Академический Документы
Профессиональный Документы
Культура Документы
6.10
Radware LinkProof ...................................................................................................................... i
..................................................................................................................................... i
6.10 ..................................................................................................................................... i
1 Radware LinkProof ...................................................................................................3
1.1 LinkProof
1.2
................................................................................................................3
.................................................................................................................................5
2 LinkProof ................................................................................................7
.........................................................................................................................7
2.2 .........................................................................................................................7
2.3 .......................................................................................................8
2.4 LP ...........................................................................................................................9
2.5 NAT ...................................................................................................................... 10
2.6 ...................................................................................................................... 10
2.7 DNS ............................................................................................................................ 10
2.1
3 LinkProof .........................................................................................................11
console LP ...................................................................................................... 11
3.2 .............................................................................................................................. 12
3.3 .......................................................................................................................... 13
3.3.1 ............................................................................................................ 13
3.3.2 IP ................................................................................................... 14
3.4 .......................................................................................................................... 15
3.5 WEB ............................................................................................................ 16
3.6 ........................................................................................................... 17
3.7 License ..................................................................................................... 19
3.8 ........................................................................................................... 20
3.9 .............................................................................................................................. 20
3.10 ............................................................................................................................ 22
3.11 ............................................................................................................................ 23
3.12 .................................................................................................................... 25
3.12.1 ................................................................................................................. 25
3.12.2 ...................................................................................................... 26
3.12.3 IP ............................................................................................................ 28
3.1
VLAN Tag....................................................................................................... 34
4 .........................................................................................................................35
VRRP .................................................................................................................. 35
4.1.1 VRRP ................................................................................................. 35
4.1.2 VR (Virtual Router) ........................................................................................... 37
4.2 VRRP .................................................................................................................. 41
4.2.1 VRRP ................................................................................................. 41
4.2.2 VR (Virtual Router) ........................................................................................... 42
4.1
5 FLow .......................................................................................................................45
.............................................................................................................................. 45
5.2 Farm ........................................................................................................................... 46
5.3 .......................................................................................................................... 50
5.4 Flow Policy .................................................................................................................. 54
5.4.1 Farm Flow ........................................................................................................ 54
5.4.2 Network ............................................................................................................ 55
5.4.3 Policy ................................................................................................................ 56
5.1
7 DNS ........................................................................................................................67
TTL ............................................................................................................................. 67
7.2 Host ............................................................................................................................ 68
7.3 BIND DNS ........................................................................................................ 70
7.4 Windows DNS .................................................................................................. 71
7.1
8 (Proixmity) ....................................................................................................76
.............................................................................................................................. 76
8.2 .............................................................................................................................. 77
8.3 ................................................................................................................... 79
8.4 Flow Policy .................................................................................................. 80
8.1
9 .........................................................................................................................81
9.1
........................................................................................................ 81
10 .......................................................................................................................85
.................................................................................................................... 85
10.2 Associated IP ................................................................................................. 87
10.1
VR...................................................................................................................... 90
10.4 APSolute Insite ................................................................................................. 92
