximity No Proximity Static

Proximity Full Proximity Outbound Full
Proximity Inbound Full Proximity Both
LinkProof > Proximity > Proximity Parameter > General
Proximity Mode: Full Proximity Both
1,28802
Proximity Aging Period (min): 1440 //
76
Proximity Subnet Mask: 255.255.248.0
//
LP-Master# lp proximity mode set "Full Proximity Both"

LP-Master# lp proximity aging-period set 720
LP-Master# lp proximity subnet-mask set 255.255.248.0
LP-Master# system tune dynamic-proximity-table set 30000
LP-Master# lp proximity mode help
lp proximity mode help:
<get>
set
help
Allowed values for mode:
(1) No Proximity
(2) Static Proximity
(3) Full Proximity Inbound
(4) Full Proximity Outbound
(5) Full Proximity Both
8.2
CPU30%
CPU
LinkProof > Proximity > Proximity Parameter > Proximity Check
77

LP-Master# lp proximity checks advanced-check set none
LP-Master# lp proximity checks advanced-check help
lp proximity checks advanced-check help:
<get>
set
help
Allowed values for advanced-check:
(1) both
78
(2) outbound
(3) inbound
(4) none
8.3
IP
Full Proximity
LP Static Proximity LP
LinkProof > Proximity > Static Proximity
79
LP-Master# lp proximity static create 202.96.96.1 -to 202.96.128.254 -nhr1 61.1.1.1 \

-nhr2 210.1.1.1
LP-Master# lp proximity static help
lp proximity static help:
<get>
set
<From Address>
<From Address> <-switch value>
destroy/del <From Address>

create/add <From Address> <-switch value>
help
<-switch>
Switches:
-to : To Address
-nhr1 : NHR 1
-nhr2 : NHR 2
-nhr3 : NHR 3
8.4 Flow Policy
Flow Policy
IP Flow Policy
4.35 Grouping
5.0 Flow Policy Flow Policy Farm Router
Server Farm Server Router Server
80
IP IP
Flow Policy
LP
Flow Policy Farm Router ServerLP
Flow Policy Flow Policy Farm Server
LP
Flow Policy
9

Radware
9.1
QQMSN
IP
IP IP
DNS
LinkProof >Global Configuration > Aging By Application Port
> -at <>
LP-Master# lp global client-table application-aging-time create <
81
lp global client-table application-aging-time create 1863 -at 1080

82

LinkProof# lp global client-table application-aging-time help
lp global client-table application-aging-time help:
<get>
set
<Application Port>
<Application Port> <-switch value>
destroy/del <Application Port>

create/add <Application Port> <-switch value>
help
<-switch>
Switches:
-at : Aging Time
9.2 Cluster
NHR VRRP HSRP

LP LP LP NHR MAC
NHR LP ARP NHR1 MAC MAC1NHR1
LP MAC NHR
NHR 2 VRRP HSRP
LP ARP MAC VMAC MAC1
LP NHR1
Cluster NHR MAC NHR

MAC NHR
LinkProof >Servers > Cluster Servers Table
83
Server Address: 61.1.1.1

Cluster Server Address: 0.0.0.0
MAC Address: 00145E0A2170
LP-Master# lp servers cluster-servers create 61.1.1.1 0.0.0.0 00145E0A2170

Created successfully
Server Address
: 61.1.1.1
Cluster Server Address
: 0.0.0.0
MAC Address
MAC Status
: 00145e0a2170
: found
LinkProof# lp servers cluster-servers help

lp servers cluster-servers help:
84
<get>
<Server Address> <Cluster Server Address> <MAC Address>
destroy/del <Server Address> <Cluster Server Address> <MAC Address>

create/add <Server Address> <Cluster Server Address> <MAC Address>
help
10

IP VR 4-7
VR down
ApSolute Insite
10.1
IP VRRP IP
LP Virtual DNS DNS
IP DNS
LinkProof > DNS Configuration > DNS Virtual IP > Create
85
86
set
LP-Master# lp dns virtual-ip create 61.1.1.100

