반응형
장비 Serial Number, 모델명, Uptime 등 기본정보 확인
/info/sys/general
Alteon Application Switch 7612 Deliver
Switch is up 0 days, 0 hours, 6 minutes and 33 seconds.
Last boot: 08:59:44 Wed Aug 12, 2020 (shutdown from console)
Last apply:
Last save:
MAC Address : 2c:b6:93:57:da:00
Hardware MainBoard No|Rev : ODSHT2-MB | A.02
Hardware DB No|Rev : ODSHT2-DB-0612 | A.02
Hardware Serial Number : 71912002
장비 hostname 설정
>> Standalone ADC - Boot Options# /cfg/sys/ssnmp/name
Current SNMP "sysName":
""
Enter new "sysName", without quotes:
L4_Switch
hostname이 명령어 프롬프트에 출력되게 설정
>> Standalone ADC - System SNMP# /cfg/sys/hprompt
Current Display hostname (sysName) in CLI prompt: disabled
Enter new Display hostname (sysName) in CLI prompt [d/e]: e
New Display hostname (sysName) in CLI prompt: enabled
Link 상태 확인
>> Standalone ADC - Information# /info/link
------------------------------------------------------------------
Alias Port Speed Duplex Flow Ctrl Link
------ ---- ----- ------- --TX---RX-- -----
mgmt 1 0? 0? no no down
1 1 auto* full* yes* yes* down
2 2 auto* full* yes* yes* down
3 3 any any yes yes down
4 4 any any yes yes down
5 5 any any yes yes down
6 6 any any yes yes down
7 7 any any yes yes down
8 8 any any yes yes down
9 9 any any yes yes down
* = value set by configuration; not autonegotiated.
MP CPU 사용률 확인
>> Standalone ADC - MP-specific Statistics# /stat/mp/cpu
------------------------------------------------------------------
CPU utilization:
cpuUtil1Second: 2%
cpuUtil4Seconds: 2%
cpuUtil64Seconds: 2%
Telnet 활성화 명령어
>> Main# /c/sys/access/tnet ena
Telnet을 enable해야만 외부에서 Telnet을 통한 장비 접근이 가능해 진다.
장비의 현재 시간 확인
>> Standalone ADC - System# /info/sys/time
03:01:19 Sun Jul 9, 2017
Time zone: Asia/Korea/South (GMT offset +9:00)
No daylight savings rule applicable
MGMT ACL (white list 기반) 접근제어
>> Standalone ADC - Management Port# /cfg/sys/access/mgmt/
------------------------------------------------------------------
[Management Networks Menu]
add - Add IPv4 management network
rem - Remove IPv4 management network
add6 - Add IPv6 management network
rem6 - Remove IPv6 management network
arem - Remove all management networks
cur - Display current management networks
>> Standalone ADC - Management Networks# add
Enter Management Network IPv4 Address: 192.168.1.0
Enter Management Network Mask: 255.255.255.128 ==> 192.168.1.0/255.255.255.128만 telnet, ssh, gui 접속 가능
Enter Management Access protocol(all|telnet|ssh|https|snmp|report): all
=====================================
/cfg/slb/on ==> 켜줘야만 SLB 기능 가능
/cfg/slb/adv/direct en ==> 켜줘야만 Realserver의 Service Port로 접속 가능 (ex. http://realserver 등, http://vip는 SLB 키면 가능)
Note) 29.x / 30.x 이상버전에서는 기본 활성화 되어있기 때문에, 더이상 설정할 필요는 없다.
Interface IP 할당하기. 그냥 넣으면 vlan1번에 들어간다.
>> Standalone ADC - Maintenance# /cfg/l3/if 1/addr 172.16.0.1/mask 255.255.255.0/en
Current IP address: none
New pending IP address: 172.16.0.1
Pending new subnet mask: 255.255.0.0
Current subnet mask: none
New pending subnet mask: 255.255.255.0
Current status: disabled
New status: enabled
Interface IP, Gateway 정보 등 확인
>> Standalone ADC - Layer 3# /info/l3/ip
IP information:
Router ID: 0.0.0.0, AS number 0
Interface information:
1: IP4 172.16.0.1 255.255.255.0 172.16.0.255 , vlan 1, up
realserver 생성
>> Standalone ADC - Layer 4 Advanced# /cfg/slb/real 1/rip 172.16.0.100/en
Current real server IP address: none
New pending real server IP address: 172.16.0.100
Current status: disabled
New status: enabled
group 생성 (생성한 realserver를 add)
/cfg/slb/group 1/add 1/add 2
==> LB Method 기본값은 least conn
virtual service 생성 (생성한 group을 bind)
/cfg/slb/virt 1/vip 172.16.0.200/en
/cfg/slb/virt 1/service 80/group 1
각 port별 processing 설정
/cfg/slb/port 1/client en
/cfg/slb/port 2/server en
Note1) 위 인터페이스의 server/client port를 명시해야 SLB가 가능하다.
Note2) 29.x/30.x 이상버전에서는 기본 활성화 되어있기 때문에, 더이상 설정할 필요는 없다.