10.5 APSolute Insite ................................................................................................. 93
10.5.1 LP ......................................................................................... 93
10.6 ............................................................................................................................ 96
10.6.1 ............................................................................................................... 100
10.6.2 VR ......................................................................................................... 101
10.3
11 .....................................................................................................................102
.................................................................................................................. 102
11.2 .................................................................................................................. 103
11.3 SNMP ........................................................................................................... 104
11.4 ........................................................................................................... 105
11.5 ........................................................................................................... 106
11.6 NTP ......................................................................................................................... 107
11.7 Syslog ..................................................................................................................... 108
11.8 ........................................................................................................... 109
11.9 ............................................................................................................... 113
11.10 CPU ............................................................................................................... 115
11.11 ......................................................................................................... 115
11.12 ................................................................................................................ 117
11.13 Support ....................................................................................... 117
11.14 .................................................................................................................... 118
11.15 ........................................................................................................................ 121
11.16 ........................................................................................................................ 122
11.16.1 ............................................................................................................. 122
11.16.2 ............................................................................................................. 123
11.16.3 Policy.......................................................................................................... 125
11.16.4 ............................................................................................................. 126
11.17 ..................................................................................................... 129
11.17.1 Console .............................................................................................. 129
11.17.2 Telnet ................................................................................................. 130
11.17.3 Web .................................................................................................... 130
11.18 ........................................................................................................................ 130
11.19 ................................................................................................................ 132
11.20 ............................................................................................................. 133
11.20.1 ...................................................................................................... 133
11.1
......................................................................................................... 133
11.20.3 CPU ............................................................................................................ 134
11.20.4 ...................................................................................................... 134
11.20.5 ...................................................................................................... 135
11.20.6 ( ODS) ................................................................................... 135
11.20.7 ....................................................................................... 135
11.20.8 LinkProof ..................................................................................... 136
11.20.9 LinkProof ............................................................................. 138
11.20.10 LinkProof ........................................................................ 139
11.20.2
Radware LinkProof
Radware
LP6.0ODS
LP
LinkProof
LPB
LinkProof Branch
NAT
NHR
VRRP
AS
Application Switch
ODS
On Demand Switch
Internet Radware
1
Radware LinkProof
1.1 LinkProof
LPB/5/25/50
LP208/508/1008/2008/4008 (ODS VL ) LP2016/4016 ODS2
LP8016/12016/16016(ODS3 ) LinkProof
ODS license
LPB 5 5M
LinkProof 108: 100M
LPB 25 25M
LinkProof 208: 200M
LPB 50 50M
LinkProof 1008: 1Gbps
LinkProof 2008: 2 Gbps
LinkProof 4008: 4 Gbps
CAS
ODS-VL
LinkProof
(DRAM) 256 MB
8 Gbps
ASIC
ASIC
Layer4-7 5/25/50MByte/s
Unlimited
OSPF, RIP II, RIP
JAVA
SNMP based GUI,
Web based management/SSL
Command line/Telnet/SSH
HP OpenView
1300
(DRAM) 2 GB /4GB
48Gbps
ASIC
610/100/1000Base-T +
21000Base-SFP
100M/200M/1G/2G/4G
2M
OSPF, RIP II, RIP
JAVA
DoS/DDoS
ASIC
1 Gbps
2 Gbps
4 Gbps
8 Gbps
12 Gbps
16 Gbps
LinkProof 1016:
LinkProof 2016:
LinkProof 4016:
ODS-2
LinkProof 8016:
LinkProof 12016:
LinkProof 16016:
ODS-3
(DRAM) 2 GB /4GB
48Gbps
(DRAM) 4 GB /8GB
400Gbps
1610/100/1000Base-T +
41000Base-SFP+
210/100/1000Base-T
410GB
810/100/1000Base-T +
41000Base-SX+
210/100/1000Base-T
8G/12G/16G
5M
OSPF, RIP II, RIP
ASIC
1G/2G/4G
2M
OSPF, RIP II, RIP
JAVA
Layer4-7
DoS/DDoS
ASIC
JAVA
1.2
Farm
LP
ADFarm
Farm
farm serverserver
LPclientserverclient
serverLP
Farm
Farm
Flow Policy
linkProofFlow Policy
NATNetwork Address Translation
NATIPIPIP
Static NAT
Static NAT
NAT
Dynamic NAT
Dynamic NAT
LP
LPIPTCPUDP
FIFO
(NHR)
IP
Radware
ISP Internet
Radware LinkProof
LinkProof
IP
LinkProof
C
Redundancy
LPARP
VRRPVRRP
2
LinkProof
LinkProof
2.1
LinkProof
Users
Router1
Headquarter
Local Network
Switch
ISP1
LinkProof
Router2
ISP2
2.2
3 2
SW-A-1
LP
Vlan Trunk
SW-A-3
SW-B-1
LP
SW-B-3
VLANs
: 4,2,
SW-A-NSW-AL2VLAN
SW-A-1SW-B-1VLAN trunk3VLAN
VLA100
VLAN20
VLAN30
VLAN
LP Vlan100 (192.168.1.X)Vlan20 (61.1.1.X)Vlan30
(210.1.1.x)LP F1 F2 F8
LP
IP IP
2.3
( 2 )
2. ( 3 )
3.3.11
4. IPVlan Tag(3.12 )
5. (3.12 )
6. VR (Virtual Router) ( 4 )
7. 5
1.
Router Farm
Router Server(NHR)
Farm Flow
Flow Policy
Smart NAT
Proximity
8.
2.4 LP
LP NAT
LinkProof
LP-Master
IP
IP (
)
()
F-1
61.1.1.10 / 24
61.1.1.100
61.1.1.1
F-2
210.1.1.10 / 24
210.1.1.100
210.1.1.1
F-8
192.168.1.10/24
192.168.1.100
N/A
F-1
61.1.1.20 / 24
61.1.1.100
61.1.1.1
F-2
210.1.1.20 / 24
210.1.1.100
210.1.1.1
LP-Backup
F-8
192.168.1.20/24
192.168.1.100
N/A
2 NAT NAT
NAT
192.168.1.80
192.168.1.110
192.168.1.53
3
NAT
192.168.1.1192.168.1.200
IP (
)
61.1.1.80 / 24
61.1.1.100
210.1.1.80 / 24
210.1.1.100
61.1.1.110 / 24
61.1.1.100
61.1.1.123:53
192.168.1.89
61.1.1.100
61.1.1.123:3389
61.1.1.200 / 24
61.1.1.100
210.1.1.200 / 24
210.1.1.100
2.6
192.168.1.110
192.168.1.80
Internet
2.7 DNS
2 NAT NAT
NAT
10
DNS
192.168.1.80
www.test.com
192.168.1.110
mail.test.com
3
LinkProof
3.1 console LP
WINDOWS
:19200
:8
:
:1
:None
11
>> BootRom
LinkProof
3.2
radware
LinkProof >login
User: radware
Password: radware
23-11-2008 17:06:11 INFO User radware logged in via terminal
12
LinkProof #
3.3
3.3.1
IP
ODS
//
: 0602.041
CPU
: AMD OPTERON
Version
: VxWorks5.5.1
DRAM size
: 2048M
13
//
>
>
>q0 //
Erasing configuration ...