10.2 Associated IP
VDNSSmart NAT
Associated IP
Associated IP Virtual DNS,
Static NAT, Dynamic NATIP
87
LinkProof > Redundancy >VRRP > Associated IP Address > Associated IP
88
If Index: 1
VR ID: 10
Associated IP: 61.1.1.80
If Index: 1
VR ID: 10
If Index: 1
VR ID: 10
If Index: 1
VR ID: 10
If Index: 2
VR ID: 20
If Index: 2
VR ID: 20
If Index: 2
VR ID: 20
89
If Index: 8
VR ID: 100
LP-Master# redundancy vrrp associated-ip create 1 10 61.1.1.80

10.3 VR
90
VRmaster
91

LP-Master# redundancy vrrp virtual-routers set 1 10 -as 1
10.4 APSolute Insite
tar
Install.bat
92
10.5 APSolute Insite
APSolute Insite / radware / radware
10.5.1 LP
+ LinkProof
93
LP
IP AD Community Name public
94
95
10.6
Setup
Redundancies
96
Relation Type VRRP Active-Backup

Master Device Backup Device
Copy Configuration
97
VRRP
VR
VR down
Copy Configuration Apply
Relation Type
98

UDP 151
99
10.6.1
OK
A Active BBackup
100
10.6.2 VR
VRRP
LinkProof
Redundancy VRRP
Virtual Routers VR up
VRinitializeupVRbackup
Farm/Server/Flow Policy/NAT
101
11

11.1
1.06.09
File> Configuration File> Receive From Device,
"set"
102
11.2
File> Configuration File> Send to Device,
103

"set"
,.
11.3 SNMP
SNMP
Security>Community Table,
test, Super.
104
"set"
11.4
Device > Security > Users,
Create,.
105
, , Password
Web Access Level: Read-Only
Read-Write
11.5
NTP
Device->Global Parameters
106

//
11.6 NTP
NTP
107
NTP IP
NTP Timezone+08:00
NTP Status enable
NTP Server:
11.7 Syslog
syslog
Services ->Syslog Reporting
108

Syslog Stationsyslog
Syslog udp 514
Syslog Operation: syslog
LP-Master# manage syslog status set 1

LP-Master# manage syslog server set 192.168.1.200
11.8
LPNATInternet
109
LP3
FTP
syslog

LP/hdd0:/Reporting_Log
CSV ASCII
<yyyyMMdd>_<hhmm>_<ss>.txt ,20081207_1713_54.txt.
<yyyyMMdd>_<hhmm>_<ss>_tmp.txt
20081207_1713_54_tmp.txt.
Start Timemarks the entry of the start of the client session in dd/MM/yyyy hh:mm
format.
End Timemarks the entry of the last activity of the entry in dd/MM/yyyy hh:mm
format.
Source IP addressthe source where the connection is coming from.
Destination IP addressthe destination where the connection is going to.
Router/Firewallwhich gateway IP was used by the LinkProof device to access the
Internet or WAN.
Protocolthe protocol used in the packet (according to RFC 5237), for example,
FRAG, ICMP,IGMP, UDP, TCP OSPF, and so on.
Source Portthe port that was requested internally.
Destination Portthe port that was requested on the destination address.
NAT Addressthe NAT address given by the LinkProof device.
NAT Typethe NAT type given by the LinkProof device.
Bytesthe number of bytes that have passed since the entry was opened in the
Client Table.
LP
Services -> Hard Disk
110
111
CPU Best Effort CPU CPU

Full
Log File Size MB 100M 5-250M
Log File Open Time , 24
1 12 24
Log Switch Switch log file size Open time
Log File Write Mechanism CYCLIC FIFO
Stop Logging
Log File Purge purge
Disk Space to Keep Free
Logging Priority:
LP-Master# services hard-disk logging-priority set {full|best effort}

