Sample http trl configuration, Configuring layer 4 slb – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

20

ServerIron ADX Security Guide

53-1002440-03

Configuring HTTP TRL

1

Syntax: [no] default exceed-action reset

Sample HTTP TRL configuration

This section describes how to configure a sample HTTP TRL configuration. This scenario describes
all the required steps for configuring HTTP TRL, with notes the optional steps. This configuration
consists of four parts:

•

Creating an HTTP TRL policy with a client rate limit

•

Configuring Layer 4 server load balancing

•

Creating a CSW rule and policy with HTTP TRL

•

Enabling Layer 7 server load balancing

Creating an HTTP TRL policy with client rate limit

To configure a HTTP TRL policy with client rate limit, follow these steps.

1. Define an HTTP TRL policy.

ServerIronADX(config)# http-trl-policy p1

Syntax: [no] http-trl-policy <policy-name>

2. Configure an HTTP TRL client rate limit.

ServerIronADX(config-http-trl-p1)# client-name c1 monitor-interval 1 10 20 0

Syntax: [no] client-name <client-name> monitor-interval <interval-value> <warning-rate>

<shutdown-rate> <holddown-interval>

3. Configure the action to take if a client exceeds the configured rate limit (optional).

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action reset

Syntax: [no] client-name <client-name> exceed-action reset

Configuring Layer 4 SLB

To configure Layer 4 SLB, follow these steps.

1. Define a real server (1) with an IP address.

ServerIronADX(config)# server real web1 1.1.1.1

Syntax: server real <real-server> <ip-address>

2. Define a real HTTP port on the real server.

ServerIronADX(config-rs-web1)# port http

Syntax: port http

3. Define a real server (2) with an IP address.

ServerIronADX(config-rs-web1)# server real web2 1.1.1.2

Syntax: server real <vip-name> <ip-address>

4. Define a real HTTP port on the real server and exit.

ServerIronADX(config-rs-web2)# port http