Академический Документы
Профессиональный Документы
Культура Документы
2012 Riverbed Technology. All rights reserved. Riverbed, Cloud Steelhead, Granite, Interceptor, RiOS, Steelhead, Think Fast, Virtual Steelhead, Whitewater, Mazu, Cascade, Cascade Pilot, Shark, AirPcap, SkipWare, TurboCap, WinPcap, Wireshark, and Stingray are trademarks or registered trademarks of Riverbed Technology, Inc. in the United States and other countries. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed Technology. All other trademarks used herein belong to their respective owners. The trademarks and logos displayed herein cannot be used without the prior written consent of Riverbed Technology or their respective owners. Akamai and the Akamai wave logo are registered trademarks of Akamai Technologies, Inc. SureRoute is a service mark of Akamai. Apple and Mac are registered trademarks of Apple, Incorporated in the United States and in other countries. Cisco is a registered trademark of Cisco Systems, Inc. and its affiliates in the United States and in other countries. EMC, Symmetrix, and SRDF are registered trademarks of EMC Corporation and its affiliates in the United States and in other countries. IBM, iSeries, and AS/400 are registered trademarks of IBM Corporation and its affiliates in the United States and in other countries. Linux is a trademark of Linus Torvalds in the United States and in other countries. Microsoft, Windows, Vista, Outlook, and Internet Explorer are trademarks or registered trademarks of Microsoft Corporation in the United States and in other countries. Oracle and JInitiator are trademarks or registered trademarks of Oracle Corporation in the United States and in other countries. UNIX is a registered trademark in the United States and in other countries, exclusively licensed through X/Open Company, Ltd. VMware, ESX, ESXi are trademarks or registered trademarks of VMware, Incorporated in the United States and in other countries. This product includes software developed by the University of California, Berkeley (and its contributors), EMC, and Comtech AHA Corporation. This product is derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm. NetApp Manageability Software Development Kit (NM SDK), including any third-party software available for review with such SDK which can be found at http://communities.netapp.com/docs/DOC-3777, and are included in a NOTICES file included within the downloaded files. For a list of open source software (including libraries) used in the development of this software along with associated copyright and license agreements, see the Riverbed Support site at https//support.riverbed.com. You must log in to Riverbed Support to view this information. This documentation is furnished AS IS and is subject to change without notice and should not be construed as a commitment by Riverbed Technology. This documentation may not be copied, modified or distributed without the express authorization of Riverbed Technology and may be used only in connection with Riverbed products and services. Use, duplication, reproduction, release, modification, disclosure or transfer of this documentation is restricted in accordance with the Federal Acquisition Regulations as applied to civilian agencies and the Defense Federal Acquisition Regulation Supplement as applied to military agencies. This documentation qualifies as commercial computer software documentation and any use by the government shall be governed solely by these terms. All other use is prohibited. Riverbed Technology assumes no responsibility or liability for any errors or inaccuracies that may appear in this documentation.