LP-Master# services hard-disk log-file-size set <Value>
LP-Master# services hard-disk log-file-time set {1|12|24}
LP-Master# services hard-disk log-switch set "Switch Now"
LP-Master# services hard-disk log-behavior set {"Stop Logging"|"CYCLIC FIFO"}
LP-Master# services hard-disk log-purge "Purge now"
LP-Master# services hard-disk total-size
LP-Master# services hard-disk free-size
//
//
LP-Master# services hard-disk set free-size-save {<Value>|<Value> MB|<Value> %>
Reporting > Clients > Parameters
112
Hard Disk Logging Mechanism
Enable
LP-Master# reporting client-table hard-disk set enable
11.9
AppDirectorRedundancy VRRPVirtual Routers VRIDs Up/Down

All Down, Set VR
AD
113

AD-Master# redundancy vrrp global-admin-status help
redundancy vrrp global-admin-status help:
<get>
set
help
Allowed values for global-admin-status:

(1) All Down
(2) All Up
(3) No Change
Sets ALL VRIDs to up/down

AD-Master# redundancy vrrp global-admin-status set 1
114
11.10 CPU
WebCPU
LP
Device->Device Monitoring
Resouce Utilization
CPU RS + RE
CPU
RE CPU
RE RSCPU 60 80%
RS
11.11
Web
LP
115
116
11.12
WebFarm
LP
Out
In
11.13 Support
[File] [Support] Support Support
LP-Backup#manage support display
117
TFTP
LP-Backup#manage support tftp
COMMAND
manage support tftp put [File Name] [Server IP] <-v>
DESCRIPTION
Send the output of a 'manage suppot display' invocation over TFTP.
11.14
:LinkProof ->Clients -> View Filters
118
L4 Policy Farm Server

Client Table
Status Filter Filter
Filter
Filter
AD-Master# appdirector client view-filters help

appdirector client view-filters help:
<get>
set
<Index>
<Index> <-switch value>
destroy/del <Index>
create/add <Index> <-switch value>
help
<-switch>
Switches:
-saf : Source IP From
-sat : Source IP To
-daf : Requested IP From
-dat : Requested IP To
-spf : Source Port From
-spt : Source Port To
-dpf : Requested Port From
119
-dpt : Requested Port To

-sa : Server IP
-ct : Client Type
-s
: Status
-ac : Action
-vt : VlanTag
-fn : Farm Name
Index
(1) 1
(2) 2
(3) 3
(4) 4
(5) 5
Displays the Filtered Client Table View Filters
Filter
AppDirctor ->Clients -> Filtered Client Table
AD-Master# appdirector client filtered-table

Filtered Client Table
Client Address Src P Dst P Farm Name
NAT Address
NAT P Srv P VIP Address
Server Address Time To Live

Type
Mode Sess. Uptime
120
11.15
AD1.07
Device -> Port Mirroring
G1 G8
121
11.16
LP2.10 L
11.16.1
Services -> Diagnostics -> Capture -> Parameters
122
Status Enabled
11.16.2
Classes IP
Classes -> Modify -> Networks
123
+
NameSub Index Network Name
Network update
Classes -> Update Policies

124
Set Policy
11.16.3 Policy
L4 Policy
Services -> Diagnostics -> Policies

Policy
125
test_net Capture Status

Disaable
11.16.4
Services -> Diagnostics -> Files
126
download
127
Wireshark
Policy
128
11.17
CF Internal Flash LP1000

Internal flash CF LP1000 Internal flash
LP1000 CF 2
LP202 AS1
11.17.1 Console
Consolefl: Internal flash cm:

CF
Internal flash

0
auto-booting...
fl:/ - Volume is OK
done.
Loading fl:/ lp-5.22.00DL-17May2009_31/master/cod19051164
Starting at 0x10000...
CF

