[f-nsp] TCS/proxy oad balancing redirecting traffic on port 3128

Samit janasamit at wlink.com.np
Fri Mar 13 05:26:25 EDT 2009 

Thanks Mischa,  I am yet to get the latest L2 code from my vendor, in
the meantime I am testing it by booting my system using the secondary
code which is luckily happened to be a L2 code :).

It seem to work as per your suggested config, however I also need to
test bypassing some of my specific customers  and specific dst traffic
going into proxy, I am going through the policy based caching sections
of the doc but still any tips in advance would be appreciated.

Regards,
Samit


Mischa Peters wrote:
> Hi Samit,
> 
> You have to create some health checks and bind them to the port.
> Something like:
> 
> server port 3128
>  tcp keepalive 5 3
> 
> server port 80
>  tcp keepalive 5 3
> 
> healthck squid tcp
>   dest-ip 192.168.0.104
>   port 3128
>   protocol http
>   protocol http url "GET /"
> 
> healthck www tcp
>   dest-ip 192.168.0.104
>   port http
>   protocol http
>   protocol http url "GET /"
> 
> healthck squid1 boolean
>   and squid www
> 
> server cache-name squid1 192.168.0.104
>  no-l3-check
>  port 3128 healthck squid1
>  port http
>  port http url "GET /"
> 
> This will basically bind port 3128 and http together, which means that
> when port http fails, it will also fail 3128.
> 
> The "sh healthck" command will tell you the status.
> 
> Total nodes: 3; Max nodes: 128
>       Name   Value   Enable   Type       Dest-IP        Port   Proto   
> Layer
> --------------------------------------------------------------------------
>      squid     N/A      YES    tcp     192.168.0.104    3128    http  
> l4-chk
>        www     N/A      YES    tcp     192.168.0.104    http    http  
> l4-chk
>     squid1     N/A       na   and squid www
> 
> Hope this helps.
> 
> I would also suggest to upgrade your platform to something more current.
> 10.2.01 for example.
> 
> Mischa
> 
> On Mar 13, 2009, at 09:22, Samit wrote:
> 
>> Hi,
>>
>> I got basic TCS working which I found straight forward. However I want
>> my proxy health check to be done on port 80 (which is internally
>> redirected to port 3128 by proxy server)  but the customer web traffic
>> redirection should go to port 3128. Similarly, I also need to bypass
>> some of my specific customers traffic going into proxy. How to achieve
>> this in ServerIronGT EGx2.  I have this setup working in my Alteon but
>> not able to do it in ServerIron perhaps being a newbie in Foundry.
>>
>> Thanks.
>>
>> My test config:
>>
>> server port 3128
>> tcp
>>
>> server port 80
>> tcp
>> !
>> server cache-name squid1 192.168.0.104
>> no-l3-check
>> port 3128
>> port http
>> port http url "GET /"
>>
>> server cache-group 1
>> cache-name squid1
>>
>> ip policy 1 cache tcp http local
>>
>> interface ethernet 2/1
>> ip-policy 1
>>
>> interface ethernet 2/8
>> ip-policy 1
>>
>>
>> SLB-ServerIron#sh ver
>>  SW: Version 09.4.00tTD2 Copyright (c) 1996-2003 Foundry Networks, Inc.
>>      Compiled on Dec 06 2006 at 02:46:26 labeled as WXM09400t
>>      (3904062 bytes) from Secondary WXM09400t.bin
>>  HW: ServerIronGT E-1 Switch, SYSIF version 21, Serial #: Non-exist
>> ==========================================================================
>>
>> SL 1: B0GMR WSM6 Management Module, SYSIF 2, M6, ACTIVE
>>      Serial #:   CH50050124
>>    0 MB SHM, 1 Application Processors
>> 16384 KB BRAM, SMC version 5, BM version 21
>>  SW: (1)09.4.00tTF2
>> ==========================================================================
>>
>> SL 2: J-BxG JetCore Gig Fiber Module, SYSIF 2 (Mini GBIC)
>>      Serial #:   PR13021751
>> 4096 KB BRAM, JetCore ASIC IGC version 49, BIA version 89
>> 32768 KB PRAM and 2M-Bit*1 CAM for IGC  4, version 0449
>> 32768 KB PRAM and 2M-Bit*1 CAM for IGC  5, version 0449
>> ==========================================================================
>>
>> Active management module:
>>  1.0 GHz Power PC processor 750GX (version 7002/0102) 66 MHz bus
>>  512 KB boot flash memory
>> 16384 KB code flash memory
>>  512 KB SRAM
>>  512 MB DRAM
>> The system uptime is 3 hours 1 minutes 47 seconds
>> The system : started=warm start   reloaded=by "reload"
>>
>> Regards,
>> Samit
>>
>>
>>
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
> 
> 
>

More information about the foundry-nsp mailing list