Riverbed Technology
199 Fremont Street San Francisco, CA 94105 Phone: 415.247.8800 Fax: 415.247.8801 Web: http://www.riverbed.com
Contents
Contents
Preface......................................................................................................................................................... 1 About This Guide ..........................................................................................................................................1 Audience ..................................................................................................................................................1 Document Conventions .........................................................................................................................1 Product Dependencies and Compatibility .................................................................................................2 Hardware and Software Dependencies...............................................................................................2 CMC Compatibility ................................................................................................................................3 Riverbed Services Platform 32-Bit and 64-Bit Support .....................................................................3 Ethernet Network Compatibility .........................................................................................................4 SNMP-Based Management Compatibility..........................................................................................4 Antivirus Compatibility ........................................................................................................................4 Additional Resources ....................................................................................................................................5 Release Notes ..........................................................................................................................................5 Riverbed Documentation and Support Knowledge Base.................................................................5 Contacting Riverbed......................................................................................................................................5 Internet .....................................................................................................................................................6 Technical Support ...................................................................................................................................6 Professional Services ..............................................................................................................................6 Documentation........................................................................................................................................6 Chapter 1 - Overview of the Management Console................................................................................. 7 Using the Management Console..................................................................................................................7 Connecting to the Management Console ............................................................................................8 The Home Page.......................................................................................................................................9 Navigating in the Management Console ..........................................................................................10 Getting Help ..........................................................................................................................................12 Next Steps .....................................................................................................................................................13 Chapter 2 - Configuring In-Path Rules ...................................................................................................15 In-Path Rules Overview..............................................................................................................................15 Creating In-Path Rules for Packet-Mode Optimization..................................................................16 Default In-Path Rules ..................................................................................................................................17 Configuring In-Path Rules..........................................................................................................................17 Chapter 3 - Configuring Optimization Features.....................................................................................31 Configuring General Service Settings.......................................................................................................32 Enabling Basic Deployment Options.................................................................................................32
iii
Contents
Enabling Failover..................................................................................................................................32 Configuring Connection Limits..........................................................................................................33 Enabling Peering and Configuring Peering Rules ..................................................................................39 About Regular and Enhanced Automatic Discovery......................................................................39 Configuring Peering.............................................................................................................................41 Configuring the RiOS Data Store ..............................................................................................................47 Encrypting the RiOS Data Store .........................................................................................................47 Synchronizing Peer RiOS Data Stores ...............................................................................................49 Clearing the RiOS Data Store..............................................................................................................51 Improving Steelhead Mobile Client Performance ...........................................................................51 Receiving a Notification When the RiOS Data Store Wraps ..........................................................53 Improving Performance..............................................................................................................................54 Selecting a RiOS Data Store Segment Replacement Policy.............................................................55 Optimizing the RiOS Data Store for High-Throughput Environments........................................55 Configuring CPU Settings ...................................................................................................................58 Configuring CIFS Prepopulation...............................................................................................................58 Viewing CIFS Prepopulation Share Logs ..........................................................................................61 Configuring TCP, Satellite Optimization, and High-Speed TCP .........................................................62 Optimizing TCP and Satellite WANs ................................................................................................62 High-Speed TCP Optimization...........................................................................................................69 Configuring Service Ports...........................................................................................................................69 Configuring Port Labels..............................................................................................................................71 Modifying Ports in a Port Label .........................................................................................................72 Configuring CIFS Optimization ................................................................................................................73 Optimizing CIFS SMB1........................................................................................................................74 Optimizing SMB2 .................................................................................................................................78 Configuring SMB Signing ...................................................................................................................79 Configuring HTTP Optimization ..............................................................................................................89 About HTTP Optimization .................................................................................................................89 Configuring HTTP Optimization Feature Settings..........................................................................91 Configuring Oracle Forms Optimization .................................................................................................99 Determining the Deployment Mode..................................................................................................99 Enabling Oracle Forms Optimization..............................................................................................100 Configuring MAPI Optimization ............................................................................................................103 Optimizing MAPI Exchange in Out-of-Path Deployments..........................................................108 Deploying Steelhead Appliances with Exchange Servers Behind Load Balancers ..................108 Configuring MS-SQL Optimization ........................................................................................................109 Configuring NFS Optimization ............................................................................................................... 111 Configuring Lotus Notes Optimization .................................................................................................116 Encryption Optimization Servers Table ..........................................................................................119 Unoptimized IP Address Table.........................................................................................................119 Configuring Citrix Optimization.............................................................................................................120 Citrix Version Support .......................................................................................................................120 Basic Steps............................................................................................................................................121