fl:/ - Volume is OK
config file is not foundErasing Network Section ...
done
1 //
>q
cm:/ - Volume is OK
Erasing Network Section ...
fl:/ - Volume is OK
done
>@
//
3.3.2 IP
Startup Configuration
0 IP Address
1 IP subnet mask
192.168.1.1
255.255.255.0
14
2 Port number
3 Default router IP address
IP
192.168.1.254 //
//
radware
//
radware
//
//http
//
telnet
SNMP Configuration
//
30 IP:
192.168.1.1mask 255.255.255.0, Port Number: 1 ODS MNG-1 Username:
radware, Password: radware IP
3.4
<>>
15
LinkProof>
login
#
LinkProof >login
User: radware
Password: radware
23-11-2007 17:06:11 INFO User radware logged in via terminal
LinkProof #
23-11-2007 17:06:11 INFO User radware logged in via terminal
LinkProof #
Radware
l c t lp client table
>>() BootRom
LinkProof
3.5 WEB
16
3.6
WEB
Device->Device Information
Base MAC Address MAC
17
#
LinkProof # system license get
18
Device Information
Type:
LinkProof Application Switch with BWM, IPS
//
Platform:
OnDemand Switch 2
//
Ports:
18
Ports Config: 12 Copper Giga Ethernet + 4 Fiber Giga Ethernet + 2 Giga Ethernet
HW Version: C.4
SW version: 6.00.00DL
Build:
Mar 5 2009, 13:00:02 (Build: 8)
//
Throughput: Limited to 4Gbps
//
ODS
APSolute OS: 10.31-03.05:2.06.09
Network Driver: 11.53.01
Active Boot: 6.23
Secondary Boot: 6.23
Power Supply: Single Power Supply OK
//
RAM size:
2048 MB
//
CM Flash size: 991 MB
Flash size: 97 MB
Hard Disk(s): 1
Registered: No
Serial Number: 20831258
Date:
12.06.2009
Time:
12:21:23
Up time:
0 days, 0 hours, 12 minutes, 53 seconds
//
Base MAC:
00:03:b2:4b:d6:00
//
MAC
Version State: Final
3.7 License
LinkProof # system license get
//
19
system license get License codeMAC addressLicense ID
license
license
radware license
3.8
LinkProof # net ip
Interface Table
2.2.2.1
?55.255.255.0
?
?
3.3.3.1
?55.255.255.0
?
?
LinkProof# net ip
Interface Table
IP Address
2.2.2.1
3.3.3.1
Network Mask
255.255.255.0
255.255.255.0
If Number
2
3
VlanTag
0
0
3.9
LinkProof
20
Device->Global Parameters
Web
LinkProof# manage terminal prompt set LP-Master // CLI
LinkProof# system mib2-name set LP-Master
//
LP-Master#
21
Web
LinkProof# manage terminal prompt set LP-Backup // CLI
LinkProof# system mib2-name set LP-Backup //
LP-Backup#
3.10
Service
22
CLI
telnet/ssh/http/https1enable set 2
3.11
/ PPS
PPS
LinkProof# system tune ip-fft-table set 256000
4096 ODS
LinkProof# system tune dynamic-proximity-table set 80000
23
LP
3.12
vlan IP Vlan IP
Radware IP
LP VLAN()
3.12.1
LP200/202 LP1000
FastEthernet (100M)
.
25
3.12.2
26
G1-G6
LP4016 (ODS2)
G1-G12
LP8016 (ODS3)
27
3.12.3 IP
28
IP
Network mansk:
If Number: Vlan interface Number
One Ip: IP LP NAT
Set
IP Address:
IP IP IP
IP Address: 61.1.1.10
Network mansk: 255.255.255.0
If Number:
G-1
Set
IP Address: 210.1.1.10
Network mansk: 255.255.255.0
If Number: G-2
IP Address: 192.168.1.10
Network mansk: 255.255.255.0
If Number: G-8
(
)
IP Address: 61.1.1.20
Network mansk: 255.255.255.0
If Number: G-1
IP Address: 210.1.1.20
Network mansk: 255.255.255.0
If Number: G-2
IP Address: 192.168.1.20
Network mansk: 255.255.255.0
If Number: G-8
30
31
NHR Metric 1
LP
Farm Router Server
32
Set
LP-Master# net route table create 0.0.0.0 0.0.0.0 61.1.1.1 -i 1
LP-Master# net route table create 0.0.0.0 0.0.0.0 210.1.1.1 -i 2 -m 20
-i
up
1 IP 192.168.1.1 255.255.255.0
192.168.1.254 1 up
help
LP
Metric
Radware LinkProof
33
Enable
VLAN Tag Handling: Overwrite
802.1q Environment:
34
LP-Master# net ip-interface set 10.61.1.10 255.255.255.0 1 -v 100
LinkProof
VRRP ARP
4.1 VRRP
4.1.1 VRRP
35
36
VRRP VRRP
Interface Grouping: enable
disable
IP Redundancy Admin Status:
VR.
