Tag: Brocade ADX
-
Brocade ADX Source NAT
Global source NAT Similar to F5’s Automap Automap will SNAT any traffic going towards the real-server. The client’s source IP will be replaced with the self-IP configured on the Brocade’s interface closest to the real servers. SNAT is implemented for ALL the real servers. server source-nat Warning: Do not use automap in environments with […]
-
Brocade ADX – Fall Back Server
TERMINOLOGY: Primary – A primary server is used by the ServerIron ADX when load balancing client requests for an application. Backup – A backup server is used by the ServerIron ADX only if all the primary servers are unavailable for the requested application. Local – A local server is one that is connected to the […]
-
Brocade ADX Crash
Brocade ADX can crash due to failure of Management Processor (MP) or Barrel Processor (BP). In order to narrow down the issue, check the output for the following commands:Brocade ADX Crash Brocade ADX can crash due to failure of Management Processor (MP) or Barrel Processor (BP). In order to narrow down the issue, check the […]
-
Brocade ADX – JSession Persistence
This is an example for JSession ID based persistence for Brocade ADX: csw-rule “JSESSION” header “cookie” pattern “JSESSIONID=” case-insensitive csw-rule “URI” url pattern “JSESSIONID=” case-insensitive csw-policy “CSW_JSESSION” case-insensitive match “JSESSION” persist offset 0 length 32 passive-persist match “URI” persist offset 0 length 32 passive-persist default forward 1 In the above policy, the persistence decision is […]
-
Brocade ADX – Poodle Vulnerability
Brocade ADX: 12.4S code version will disable SSLv3 by default and this would protect against the Poodle Vulnerability.
-
Brocade ADX – CSW HTTP Method
When using CSW Rule with POST method and load balancing based on incoming URI, you could run into a defect that prevents the right configuration. By default, “case-insensitive” CSW Rules would have to be added to “case-insensitive” CSW Policies. However, “case-insensitive” key word at the end of the CSW Rule for HTTP Method is NOT […]
-
Brocade ADX – TCP Profile & Slowness
With the newer Brocade ADX code versions (12.4G+), it is possible to alter the TCP profile settings that is associated with the Virtual Server. Why Change the TCP Profile: I have run into issues when there is slowness in data transfer between the client and the Brocade ADX. Usually, I have seen this happen under […]
-
ADX – SSL Simple Health Check
By default, when we configure SSL Health Check for a Real-Server: server real RS-web8 192.168.200.232 port ssl port ssl keepalive port ssl url “HEAD /” port ssl status-code 200 200 The ADX will perform a simple SSL handshake. It doesn’t really check the content/status code. In order to force the ADX to check the content/status […]
-
ADX Health Check
By default, when a real-server is created, the ADX will perform the following checks: Layer 2 ARP Layer 3 ICMP Ping After the real-server is attached to the virtual-server using the bind command, the ADX will perform Layer 4 or Layer 7 checks based on the configuration. It is essential to make sure that there […]
-
CSW PHPSESSID Persistence
csw-rule “CSW_RESPONSE_Cookie” response-header “Set-Cookie” pattern “PHPSESSID” csw-rule “CSW_URI” url pattern “PHPSESSID” csw-rule “CSW_PHPSESS” header “Cookie” pattern “PHPSESSID” csw-policy “POLICY_PHPSESSID” match “CSW_RESPONSE_Cookie” passive-persist offset 0 length 7 match “CSW_PHPSESS” persist offset 0 length 7 passive-persist match “CSW_URI” persist offset 0 length 7 passive-persist The above CSW Rule & Policy will provide persistence based on the PHPSESSID […]