iv
Contents
Configuring FCIP Optimization ..............................................................................................................125 Viewing FCIP Connections ...............................................................................................................127 FCIP Rules (VMAX-to-VMAX Traffic Only)...................................................................................127 Configuring SRDF Optimization.............................................................................................................129 Viewing SRDF Connections ..............................................................................................................131 SRDF Rules (VMAX-to-VMAX Traffic Only) .................................................................................131 Windows Domain Authentication ..........................................................................................................133 Delegation............................................................................................................................................134 Auto-Delegation Mode ......................................................................................................................140 Configuring Replication Users (Kerberos)......................................................................................147 Granting Replication User Privileges on the DC ...........................................................................150 Verifying the Domain Functional Level ..........................................................................................150 Configuring PRP on the DC..............................................................................................................150 Chapter 4 - Modifying Host and Network Interface Settings ..............................................................153 Modifying General Host Settings ............................................................................................................153 Modifying Base Interfaces ........................................................................................................................157 Modifying In-Path Interfaces ...................................................................................................................163 Configuring a Management In-Path Interface ...............................................................................168 Chapter 5 - Configuring Branch Services ............................................................................................173 Configuring PFS.........................................................................................................................................173 When to Use PFS.................................................................................................................................174 PFS Prerequisites and Tips ................................................................................................................175 Upgrading Version 2 PFS Shares ......................................................................................................175 Domain and Local Workgroup Settings ..........................................................................................175 PFS Share Operating Modes .............................................................................................................176 Lock Files .............................................................................................................................................177 Adding PFS Shares ....................................................................................................................................179 Enabling and Synchronizing Shares ................................................................................................182 Upgrading Shares from Version 2 to Version 3 ..............................................................................183 Modifying Share Settings ..................................................................................................................184 Performing Manual Actions on Shares ...........................................................................................186 Enabling DNS Caching .............................................................................................................................187 Installing and Configuring RSP...............................................................................................................192 RSP Support for Virtual-In Path Deployments ..............................................................................193 Installing the RSP Image...........................................................................................................................195 Prerequisites and Tips ........................................................................................................................195 Adding RSP Packages ...............................................................................................................................196 Installing a Package in a Slot.............................................................................................................198 Viewing Slot Status ....................................................................................................................................200 Enabling, Disabling, and Restarting Slots ..............................................................................................201 Specifying VM Settings......................................................................................................................202 Specifying Watchdog Settings...........................................................................................................203
Contents
Configuring the Heartbeat Watchdog .............................................................................................204 Managing Virtual Disks.....................................................................................................................205 Managing Virtual Network Interfaces.............................................................................................210 Performing RSP Operations ..............................................................................................................211 Configuring RSP Backups ........................................................................................................................213 RSP Backup Limitation ......................................................................................................................214 Configuring RSP HA .................................................................................................................................215 Configuring RSP Data Flow .....................................................................................................................217 Adding a VNI to the Data Flow .......................................................................................................218 Adding Rules to an Optimization VNI ...........................................................................................219 Bridging a Management VNI to an Interface .................................................................................223 Chapter 6 - Configuring Network Integration Features.......................................................................225 Configuring Asymmetric Routing Features ..........................................................................................225 Troubleshooting Asymmetric Routes ..............................................................................................227 Configuring Connection Forwarding Features .....................................................................................229 Configuring IPSec Encryption .................................................................................................................232 Configuring Subnet Side Rules................................................................................................................234 Configuring Flow Export..........................................................................................................................236 Flow Export in Virtual In-Path Deployments.................................................................................236 Troubleshooting ..................................................................................................................................237 Applying QoS Policies ..............................................................................................................................240 QoS Overview .....................................................................................................................................241 QoS xx50 Series Specifications..........................................................................................................243 QoS CX xx55 Series Limits ................................................................................................................244 Basic or Advanced Outbound QoS ..................................................................................................244 QoS Classes..........................................................................................................................................245 Configuring Outbound QoS (Basic) ........................................................................................................252 