0
auto-booting...
Looking for software version on Compact Flash... done.
Loading cm:/ lp-5.22.00DL-17May2009_31/master/cod19051164
fl:/ - Volume is OK
Starting at 0x10000...
129
11.17.2 Telnet
Telnet WEB 0 OnBoardFlash Internal

flash 1 2 CF X
LP-Backup#sys file-system config act-appl
Num
Name
Version
Media
lp-5.22.00DL-08Mar
5.22
OnBoardFlash
5.22
CompactFlash
4.35
CompactFlash
Active
2009_26
1
lp-5.22.00DL-08Mar
2009_26
2
lp-4.35.071DL-22Ap
r2008_23
11.17.3 Web
Telnet WEB 0 OnBoardFlash Internal

flash 1 2 CF Active Ture
File -> Software List
Active True
11.18
MAC MAC
Radware
130
LP1000AS2 internal flash

AS2 CF internal flash CF
internal flash BootRom
Internal Flash internal flash
sys file-system config act-appl 0 OnBoardFlash

Internal flash 1 2 CF X
0 2
1
LP-Backup#sys file-system config act-appl
Num
Name
Version
Media
lp-5.22.00DL-08Mar
5.22
OnBoardFlash
5.22
CompactFlash
4.35
CompactFlash
Active
2009_26
1
lp-5.22.00DL-08Mar
2009_26
2
lp-4.35.071DL-22Ap
r2008_23
CF copy internal flash
LP-Master# sys file-system files copy-to-flash 1
COMMAND
system file-system files copy-to-flash [versionIndex]
DESCRIPTION
Copy selected version to internal flash
File > Software Update
131
PasswordSoftware version 5.22.00File

tar Enable New Version
copy CF
sys license device-info

Radware Radware
CF 2
11.19
132
ad appdirector lp linkProof
as2 1_07_11 1.07.11 1_07_11DL
Bug
11.20
Console/Telenet/SSH
11.20.1
LP-Master#net ip
IP Interface Parameters
IP Address
Network Mask
If Number
VlanTag
61.1.1.10
255.255.255.0
192.168.1.10
255.255.255.0
210.1.1.10
255.255.255.0
11.20.2
LP-Master#net route table
Routing Table
Destination
Network Mask
Next Hop
Address
Interface
Type
Index
0.0.0.0
0.0.0.0
61.1.1.1
remote
61.1.1.0
255.255.255.0
0.0.0.0
local
192.168.1.0
255.255.255.0
0.0.0.0
local
210.1.1.0
255.255.255.0
0.0.0.0
local
133
11.20.3 CPU
LinkProof#sys os cpu
Device Resource Utilization
RS Resource Utilization : 0
RE Resource Utilization : 0
Last 5 sec. Average Utilization : 0
Last 60 sec. Average Utilization : 0
Master Utilization
: 0
90,
11.20.4
ODS-Master#sys last-sec-inf-stats
Ports statistics for the last second

Port Index
InBound
InBound
OutBound
OutBound
Megabytes
Packets
Megabytes
Packets
G-1
G-2
G-3
G-4
G-5
G-6
G-7
G-8
G-9
134
G-10
G-11
G-12
XG-1
XG-2
XG-3
XG-4
MNG-1
MNG-2
11.20.5
ODS-Master#sys last-sec-total-input
Total Input in all ports in the last second: 1030
11.20.6 ( ODS)
CPU 70 73
LinkProof#sys hardware temperature-show

Sensor number: 0 - Status: normal, Temperature: 53
Sensor number: 1 - Status: normal, Temperature: 52
11.20.7
Router
LP-Master#lp servers extended-table
135
RS NextHopRouter Table
IPaddress
Name
Mac addr
AdminSt
OperSt
MacSt
210.
1.
1.
1 ALL
/CNC
00124414d3fc
Enable
Active
Found
61.
1.
1.
1 ALL
/TEL
000911dcb6cc
Enable
Active
Found
61.
1.
1.
1 CT
/Telecom
000911dcb6cc
Enable
Active
Found
IPaddress
Type
Frms Kbits/s Wght OpMode
UsrsNo
ConLimit port
210.
1.
1.
1 NxtHopR 46894
168248
2 Regular
28261
61.
1.
1.
1 NxtHopR 23232
98989
1 Regular
12323
61.
1.
1.
1 NxtHopR
1 Regular
IPaddress
Kb/s Limit In Limit
Out Limit
In Rate
Out Rate
210.
1.
1.
113210
54184
61.
1.
1.
32132
11233
61.
1.
1.
IPaddress
Total Load
In Load
Out Load
(Kbits)
(Kbits)
(Kbits)
In/Out Per Farm
210.
1.
1.
29751163
2211741
27539421
0%
0%
61.
1.
1.
24334324
234234
27834874
0%
0%
61.
1.
1.
0%
0%
11.20.8 LinkProof
LinkProof#lp client table