If IndexVR
VR IDVRIDVlanID
Admin StatusVRdownAssociated IPup.
37
VR255200
Primary IP IP IP
Priority
38
VR Up Associated IP
If Index: 1
VR ID: 10
Admin Status: down
Priority: 200
If Index: 2
VR ID: 20
Admin Status: down
Priority: 200
If Index: 8
VR ID: 100
39
LP
LP-Master# redundancy vrrp virtual-routers create 1 10 -as 2 -p 200
LP-Master# redundancy vrrp virtual-routers create 2 20 -as 2 -p 200
LP-Master# redundancy vrrp virtual-routers create 8 100 -as 2 -p 200
LP-Master# redundancy vrrp virtual-routers help
redundancy vrrp virtual-routers help
redundancy vrrp virtual-routers help:
<get>
set
<-switch>
Switches:
-as : Admin Status
-p
: Priority
-pip : Primary IP
-at : Auth Type
-ak : Auth Key
-ai : Advertise Interval
-pm : Preempt Mode
-pr : Protocol
40
4.2 VRRP
4.2.1 VRRP
VRRP VRRP
Interface Grouping: disable
Backup Interface Grouping: enable
41
LP-Backup# redundancy mode set VRRP
LP-Backup# redundancy interface-group set enable
LP-Backup# redundancy backup-interface-grouping set enable
VR.
If IndexVR
VR IDVRIDVlanID
Admin StatusVRdownAssociated IPup.
PriorityVR255200
Primary IP IP IP
42
43
VR Up Associated IP
LP
LP-Backup# redundancy vrrp virtual-routers create 1 10 -as 2 -p 100
LP-Backup# redundancy vrrp virtual-routers create 2 20 -as 2 -p 100
LP-Backup# redundancy vrrp virtual-routers create 8 100 -as 2 -p 100
If Index: 1
VR ID: 10
Admin Status: down
Priority: 100
If Index: 2
VR ID: 20
Admin Status: down
Priority: 100
If Index: 8
VR ID: 100
Admin Status: down
Priority: 100
Associated IP
44
VRRP Assoicated IP
VR
5
FLow
5.1
Radware
45
5.2 Farm
Farm
46
Farm Name: CT
Aging Time: 60
Dispatch Method: Cyclic
Connectivity Check Status: Ping Only
Packet Translation: Nat
Persistency Mode: Client Table
Farm Name: ALL
Aging Time: 60
Dispatch Method: Cyclic
Connectivity Check Status: Ping Only
Packet Translation: Nat
Persistency Mode: Client Table
set
Aging time , , ,
Dispatch Method
Cyclic (Round Robin)
Weighted Cyclic ()
47
Least Number of Users
Response Time Load Balancing
NT SNMP Parameters Windows SNMP
Windows Windows SNMP
User-Configurable SNMP Parameters NT Windows
SNMP SNMP OID
Hashing, , VIP
, ,
Least Traffic
<Farm Name>
<-switch>
Switches:
-t
: Type
LP
48
Radware LinkProof client table
Client table mode
Entry Per Session4 IP, IP .
IP ,
Client table
Server Per Session4 IP IP LinkProof
, Client table
Source IP address
Destination IP address
IP IP
,LinkProof
3
IP
.
Source IP address
Destination IP address
Destination port
In Half Layer 4 mode, all the sessions destined to the same address and port are represented by
a single entry in the Client Table, regardless of the source port/s. For example, in a simple Web
page retrieval, a client may open several TCP sessions with the server, using each session to
transfer different parts of the page, such as text, GIF files, and so on. All of these sessions,
identified by
Destination port 80 and different Source ports, constitute a single entry in the Client Table.
LinkProof performs the search using source and destination IP addresses, protocol, and
destination
port only. The source port displayed in the Client Table will be the first source port that initiated
the
session.
Half Layer 4 mode is the minimum mode required whenever sessions to different destination ports
must be tracked separatelyfor example:
When different flows are configured for different applications
When farms of proxy servers are defined on the device (using the VIP option of Packet
Translation parameter)
49
Source IP address
Destination IP address
Source port
Destination port
IP IP LinkProof
,
Client table
4
:
FarmNAT
.