Overview .............................................................................................................................................252 Adding a Remote Site ........................................................................................................................255 Adding an Application ......................................................................................................................257 Adding a Service Policy.....................................................................................................................261 Configuring Outbound QoS (Advanced) ..............................................................................................265 Migrating from Basic Outbound QoS to Advanced Outbound QoS ..........................................265 Creating QoS Classes .........................................................................................................................268 Modifying QoS Classes or Rules ......................................................................................................277 Enabling MX-TCP Queue Policies (Advanced Outbound QoS only).........................................280 Configuring Inbound QoS........................................................................................................................281 How a Steelhead Appliance Identifies and Shapes Inbound Traffic...........................................283 Creating Inbound QoS Classes .........................................................................................................286 Joining a Windows Domain or Workgroup ...........................................................................................293 Domain and Local Workgroup Settings ..........................................................................................293 Configuring Simplified Routing Features..............................................................................................300
vi
Contents
Configuring WCCP ..................................................................................................................................301 Verifying a Multiple In-Path Interface Configuration...................................................................307 Modifying WCCP Group Settings....................................................................................................308 Configuring Hardware Assist Rules .......................................................................................................309 Chapter 7 - Configuring SSL and a Secure Inner Channel .................................................................313 Configuring SSL Server Certificates and Certificate Authorities .......................................................313 How Does SSL Work? ........................................................................................................................314 Prerequisite Tasks ...............................................................................................................................315 Configuring SSL Main Settings................................................................................................................319 Configuring SSL Server Certificates ................................................................................................321 Preventing the Export of SSL Server Certificates and Private Keys............................................324 Configuring SSL Certificate Authorities .........................................................................................325 Modifying SSL Server Certificate Settings ......................................................................................326 Configuring CRL Management ...............................................................................................................331 Managing CRL Distribution Points (CDPs)....................................................................................333 Configuring Secure Peers .........................................................................................................................334 Secure Inner Channel Overview ......................................................................................................335 Enabling Secure Peers ........................................................................................................................335 Configuring Peer Trust ......................................................................................................................338 Configuring Advanced and SSL Cipher Settings..................................................................................345 Setting Advanced SSL Options.........................................................................................................345 Configuring SSL Cipher Settings .....................................................................................................349 Performing Bulk Imports and Exports ............................................................................................352 Chapter 8 - Managing Steelhead Appliances .......................................................................................355 Starting and Stopping the Optimization Service ..................................................................................355 Configuring Scheduled Jobs ....................................................................................................................356 Upgrading Your Software.........................................................................................................................358 Rebooting and Shutting Down the Steelhead Appliance ....................................................................359 Managing Licenses and Model Upgrades..............................................................................................360 Flexible Licensing Overview.............................................................................................................361 Installing a License .............................................................................................................................364 Model Upgrade Overview ................................................................................................................366 Viewing Permissions .................................................................................................................................369 Managing Configuration Files .................................................................................................................370 Configuring General Security Settings ...................................................................................................373 Managing User Permissions ....................................................................................................................374 Capability-Based Accounts ...............................................................................................................374 Setting RADIUS Servers ...........................................................................................................................378 Configuring TACACS+ Access ................................................................................................................381 Unlocking the Secure Vault ......................................................................................................................382
vii
Contents
Configuring a Management ACL............................................................................................................384 ACL Management Rules ...................................................................................................................386 Configuring Web Settings ........................................................................................................................390 Managing Web SSL Certificates........................................................................................................391 Chapter 9 - Configuring System Administrator Settings....................................................................395 Configuring Alarm Settings .....................................................................................................................395 Setting Announcements............................................................................................................................404 Configuring Email Settings .....................................................................................................................405 Configuring Log Settings..........................................................................................................................408 Filtering Logs by Application or Process ........................................................................................411 Configuring Monitored Ports ..................................................................................................................413 Configuring SNMP Settings.....................................................................................................................415 Configuring SNMP v3 ......................................................................................................................418 SNMP Authentication and Access Control.....................................................................................420 Chapter 10 - Viewing Reports and Logs...............................................................................................425 Viewing Current Connections..................................................................................................................427 What This Report Tells You...............................................................................................................427 Viewing a Current Connections Summary .....................................................................................428 Viewing Individual Connections .....................................................................................................429 Viewing Connection History....................................................................................................................441 