ARP 테이블 확인
>> Standalone ADC - Address Resolution Protocol# /maint/arp/dump
IP address Flags MAC address VLAN Age Port Referenced SPs
--------------- ----- ----------------- ---- --- ------ ----------------
172.16.0.1 P 2c:b6:93:15:3a:00 1 1-6
172.16.0.99 c8:5b:76:d8:f0:17 1 248 3 1-6
172.16.0.100 00:15:58:2e:24:98 1 253 5 1-6
172.16.0.200 P 4 2c:b6:93:15:3a:0e 1-6
FDB 테이블 (MAC 테이블) 확인
>> Standalone ADC - Address Resolution Protocol# /maint/fdb/dump
MAC address VLAN Port Trunk State Age Referenced SPs Learned port Referenced ports
----------------- ---- ------ ----- ----- --- -------------- ------------ ----------------
00:15:58:2e:24:98 1 5 FWD 1 2 5 6 5 3 5
c8:5b:76:d8:f0:17 1 3 FWD 1-3 5 6 3 3 5
stg(spanning tree) 동작하면, console에서 아래와 같이 bpdu 받았다는 로그가 나오고, stp block port 설정됨.
Jul 20 16:59:20 ALERT stp: own BPDU received on port 9
Jul 20 16:59:21 ALERT stp: STG 1, topology change detected
Jul 20 16:59:22 ALERT stp: own BPDU received on port 9
Jul 20 16:59:24 ALERT stp: own BPDU received on port 9
Jul 20 16:59:26 ALERT stp: own BPDU received on port 9
STG 상태 확인 - STP/RSTP/MSTP 상태 등을 확인 가능하다
>> Standalone ADC - Layer 2# /info/l2/stg
------------------------------------------------------------------
Spanning Tree Group 1: On (STP/PVST)
VLANs: 1 10 20
Current Root: Path-Cost Port Hello MaxAge FwdDel Aging
8000 2c:b6:93:15:3a:00 0 0 2 20 15 15
Parameters: Priority Hello MaxAge FwdDel Aging
32768 2 20 15 300
Port Prio Cost State Designated Bridge Des Port
------ ---- ---------- ----------- ---------------------- --------
1 128 0! DISABLED
2 128 0! DISABLED
3 128 0! DISABLED
4 128 0! DISABLED
5 128 20000! FORWARDING 8000-2c:b6:93:15:3a:00 8005
6 128 20000! FORWARDING 8000-2c:b6:93:15:3a:00 8005
7 128 200000! FORWARDING 8000-2c:b6:93:15:3a:00 8007
8 128 0! DISABLED
9 128 20000! BLOCKING 8000-2c:b6:93:15:3a:00 8005
! = Automatic path cost.
Transmission of PVST frames on untagged ports: Disabled
Number of topology changes - 7
Time since last topology change - 0 days 0 hours 0 minutes 31 seconds
port mirror 설정 샘플
7번: 받는 포트, IDS 장비 연결 포트
9번: 감시 포트, 원본 포트, RX/TX 패킷 모두 mirror 할 때
/c/pmirr/mirror ena
/c/pmirr/monport 7
add 9 both all
vrrp config sample
/c/l3/if 1
ena
ipver v4
addr 192.168.2.3
/c/l3/vrrp/vr 2
ena
ipver v4
vrid 2
if 1
addr 192.168.2.1
preem dis
share dis
/c/l3/vrrp/vr 200
ena
ipver v4
vrid 200
if 1
addr 192.168.2.200
share dis
/c/l3/vrrp/group
ena
ipver v4
vrid 254
if 1
share dis
이중화 상태 확인 명령어
/info/l3/vrrp
/info/l3/ha
Note) 현재 두 명령어 모두 사용가능하며, 30.x 이상버전부터 /info/l3/ha 명령어로 VRRP 및 신규 이중화 상태 출력 가능
CLI에서 실시간 로그 메세지 보이게 하기.
>> Standalone ADC - Operations# /oper/displog
Current state of displaying syslog messages to telnet/ssh sessions: enabled
Enter new state [d/e]: e
장비 전체에 Device Level로 보이는 CPS/PPS 확인 (32.x 이상버전)
>> Alteon5208 - Standalone ADC - System# /stats/slb/dvcstats
Device summary statistics
-----------------------------------------
Content Rule 2 Sideband stats:
Current Total
----------------------------------------------------------------------------------
Average sideband latency [ms]: 0 [/sec] 24
Request sent to sideband: 0 [/sec] 6
Request filtered from sideband: 0 [/sec] 1
Sideband timeouts: 0 [/sec] 0
Request sent to server: 0 [/sec] 4
Response sent to client: 0 [/sec] 2
Client connection closed: 0 [/sec] 2
Sideband failure: 0 [/sec] 0
Current Connections per second: 0
Packets per second: 0
Current Throughput per second: 0.080 Mbps
Current SSL: 0 CPS
반응형
'ADC, L4-L7스위치' 카테고리의 다른 글
| L4스위치의 다양한 구성 방안4 - FLB 구성 방식 (0) | 2023.04.20 |
|---|---|
| L4스위치의 다양한 구성 방안3 - Proxy IP 구성 방식 (0) | 2023.04.12 |
| L4 스위치의 다양한 구성 방안 2 - One Arm 구성 방식 (0) | 2023.04.01 |
| L4 스위치의 다양한 구성 방안 1 - In Line 구성 방식 (0) | 2023.03.28 |
| GSLB (Global Server Load Balancing) (0) | 2023.03.02 |