SYN Flood .
Port Hashing.
Full Layer 4 mode
Port Hashing
The Port Hashing option, when enabled, determines which source and destination ports are to
be taken into consideration. When the Hashing Dispatch Method is selected and the Port
Hashing option is enabled, LinkProof selects a server for a session using a hash function. This
is a static method where the NHR is chosen for a session purely by the session information. The
input for the hash function is source and destination IP addresses.
Note: You can enable the Port Hashing option only when Client Table Mode is Full Layer 4
(LinkProof > Global Configuration > Client Table > General > Client Table
Mode).
Port Hashing accelerates device performance and reduces memory consumption.
Port Hashing is available only with the Full Layer 4 Client Mode (see Client Table Modes, page
150).
Port Hashing is enabled by default. Therefore, by default, all entries in L4 Full are presented by
the L4 entries in the Client Table and are hashed accordingly.
LinkProof manages Client Table entries according to Source IP, Destination IP, Source Port,
and Destination Port.
LinkProof distinguishes between two options: Client Table mode and hash function. LinkProof
does the hash function on the Client Table entry to shorten the search time.
5.3
Farm FarmIP
50
creat
51
Farm Name: CT
Router Name: Telecom
//
IP Address: 61.1.1.1
Farm Name: ALL
Router Name: Telecom
IP Address: 61.1.1.1
Farm Name: ALL
Router Name: CNC
IP Address: 210.1.1.1
52
set
Console
LP-Master>15-05-2009 12:19:24 INFO Cold Start
15-05-2009 12:23:00 INFO User radware logged in via web
15-05-2009 12:23:10 INFO Server CT Telecom up
15-05-2009 12:23:52 INFO User radware logged in via web
15-05-2009 12:24:02 INFO Server ALL TEL up
15-05-2009 12:24:44 INFO User radware logged in via web
15-05-2009 12:24:54 INFO Server ALL CNC up
<-switch>
Switches:
-ip : IP Address
-w
: Weight
-om : OperMode
-cl : Connection Limit
-as : AdminStatus
-b
-i
-o
: Kbps Limit
: Inbound Kbps Limit
: Outbound Kbps Limit
53
Farm Flow
Network IP/ Policy AD L4 Policy
VIP
Flow Policy
Flow Farm
54
5.4.2 Network
IP IP
IP +
any network
Network
Name: mail_server
Sub Index: 0
//
From IP: 192.168.1.110
55
To IP Address: 192.168.1.110
Mode: IP Range
<-switch>
Switches:
-a
: Address
-s
: Mask
-f
: From IP
-t
: To IP
-m
: Mode
5.4.3 Policy
LinkProof > Flow Management > Modify Policies > Create
56
Default Policy
mail server Flow Policy
Name: Mail_Policy
Index: 1
Destination: any
Source: mail_server
Direction: Two way
Farm Flow: Mail_Flow
57
LP-Master# lp flow-management modify-policy-table create Mail_Policy -dst mail_\
server -fc Mail_Flow
LP-Master# lp flow-management modify-policy-table help
lp flow-management modify-policy-table help:
<get>
set
<Name>
<Name> <-switch value>
destroy/del <Name>
create/add <Name> <-switch value>
help
<-switch>
Switches:
-i
: Index
-dst : Destination
-src : Source
-dr : Direction
-d
: Description
: Service
58
6
Smart NAT
NAT 2 NAT
Smart NAT
NAT
LinkProof > Smart NAT > Static NAT Table > Create
59
60
Regular
//
61
61.1.1.110 61.1.1.110
LP-Master# lp smartnat static-nat help
lp smartnat static-nat help:
<get>
<From Local Server IP> <To Local Server IP> <Server IP>
set
<-switch value>
<From Local Server IP> <To Local Server IP> <Server IP>
destroy/del <From Local Server IP> <To Local Server IP> <Server IP>
create/add <From Local Server IP> <To Local Server IP> <Server IP> <From Static NAT IP>
<To Static NAT IP> <-switch value>
help
<-switch>
Switches:
-fn : From Static NAT IP
-tn : To Static NAT IP
-m
: Redundancy Mode
LinkProof > Smart NAT > Dynamic NAT Table > Create
62
NAT NAT
LP NAT Static NAT,Dynamic NAT,
No NAT Dynamic NAT Static NAT Static NAT
63
<From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP>
<From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP> <-switch value>
destroy/del <From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP>
create/add <From Local IP> <To Local IP> <Server IP> <Dynamic NAT IP> <-switch value>
help
<-switch>
Switches:
-m
: Redundancy Mode
IP
Static PAT
LinkProof > Smart NAT > Static PAT Table > Create
64
65
<-switch>
Switches:
-eip : External IP
-ep : External Port
-pm : Static PAT Mode
-pn : Static PAT Name
Protocol:
(1) tcp
(2) udp
(3) icmp
66
7
DNS
InBound LPDNS
ISP
7.1 TTL
67
LP-Master# lp dns response-ttl set 300
LP-Master#lp dns response-ttl help
lp dns response-ttl help:
<get>
set
help
response-ttl: type=integer, lower bound=none, upper bound=none
7.2 Host
DNS A LP DNS
DNS A
Host Table
68
69
<Host Name>
<Host Name> <-switch value>
<-switch>
Switches:
-lia : Local IP Address
LP DNS A DNS
LP DNS Bind LP DNS
A TTL 10 A
A 1
BIND
70
www.test.com.