Client Table
Total Number of Entries : 38702
Source Addr
Dest Addr
SPort
DPort
Protocol
Flow
136
218. 75. 79. 33
58. 67.136.125
Farm Name
NHR
6000
2967
Server Name
CT2
Source Addr
Dest Addr
124. 15. 94. 46 117. 81. 51.185
Farm Name
NHR
Type
Ext Id
Reg
260339
DPort
1911
5670
CT2
anyflow
Idx Action/PortNum
SPort
Server Name
TCP
Send T/F Farm
Protocol
TCP
Flow
anyflow
Idx Action/PortNum
Type
Ext Id
DN
203763
Send T/F Farm
LinkProof#lp client table-summary

Client Table
Num of Entries : 38285
Source Addr
Dest Addr
SrcP
DstP
Farms sequence
0
124. 15. 65. 50 117. 79. 68. 61 46644 4074
Rtr
220.113.236.111 119.147. 12.198 1032
8000
Rtr
211.162. 62.166 117.136. 19.162 0
Rtr
220.113.234.194 119.147. 18. 89 1076
443
Rtr
124. 15. 71.117 120. 15.125. 65 1146
1098
Rtr
124. 15. 64.113 122. 84. 10. 20 2475
18985
Rtr
220.113.232.158 119.129. 61.158 20056 24107
Rtr
172. 16.253.237 118.239. 50.103 49695 4167
Rtr
124. 15. 96.181 116.254.155.198 43573 38028
Rtr
, . , . Farm
, , .
lp client table
client table CLI command, which allow you to filter
existing client entries and display only relevant entries:
137
-ipprint only entries with given IP address.

-flprint only entries with given flow name.
-fnprint only entries with given farm name.
-snprint only entries with given server name.
-vlprint only entries with forwarding type bridging.
-apprint only entries with given application port.
-dbprint only entries with delayed-bind information.
-edprint only entries with edge farm information.
-mappedprint entries including mapped information.
-ptrprint only entries with given packet translation type (VIP, Dynamic NAT, VPN, and so
on)
11.20.9 LinkProof
Master
LP-Master#red v v
VRRP Table
If Index
VR ID
VR MAC
State
Admin Status
10
00005e00010a
master
up
20
00005e000114
master
up
100
00005e000164
master
up
Backup
LP-Backup#red v v
VRRP Table
If Index
VR ID
VR MAC
State
Admin Status
10
00005e00010a
backup
up
20
00005e000114
backup
up
100
00005e000164
backup
up
138
11.20.10 LinkProof
appdirector#sys config immediate
LP-Master#sys config immediate
!
!Device Configuration
!Date: 18-05-2009 10:17:14
!DeviceDescription: LinkProof Application Switch - with SynApps
!Base MAC Address: 00:03:b2:26:c3:c0
!Software Version: 5.22.00DL (build Mar
1 2009, 16:23:30)
!
net route table create 0.0.0.0 0.0.0.0 61.1.1.1 -i 1
net route table create 0.0.0.0 0.0.0.0 210.1.1.1 -i 2 -m 20
lp farms all-farms create CT -t Router
lp farms all-farms create ALL -t Router
lp servers all-servers create CT Telecom -ip 61.1.1.1
lp servers all-servers create ALL TEL -ip 61.1.1.1
lp servers all-servers create ALL CNC -ip 210.1.1.1
lp flow-management farms-flow-table create Mail_Flow CT -id 1
lp flow-management modify-policy-table create Default -i 0
lp flow-management modify-policy-table create Mail_Policy -dst \
mail_server -fc Mail_Flow
redundancy mode set VRRP
system mib2-name set LP-Master
139
12
Radware license
12.1 License
license license
license licenselicense
Radware
12.2 License
License
sys license license

