Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 51
ServerIron ADX Security Guide
37
53-1002440-03
Traffic segmentation
1
When used for creating Layer-2 segmentation among SLB domains, this feature ensures that traffic
from one SLB domain destined to another SLB domain goes through the upstream gateway and is
not switched locally. This ensures that every packet between a client and server has to go through
the ServerIron ADX for load-balancing.
is an example of the VLAN bridging feature deployed in a one-armed topology. In this
example when traffic from “Domain1” is bound for“Domain2” it is translated from VLAN 2 to VLAN
12 at the ServerIron ADX. It is then able to reach the “Gateway” on VLAN 12. The return traffic from
the “Gateway” leaves on VLAN 13 and is translated to VLAN 3 at the ServerIron ADX. It is then able
to reach “Domain2” on VLAN 3.
FIGURE 1
VLAN bridging in a one-armed topology
The topology described in
can be implemented in the hot-standby configuration as shown
.
FIGURE 2
VLAN bridging in a one-armed topology in High Availability configuration (hot-standby)
Layer-2
Switch
Gateway
ServerIron ADX
Vlan 2
Vlan 3
Vlan 4
Domain1
Domain2
Domain3
Vlan -Bridging
2-12, 3-13, 4-14
Vlans
2, 3, 4, 12, 13, 14
Vlans
12, 13, 14