61.1.1.80
www.test.com.
NS
lp.test.com.
lp.test.com.
61.1.1.100
lp.test.com.
210.1.1.100
LP DNS A DNS
LP DNS Windows Server DNS LP
DNS A TTL 10 A
A 1 Windows DNS
Linux/Unix DNS
(Area) test.com
(delegation)
71
72
73
LP Virutal DNS IP
LP
IP 61.1.1.100 210.1.1.100
74
NS DNS 61.1.1.100
( 2 ) 210.1.1.100
75
8
(Proixmity)
(Proiximity)InternetLP
LPIP
8.1
1,28802
76
//
8.2
CPU30%
CPU
LinkProof > Proximity > Proximity Parameter > Proximity Check
77
LP-Master# lp proximity checks advanced-check set none
LP-Master# lp proximity checks advanced-check help
lp proximity checks advanced-check help:
<get>
set
help
Allowed values for advanced-check:
(1) both
78
(2) outbound
(3) inbound
(4) none
8.3
IP
Full Proximity
LP Static Proximity LP
LinkProof > Proximity > Static Proximity
79
<From Address>
<From Address> <-switch value>
<-switch>
Switches:
-to : To Address
-nhr1 : NHR 1
-nhr2 : NHR 2
-nhr3 : NHR 3
Flow Policy
IP Flow Policy
4.35 Grouping
5.0 Flow Policy Flow Policy Farm Router
Server Farm Server Router Server
80
IP IP
Flow Policy
LP
Flow Policy Farm Router ServerLP
Flow Policy Flow Policy Farm Server
LP
Flow Policy
9
Radware
9.1
QQMSN
IP
IP IP
DNS
LinkProof >Global Configuration > Aging By Application Port
81
82
<Application Port>
<Application Port> <-switch value>
<-switch>
Switches:
-at : Aging Time
9.2 Cluster
83
: 61.1.1.1
: 0.0.0.0
MAC Address
MAC Status
: 00145e0a2170
: found
84
<get>
10
IP VR 4-7
VR down
ApSolute Insite
10.1
IP VRRP IP
LP Virtual DNS DNS
IP DNS
LinkProof > DNS Configuration > DNS Virtual IP > Create
85
86
set
10.2 Associated IP
VDNSSmart NAT
Associated IP
Associated IP Virtual DNS,
Static NAT, Dynamic NATIP
87
88
If Index: 1
VR ID: 10
Associated IP: 61.1.1.80
If Index: 1
VR ID: 10
Associated IP: 61.1.1.110
If Index: 1
VR ID: 10
Associated IP: 61.1.1.100
If Index: 1
VR ID: 10
Associated IP: 61.1.1.200
If Index: 2
VR ID: 20
Associated IP: 201.1.1.80
If Index: 2
VR ID: 20
Associated IP: 201.1.1.100
If Index: 2
VR ID: 20
Associated IP: 201.1.1.200
89
If Index: 8
VR ID: 100
Associated IP: 192.168.1.100
10.3 VR
90
VRmaster
91
LP-Master# redundancy vrrp virtual-routers set 1 10 -as 1
LP-Master# redundancy vrrp virtual-routers set 2 20 -as 1
LP-Master# redundancy vrrp virtual-routers set 8 100 -as 1
tar
Install.bat
92
10.5.1 LP
+ LinkProof
93
LP
94
95
10.6
Setup
Redundancies
96
97
VRRP
VR
VR down
Relation Type
98
UDP 151
99
10.6.1
OK
A Active BBackup
100
10.6.2 VR
VRRP
LinkProof
Redundancy VRRP
Virtual Routers VR up
VRinitializeupVRbackup
Farm/Server/Flow Policy/NAT
101
11
11.1
1.06.09
File> Configuration File> Receive From Device,
"set"
102
11.2
103
"set"
,.
11.3 SNMP
SNMP
Security>Community Table,
test, Super.
104
"set"
11.4
Create,.