WEB License :
Product appdirector LinkProof

License
AD License
140
Capabilities
AD1000 (global)
(bwm-ips) dos (dos) cookie (cookie)
AD license
appdirector-cookie-Dt27cYK3
3 Code
license AD license
12.3 ODS License
ODS License
Throughput license ODS504 500M ODS1/2
4G license
CLI :
LinkProof# system throughput-license
License key : 4Gbps-OlVtQK6N
MAC address : 0003b24bd600
License ID : 207-443-8d3
Hardware license 10G 10XGE License(

AD6000 ) ODS LP License
SSL TPS License 2.0 AD SSL SSL
ADLP license
CLI :
LinkProof# system ssl-license
License key : appdirector-ssl-500-K8U2bja2
MAC address : 0003b24c6100
License ID : 945-41c-144
Compression Throughput License - 2.0 AD SSL license

ADLP license
141
CLI
LinkProof# system compression-license
License key : appdirector-compression-100-bpdW1oly

MAC address : 0003b24c6100
License ID : 660-859-848
12.4 Licenses Passwords
passwords
Passwords MAC
passwords AD1.06 AD1.07
1.06.09 1.06.10
License global license
ips-bwm license
Licenses
142

LP 6 10

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

LP 6 10

Загружено:

Авторское право:

Доступные форматы

Radware LinkProof

3.12.4 Routing Table ......................................................................................................... 32

6 Smart NAT ..............................................................................................................59

9.2 Cluster ................................................................................................................................. 83

12 Radware license .................................................................................................140

Network address translation

Next Hop Router

Virtual Router Redundancy Protocol

Motorola PowerPC (RISC)

1U432mm x 475mm x 44mm

1U424mm x 600mm x 44mm

SNMP based GUI,

1U424mm x 600mm x 44mm

SNMP based GUI,

1U424mm x 600mm x 44mm

SNMP based GUI,

Connectivity Check Farm

ERP, CRM, email, Web

192.168.1.10 /24 IP 192.168.1.10 255.255.255.024 1

> login radware

CPU: Cougar 7410

Press any key to stop auto-boot...

VxWorks System Boot

BSP version : Boot6.131

Press any key to stop auto-boot...

Erasing configuration ...

Attaching to memory device...

4 RIP version (0,1,2) [0]

9 Enable Web Access (y/n) [n]

10 Enable Secure Web Access (y/n) [n]

12 Enable SSH Access (y/n) [n]

0 Supported SNMP versions [1 2 3]

WEB IP IP Radware ODS

net ip-interface create 192.168.1.1 255.255.255.0 1

WEB manage web status set 1

License key : lp-bwm-ips-8xCFrcg9

MAC address : 0003b226c3c0

etwork Mask f Number lanTag

LinkProof# manage terminal grid-mode set dis

LinkProof# manage telnet status set 1

ODS client-table-extension table

Service-> Tuning -> Device -> General

LinkProof# system tune nhr-track-table set 4096

LinkProof# system tune dynamic-nat-table set 128

setmemory check, perform test

Device -> Physical Interface

LinkProof# net physical-interface set 1 -s "Fast Ethernet" -d Full

LP1008 (ODS VL)

G7-G8 SFP 1-8

G13-G16 SFP 1-16

G9-G12 SFP 1-12

Router->IP Router->interface Parameters

T-1 T-7 Trunk /

Vlan interface Number ,

> <> <>

LinkProof# net ip-interface create IP <

LP-Master# net ip-interface create 61.1.1.10 255.255.255.0 1

LP-Backup# net ip-interface create 61.1.1.20 255.255.255.0 1

LP-Master# #net ip-interface help

3.12.4 Routing Table

Router > Routing Table, Create

LP-Master# net route table help

3.12.5 VLAN Tag