What This Report Tells You...............................................................................................................442 About Report Graphs.........................................................................................................................442 About Report Data .............................................................................................................................442 Viewing Connection Forwarding Reports .............................................................................................444 What This Report Tells You...............................................................................................................444 About Report Graphs.........................................................................................................................444 About Report Data .............................................................................................................................445 Viewing Outbound QoS (Dropped) Reports .........................................................................................446 What This Report Tells You...............................................................................................................446 About Report Graphs.........................................................................................................................446 About Report Data .............................................................................................................................447 Viewing Outbound QoS (Sent) Reports..................................................................................................448 What This Report Tells You...............................................................................................................449 About Report Graphs.........................................................................................................................449 About Report Data .............................................................................................................................449 Viewing Inbound QoS (Dropped) Reports ............................................................................................451 What This Report Tells You...............................................................................................................451 About Report Graphs.........................................................................................................................451 About Report Data .............................................................................................................................452 Viewing Inbound QoS (Sent) Reports.....................................................................................................453 What This Report Tells You...............................................................................................................454
viii
Contents
About Report Graphs.........................................................................................................................454 About Report Data .............................................................................................................................454 Viewing Top Talkers Reports ...................................................................................................................456 What This Report Tells You...............................................................................................................457 About Report Graphs.........................................................................................................................457 About Report Data .............................................................................................................................457 Viewing Traffic Summary Reports ..........................................................................................................459 What This Report Tells You...............................................................................................................460 About Report Data .............................................................................................................................460 Viewing Interface Counters......................................................................................................................462 What This Report Tells You...............................................................................................................463 Viewing TCP Statistics Reports ...............................................................................................................463 What This Report Tells You...............................................................................................................464 Viewing Optimized Throughput Reports ..............................................................................................464 What This Report Tells You...............................................................................................................465 About Report Graphs.........................................................................................................................465 About Report Data .............................................................................................................................465 Viewing Bandwidth Optimization Reports ...........................................................................................467 What This Report Tells You...............................................................................................................467 About Report Graphs.........................................................................................................................468 About Report Data .............................................................................................................................468 Viewing Data Reduction Reports ............................................................................................................470 What This Report Tells You...............................................................................................................470 About Report Graphs.........................................................................................................................470 About Report Data .............................................................................................................................470 Viewing Connected Appliances Reports................................................................................................472 What This Report Tells You...............................................................................................................472 Viewing Connection Pooling ...................................................................................................................473 What This Report Tells You...............................................................................................................473 About Report Graphs.........................................................................................................................473 About Report Data .............................................................................................................................474 Viewing CIFS Prepopulation Share Log Reports ..................................................................................475 Viewing HTTP Reports .............................................................................................................................477 What This Report Tells You...............................................................................................................477 About Report Graphs.........................................................................................................................478 About Report Data .............................................................................................................................478 Viewing NFS Reports ................................................................................................................................480 What This Report Tells You...............................................................................................................480 About Report Graphs.........................................................................................................................480 About Report Data .............................................................................................................................481 Viewing SRDF Reports..............................................................................................................................482 What This Report Tells You...............................................................................................................482 About Report Graphs.........................................................................................................................483 About Report Data .............................................................................................................................483 Viewing Details for a Symmetrix ID ................................................................................................485
ix
Contents