105
, , Password
Read-Write
11.5
NTP
Device->Global Parameters
106
//
11.6 NTP
NTP
107
NTP IP
NTP Timezone+08:00
NTP Status enable
NTP Server:
11.7 Syslog
syslog
Services ->Syslog Reporting
108
Syslog Stationsyslog
Syslog udp 514
11.8
LPNATInternet
109
LP3
FTP
syslog
LP/hdd0:/Reporting_Log
CSV ASCII
<yyyyMMdd>_<hhmm>_<ss>.txt ,20081207_1713_54.txt.
<yyyyMMdd>_<hhmm>_<ss>_tmp.txt
20081207_1713_54_tmp.txt.
Start Timemarks the entry of the start of the client session in dd/MM/yyyy hh:mm
format.
End Timemarks the entry of the last activity of the entry in dd/MM/yyyy hh:mm
format.
Source IP addressthe source where the connection is coming from.
Destination IP addressthe destination where the connection is going to.
Router/Firewallwhich gateway IP was used by the LinkProof device to access the
Internet or WAN.
Protocolthe protocol used in the packet (according to RFC 5237), for example,
FRAG, ICMP,IGMP, UDP, TCP OSPF, and so on.
Source Portthe port that was requested internally.
Destination Portthe port that was requested on the destination address.
NAT Addressthe NAT address given by the LinkProof device.
NAT Typethe NAT type given by the LinkProof device.
Bytesthe number of bytes that have passed since the entry was opened in the
Client Table.
LP
Services -> Hard Disk
110
111
//
//
112
Enable
11.9
113
AD-Master# redundancy vrrp global-admin-status help
<get>
set
help
114
11.10 CPU
WebCPU
LP
Device->Device Monitoring
Resouce Utilization
CPU RS + RE
CPU
RE CPU
RE RSCPU 60 80%
RS
11.11
Web
LP
115
Device->Device Monitoring
116
11.12
WebFarm
LP
Device->Device Monitoring
Out
In
11.13 Support
117
TFTP
LP-Backup#manage support tftp
COMMAND
manage support tftp put [File Name] [Server IP] <-v>
DESCRIPTION
Send the output of a 'manage suppot display' invocation over TFTP.
11.14
118
<Index>
<Index> <-switch value>
destroy/del <Index>
create/add <Index> <-switch value>
help
<-switch>
Switches:
-saf : Source IP From
-sat : Source IP To
-daf : Requested IP From
-dat : Requested IP To
-spf : Source Port From
-spt : Source Port To
-dpf : Requested Port From
119
: Status
-ac : Action
-vt : VlanTag
-fn : Farm Name
Index
(1) 1
(2) 2
(3) 3
(4) 4
(5) 5
Displays the Filtered Client Table View Filters
Filter
AppDirctor ->Clients -> Filtered Client Table
120
11.15
AD1.07
Device -> Port Mirroring
G1 G8
121
11.16
LP2.10 L
11.16.1
122
Status Enabled
11.16.2
Classes IP
Classes -> Modify -> Networks
123
+
NameSub Index Network Name
Network update
Set Policy
11.16.3 Policy
L4 Policy
125
126
download
127
Wireshark
Policy
128
11.17
LP202 AS1
11.17.1 Console
CF
129
11.17.2 Telnet
Num
Name
Version
Media
lp-5.22.00DL-08Mar
5.22
OnBoardFlash
5.22
CompactFlash
4.35
CompactFlash
Active
2009_26
1
lp-5.22.00DL-08Mar
2009_26
2
lp-4.35.071DL-22Ap
r2008_23
11.17.3 Web
Active True
11.18
MAC MAC
Radware
130
Num
Name
Version
Media
lp-5.22.00DL-08Mar
5.22
OnBoardFlash
5.22
CompactFlash
4.35
CompactFlash
Active
2009_26
1
lp-5.22.00DL-08Mar
2009_26
2
lp-4.35.071DL-22Ap
r2008_23
COMMAND
system file-system files copy-to-flash [versionIndex]
DESCRIPTION
Copy selected version to internal flash
131
CF 2
11.19
132
ad appdirector lp linkProof
as2 1_07_11 1.07.11 1_07_11DL
Bug
11.20
Console/Telenet/SSH
11.20.1
LP-Master#net ip
IP Interface Parameters
IP Address
Network Mask
If Number
VlanTag
61.1.1.10
255.255.255.0
192.168.1.10
255.255.255.0
210.1.1.10
255.255.255.0
11.20.2
Routing Table
Destination
Network Mask
Next Hop
Address
Interface
Type
Index
0.0.0.0
0.0.0.0
61.1.1.1
remote
61.1.1.0
255.255.255.0
0.0.0.0
local
192.168.1.0
255.255.255.0
0.0.0.0
local
210.1.1.0
255.255.255.0
0.0.0.0
local
133
11.20.3 CPU
LinkProof#sys os cpu
RS Resource Utilization : 0
RE Resource Utilization : 0
Last 5 sec. Average Utilization : 0
Last 60 sec. Average Utilization : 0
Master Utilization
: 0
90,
11.20.4
ODS-Master#sys last-sec-inf-stats
InBound
InBound
OutBound
OutBound
Megabytes
Packets
Megabytes
Packets
G-1
G-2
G-3
G-4
G-5
G-6
G-7
G-8
G-9
134
G-10
G-11
G-12
XG-1
XG-2
XG-3
XG-4
MNG-1
MNG-2
11.20.5
ODS-Master#sys last-sec-total-input
11.20.6 ( ODS)
CPU 70 73
11.20.7
Router
LP-Master#lp servers extended-table
135
RS NextHopRouter Table
IPaddress
Name
Mac addr
AdminSt
OperSt
MacSt
210.
1.
1.
1 ALL
/CNC
00124414d3fc
Enable
Active
Found
61.
1.
1.
1 ALL
/TEL
000911dcb6cc
Enable
Active
Found
61.
1.
1.
1 CT
/Telecom
000911dcb6cc
Enable
Active
Found
IPaddress
Type
UsrsNo
ConLimit port
210.
1.
1.
1 NxtHopR 46894
168248
2 Regular
28261
61.
1.
1.
1 NxtHopR 23232
98989
1 Regular
12323
61.
1.
1.
1 NxtHopR
1 Regular
IPaddress
Out Limit
In Rate
Out Rate
210.
1.
1.
113210
54184
61.
1.
1.
32132
11233
61.
1.
1.
IPaddress
Total Load
In Load
Out Load
(Kbits)
(Kbits)
(Kbits)
210.
1.
1.
29751163
2211741
27539421
0%
0%
61.
1.
1.
24334324
234234
27834874
0%
0%
61.
1.
1.
0%
0%
11.20.8 LinkProof
Source Addr
Dest Addr
SPort
DPort
Protocol
Flow
136
58. 67.136.125
Farm Name
NHR
6000
2967
Server Name
CT2
Source Addr
Dest Addr
Farm Name
NHR
Type
Ext Id
Reg
260339
DPort
1911
5670
CT2
anyflow
Idx Action/PortNum
SPort
Server Name
TCP
Protocol
TCP
Flow
anyflow
Idx Action/PortNum
Type
Ext Id
DN
203763
Dest Addr
SrcP
DstP
Farms sequence
0
Rtr
8000
Rtr
Rtr
443
Rtr
1098
Rtr
18985
Rtr
Rtr
Rtr
Rtr
, . , . Farm
, , .
lp client table
client table CLI command, which allow you to filter
existing client entries and display only relevant entries:
137
on)
11.20.9 LinkProof
Master
LP-Master#red v v
VRRP Table
If Index
VR ID
VR MAC
State
Admin Status
10
00005e00010a
master
up
20
00005e000114
master
up
100
00005e000164
master
up
Backup
LP-Backup#red v v
VRRP Table
If Index
VR ID
VR MAC
State
Admin Status
10
00005e00010a
backup
up
20
00005e000114
backup
up
100
00005e000164
backup
up
138
11.20.10 LinkProof
!
!Device Configuration
!Date: 18-05-2009 10:17:14
!DeviceDescription: LinkProof Application Switch - with SynApps
!Base MAC Address: 00:03:b2:26:c3:c0
!Software Version: 5.22.00DL (build Mar
1 2009, 16:23:30)
!
net ip-interface create 192.168.1.10 255.255.255.0 8
net ip-interface create 61.1.1.10 255.255.255.0 1
net ip-interface create 210.1.1.10 255.255.255.0 2
net route table create 0.0.0.0 0.0.0.0 61.1.1.1 -i 1
net route table create 0.0.0.0 0.0.0.0 210.1.1.1 -i 2 -m 20
lp farms all-farms create CT -t Router
lp farms all-farms create ALL -t Router
lp servers all-servers create CT Telecom -ip 61.1.1.1
lp servers all-servers create ALL TEL -ip 61.1.1.1
lp servers all-servers create ALL CNC -ip 210.1.1.1
lp flow-management farms-flow-table create Mail_Flow CT -id 1
lp flow-management modify-policy-table create Default -i 0
lp flow-management modify-policy-table create Mail_Policy -dst \
mail_server -fc Mail_Flow
redundancy mode set VRRP
system mib2-name set LP-Master
139
12
Radware license
12.1 License
license license
license licenselicense
Radware
12.2 License
License
Capabilities
AD1000 (global)
(bwm-ips) dos (dos) cookie (cookie)
AD license
appdirector-cookie-Dt27cYK3
3 Code
license AD license
ODS License
Throughput license ODS504 500M ODS1/2
4G license
CLI :
LinkProof# system throughput-license
License key : 4Gbps-OlVtQK6N
MAC address : 0003b24bd600
License ID : 207-443-8d3
CLI
passwords
Passwords MAC
passwords AD1.06 AD1.07
1.06.09 1.06.10
License global license
ips-bwm license
Licenses
142