Viewing Details for an RDF Group ..................................................................................................487 Viewing SSL Reports .................................................................................................................................489 What This Report Tells You...............................................................................................................490 About Report Data .............................................................................................................................490 Viewing Data Store Status Reports .........................................................................................................492 What This Report Tells You...............................................................................................................492 Viewing Data Store SDR-Adaptive Reports ..........................................................................................493 What This Report Tells You...............................................................................................................493 Viewing Data Store Disk Load Reports ..................................................................................................495 What This Report Tells You...............................................................................................................495 Viewing Data Store Read Efficiency Reports.........................................................................................496 What This Report Tells You...............................................................................................................496 About Report Graphs.........................................................................................................................497 Viewing Data Store Hit Rate Reports......................................................................................................498 What This Report Tells You...............................................................................................................498 About Report Graphs.........................................................................................................................498 About Report Data .............................................................................................................................499 Viewing Data Store IO Reports................................................................................................................500 What This Report Tells You...............................................................................................................500 About Report Graphs.........................................................................................................................501 Viewing PFS Share Reports ......................................................................................................................502 What This Report Tells You...............................................................................................................502 Viewing PFS Share Logs ...........................................................................................................................503 Viewing PFS Data Reports........................................................................................................................504 What This Report Tells You...............................................................................................................505 About Report Graphs.........................................................................................................................505 About Report Data .............................................................................................................................505 Viewing DNS Cache Hits..........................................................................................................................507 What This Report Tells You...............................................................................................................507 About Report Graphs.........................................................................................................................507 About Report Data .............................................................................................................................507 Viewing DNS Cache Utilization ..............................................................................................................509 What This Report Tells You...............................................................................................................509 About Report Graphs.........................................................................................................................509 About Report Data .............................................................................................................................509 Viewing RSP Statistics Reports ................................................................................................................511 What This Report Tells You...............................................................................................................511 About Report Graphs.........................................................................................................................511 About Report Data .............................................................................................................................511 Viewing Alarm Status Reports.................................................................................................................513 What This Report Tells You...............................................................................................................522 Viewing TCP Memory Reports................................................................................................................523 What This Report Tells You...............................................................................................................523 About Report Graphs.........................................................................................................................524
Contents
Viewing System Details Reports..............................................................................................................526 What This Report Tells You...............................................................................................................528 Viewing CPU Utilization Reports ...........................................................................................................529 What This Report Tells You...............................................................................................................529 About Report Graphs.........................................................................................................................530 Viewing Disk Status Reports....................................................................................................................532 What This Report Tells You...............................................................................................................533 Viewing Memory Paging Reports ...........................................................................................................534 What This Report Tells You...............................................................................................................535 About Report Graphs.........................................................................................................................535 Viewing Logs ..............................................................................................................................................537 Viewing User Logs .............................................................................................................................537 Viewing System Logs .........................................................................................................................538 Downloading Log Files.............................................................................................................................540 Downloading User Log Files ............................................................................................................540 Downloading System Log Files........................................................................................................541 Viewing the System Dumps List .............................................................................................................541 Viewing Process Dumps ...........................................................................................................................542 Capturing and Uploading TCP Dumps .................................................................................................543 Checking Steelhead Appliance Health Status .......................................................................................548 Exporting Performance Statistics.............................................................................................................552 Appendix A - Steelhead Appliance MIB................................................................................................555 Accessing the Steelhead Enterprise MIB ................................................................................................555 Retrieving Optimized Traffic Statistics by Port..............................................................................556 SNMP Traps................................................................................................................................................556 Appendix B - Steelhead Appliance Ports .............................................................................................573 Default Ports...............................................................................................................................................573 Commonly Excluded Ports ......................................................................................................................574 Interactive Ports Forwarded by the Steelhead Appliance ...................................................................574 Secure Ports Forwarded by the Steelhead Appliance ..........................................................................575 Acronyms and Abbreviations................................................................................................................579 Index ........................................................................................................................................................585
xi
Contents
xii
Preface
Welcome to the Steelhead Management Console Users Guide for the Steelhead appliance and Steelhead CX appliance. Read this preface for an overview of the information provided in this guide and the documentation conventions used throughout, hardware and software dependencies, and contact information. It includes the following sections: