|
|
This chapter contains an alphabetical listing of the LocalDirector commands. Documentation for each command includes a brief description of its use, command syntax, usage guidelines, and an example of the command output.
LocalDirector(config)# route 0.0.0.0 0.0.0.0 ?
usage: [no] route <dest_net> <net_mask> <gateway> [<metric>]
LocalDirector(config)# route 0.0.0.0 0.0.0.0
The syntax of the command is displayed, and the prompt returns with the previous entry on the command line. Use the pager command to control display output.
For a listing of all commands available for the current mode, enter a question mark by itself.
If you enter a command that the LocalDirector does not recognize, the "Type '?' for a list of commands" message is displayed for a variety of reasons. This could be caused by the following:
1 ) Incorrect access mode--Ensure you are in configuration mode before entering configuration mode commands. From unprivileged mode, enter the enable command to start privileged mode. From privileged mode, enter config terminal to start configuration mode.
2 ) Incorrect number of parameters--Enter the help command to check the syntax of the command that you are entering.
3 ) Incorrect abbreviations--Try the command again with more characters or the full command name.
Table 4-1 lists configuration commands by LocalDirector features:
| Item | Command |
|---|---|
Access modes
|
enable configure terminal disable |
ARP cache
|
arp no arp |
Configuration management
|
configure clear configuration reload write |
Display output
|
show pager |
Connections
|
timeout synguard data show conn |
Failover
|
failover failover active failover reset failover ip address show failover |
Flash memory access
|
write erase show configuration reload write memory |
Floppy disk access
|
configure floppy write floppy |
| Help | help, ? |
| Hot-standby servers | backup |
Interface:
|
interface ethernet interface fddi mtu |
IP address
|
failover ip address |
Load balancing
|
predictor virtual real bind show bind show conn sticky timeout weight |
MAC addresses
|
show bridge clear bridge |
Names
|
name names |
Passwords
|
enable password |
Ping
|
ping ping-allow |
| Processes, show thread information | show processes |
| Prompt hostname, change | hostname |
Real server adjustments
|
reassign retry threshold data timeout |
| RIP listening, enable or disable | rip passive |
Routing table
|
route show route |
Security
|
ping-allow synguard |
Service state
|
in-service out-of-service autounfail restart retry |
SNMP
|
snmp-server contact snmp-server location snmp-server host |
SYSLOG
|
syslog console show syslog syslog output syslog host |
Telnet
|
telnet kill who password |
Virtual server adjustments
|
name predictor sticky |
Add an entry to the LocalDirector ARP table. (Privileged mode.)
[no] arp ip en unit [alias]| ip | IP address for the ARP table entry. |
| en | Hardware MAC address for the ARP table entry. |
| unit | Interface 0 or 1. |
| alias | Alias entries do not time out and are stored in the configuration with the write command. Alias entries stay in the ARP table after the LocalDirector reboots. |
The arp command adds an entry to the LocalDirector ARP table. ARP is a low-level TCP/IP protocol that resolves a node's physical address from its IP address.
Gratuitous ARPs are supported in LocalDirector version 1.6 and later.
Use no arp to delete alias ARP entries, and clear arp to remove other ARP entries.
LocalDirector(config)# arp 192.168.1.42 0000.0101.0202 0
LocalDirector(config)# arp 192.168.1.43 0000.0101.0203 1 alias
LocalDirector(config)# show arp
Interface 0:
192.168.1.42 (0000.0101.0202)
Interface 1:
192.168.1.43 (0000.0101.0203) alias
LocalDirector(config)# clear arp
LocalDirector(config)# show arp
Interface 0:
Interface 1:
192.168.1.43 (0000.0101.0203) alias
LocalDirector(config)# no arp 192.168.1.43 000.0101.0203 1
LocalDirector(config)# show arp
Interface 0:
Interface 1:
LocalDirector(config)#
Automatically bring a failed real server back into service. (Configuration mode.)
[no] autounfail real_id| real_id | Real server IP address or name and port (if a port-bound server). |
A server is failed when it does not answer the number of connections set with the threshold command, even though it still might answer one of its existing data connections. The autounfail command will bring a failed server into testing mode if it answers or sends data on a connection that is already established. The autounfail command is on by default.
In testing mode, the real server will get one real incoming connection. If it answers that connection, it will be put in service. If it does not answer that connection, it will be failed again.
LocalDirector(config)# autounfail 192.168.1.2
LocalDirector(config)#
Assign a backup server for real and virtual servers. (Configuration mode.)
[no] backup real_id|virtual_id backup_id| real_id | The IP address and port (if a port-bound server) or name of the real server to be backed up. |
| virtual_id | The IP address and port (if a port-bound server) or name of the virtual server to be backed up. |
| backup_id | The IP address and port (if a port-bound server) or name of the real or virtual server that will serve as a backup. |
You can back up real servers with virtual addresses, and you can back up virtual servers with a real server. You can use a backup server when the real or virtual server is not in service (for example, it is failed or out of service).
Port mappings have to be assigned on a per-virtual basis, so that the port assignments do not conflict when traffic is re-directed to the backup. Also, because port mappings are used when directing traffic to the backup server, it is important to have the same services running on the backup.
The predictor for the backup virtual server will be used to load balance the servers being backed up by that virtual server.
LocalDirector(config)# backup server1 remote1
LocalDirector(config)# backup server2 remote1
LocalDirector(config)# backup server3 remote1
LocalDirector(config)# show backup
Machine Port Backup Port
server1 default remote1 default
server3 default remote1 default
server2 default remote1 default
LocalDirector(config)#
Associate a virtual server with one or more real servers. (Configuration mode.)
[no] bind virtual_id real_id [real_id...]| virtual_id | The IP address and port (if a port-bound server) or name of a virtual server. A port number can also be specified. |
real_id
| The IP address and port (if a port-bound server) or name of a real server. A port number can also be specified. |
Use virtual or real to define the virtual and real server addresses before using bind. Use the bind command to direct network traffic from a virtual server to a real server. Use no bind to release an association between a real and virtual server.
LocalDirector(config)# bind 204.31.33.1 80 192.168.1.1 192.168.1.2
LocalDirector(config)# bind 204.31.33.1 192.168.1.3 192.168.1.4
LocalDirector(config)# show bind
Virtual Real
204.31.33.1 80 (IS)
192.168.1.2 (IS)
192.168.1.1 (IS)
204.31.33.1 default (IS)
192.168.1.4 (IS)
192.168.1.3 (IS)
LocalDirector(config)# no bind 204.31.33.1 192.168.1.3 LocalDirector(config)# show bind
Virtual Real
204.31.33.1 80 (IS)
192.168.1.2 (IS)
192.168.1.1 (IS)
204.31.33.1 default (IS)
192.168.1.4 (IS)
LocalDirector(config)#
Combine with other commands to delete information associated with the other commands. (Privileged and Configuration mode.)
clear (variable command)| secondary | Clears information about virtual and real servers, port mapping, backup servers, and load balancing. |
| primary | Clears settings for routing, failover, network interfaces, passwords, error logging, and networking. |
| all | Clears all configuration information. |
Use the clear command with arp, bridge, configuration, route, snmp-server, syslog, and telnet to clear the values associated with those commands.
Use the clear configuration command to delete all or part of the LocalDirector configuration. If you enter the clear configuration command without an optional argument, the default is to clear the secondary configuration.
LocalDirector(config)# show arp
Interface 0:
192.168.1.42 (0000.0101.0202)
Interface 1:
LocalDirector(config)# clear arp
LocalDirector(config)# show arp
Interface 0:
Interface 1:
LocalDirector(config)#
Set the current configuration interactively, or from flash or floppy. (Privileged mode.)
configure {floppy|memory|terminal}| floppy | Merge the current running configuration with the configuration stored on diskette with the write floppy command. |
| memory | Merge the configuration in flash memory with the current configuration in RAM. |
| terminal | Start configuration mode, and merge the current running configuration with commands entered from the keyboard. |
Each statement is read into the current configuration and evaluated with these rules:
LocalDirector# configure floppy
LocalDirector#
Limit number of connections to a server that is not sending data. (Configuration mode.)
[no] data real_id [number of connections]| real_id | The IP address and port (if a port-bound server) or name of a real server. |
number of connections
| The number of connections to allow to a real server where data has been requested, but no data has been sent by server. The feature is disabled by default with an initial value of 0. To calculate this value, divide the number of connections per second by the number of real servers, and increase the result by 20%. |
Some webservers (especially those running Microsoft Windows NT 4.0) will continue to establish connections to a real server even though the daemon or application running on that port is dead. The LocalDirector does not recognize this as a real machine failure, but the data command can be used to limit the number of connections sent to a server that is not sending data.
Once a real machine reaches this number of unanswered connections, the LocalDirector will check to see if other machines bound to the virtual server are also at 80 percent of their threshold capacity (DataIn value). If the other machines are close to reaching this value, then the LocalDirector assumes the site is busy and DOES NOT fail the machine.
If the other machines are not at this capacity, then the LocalDirector fails the real machine and sends the following SYSLOG/SNMP message:
Real machine 'x' Failed Application
The show real command indicates the number of unanswered connections for each real server, and the show data command indicates the value set with the data command. Use the no data command to return to the default value of 0.
LocalDirector(config)# data server2 50
LocalDirector(config)# show data
Machine Port DataIn
server2 default 50
LocalDirector(config)#
Exit privileged mode and return to unprivileged mode. (Privileged mode.)
disableThe disable command exits privileged mode and returns you to unprivileged mode. Use the enable command to return to privileged mode.
LocalDirector# disable
LocalDirector>
Start privileged mode. (Unprivileged mode.)
enableThe enable command starts privileged mode. LocalDirector prompts you for your privileged mode password. When you first configure LocalDirector, a password is not required and you can press the Enter key at the prompt. Use disable to exit privileged mode. Use enable password to change the privileged mode password.
In the example below, note that the prompt changes from ">" to "#" when you enter privileged mode.
LocalDirector> enable
Password: #######
LocalDirector# disable
LocalDirector>
Set the privileged mode password. (Privileged mode and Configuration mode.)
enable password password| password | A password of up to 16 alphanumeric characters, which is not case sensitive. LocalDirector converts the password to all lowercase. |
The enable password command changes the privileged mode password, for which you are prompted after you enter the enable command. When you first configure LocalDirector, a password is not required and you can press the Enter key at the prompt. Assign a password to privileged mode with the enable password command.
LocalDirector(config)# enable password fnord42
LocalDirector(config)#
Enable access to the optional failover feature. (Configuration mode.)
[no] failover [active] [active]
| Make a LocalDirector the active unit. Use this command to make a standby unit active. Either enter no failover active on the active unit to switch service back to the standby unit, or enter failover active on the standby unit. |
| ip address | This IP address will be used by the standby unit to communicate with the active unit. Use this IP address with the ping command to check the status of the standby unit. This address must be on the same network as the system IP address. For example, if the system IP address is 192.170.123.1, set the failover IP address to 192.170.123.2. |
| reset | Forces both units back to an unfailed state. Use this command instead of rebooting the LocalDirector. This will not cause a switch to occur, and if the LocalDirector still has problems, it will be failed again.
The failover reset command can be entered from either unit, but it is best to always enter commands at the active unit. Entering the failover reset command at the active unit will "unfail" the standby unit. |
Failover provides a mechanism for LocalDirector to be redundant by allowing two identical units to serve the same functionality. Both LocalDirector units must run the same version of software, and the failover cable must be used to connect the two units. The failover command without an argument indicates that you have connected the failover cable and intend to use a secondary unit to back up the primary LocalDirector. The default configuration includes the no failover command; however if the failover cable is present at boot-up, it will be detected automatically and failover will be enabled. Use the show failover command to verify the status of the connection and to determine which unit is active.
Failover works by passing control to the secondary unit should the primary unit fail. The switch between units occurs within 30 seconds of the failure event. The markings on the failover cable let you choose which unit is primary and which is secondary. Refer to Installing the Failover Connector Assemblies and Cable on the Cisco LocalDirector supplied with the failover cable option for more information about upgrading an older LocalDirector unit to accept the failover cable.
See Appendix A, "LocalDirector Hot-Standby Failover," for a detailed explanation of the failover option.
The following output shows failover on, and the primary unit state is active:
ld-prim(config)# show failover
Failover On
Cable status: Normal
This host: Primary - Active
Active time: 6885 (sec)
Interface 0 (192.168.89.1): Normal
Interface 1 (192.168.89.1): Normal
Other host: Secondary - Standby
Active time: 0 (sec)
Interface 0 (192.168.89.2): Normal
Interface 1 (192.168.89.2): Normal
Display help information. (All modes.)
helpThe help or ? command displays help information about all commands. You can view help on an individual command by entering the command name followed by a question mark. The command line prompt returns with the command syntax, and the command appears on the command line.
Use the pager command to control the display output.
Enter ? at the command prompt to get a list of all of the commands available for the current mode.
LocalDirector(config)# arp ?
usage: [no] arp <ip> <en> [alias]
LocalDirector(config)# arp
Change the host name in the LocalDirector command line prompt. (Configuration mode.)
hostname newname| newname | New host name for the LocalDirector prompt. This name can be up to 16 alphanumeric characters and is not case sensitive. LocalDirector converts the host name to all lowercase. |
The hostname command changes the host name label on prompts.
LocalDirector(config)# hostname primary
primary(config)#
Identify network interface board as Ethernet or FDDI. (Configuration mode.)
interface ethernet unit {10baseT|100baseTX|100full|auto}| unit | Interface 0 or 1. |
| 10baseT | Sets 10 Mbit Ethernet and half duplex communications. |
| 100baseTX | Sets 100 Mbit Ethernet and half duplex communications. |
| 100full | Sets 100 Mbit Ethernet and full duplex communications. |
| auto | Automatically determines networking speed and sets full duplex communications, if available. This is the recommended full duplex Ethernet option, but the network interface must support auto-detection. |
The interface command identifies the type of network interface boards, and the speed and duplex settings for Ethernet. Use show interface to view information about the interface.
To configure full duplex Ethernet, the auto option is recommended, but your network interface has to support auto-detection. You can force the Ethernet argument to accept full duplex with the 100full option if the network accepts full duplex and 100 megabit Ethernet.
LocalDirector(config)# interface ethernet 0 auto
LocalDirector(config)# interface fddi 1
LocalDirector(config)#
Mark a real or virtual server as being in service (IS). (Configuration mode.)
in-service {virtual|real} virtual_id|real_id [all] virtual
| Mark a virtual server as in service. |
real
| Mark a real server as in service. |
| virtual_id | The IP address and port (if a port-bound server) or name of a virtual server; if you specify more than one virtual server, only servers previously defined in LocalDirector are marked as in service. |
real_id
| The IP address and port (if a port-bound server) or name of a real server; if you specify more than one real server, only servers previously defined in LocalDirector are marked as in service. |
| [all] | Mark all virtual servers or all real servers with the same IP address as in service. This applies to servers with specific ports defined, and the port number for each virtual and real server does not have to be specified. |
The in-service command indicates that the virtual server or real server is ready to accept connections.
In following example, the in-service (is) command is used with the all option to put all ports of real server 192.168.1.1 in-service. This puts all ports of the real server (both default and port-bound) in-service with just one command.
Server www.joe.com is put in-service by using the name of the server for server_id. Because no port is specified, only the default ports are put in-service.
When port-bound server 192.168.1.3 80 is put in-service, the remaining ports (both default and port-bound) are left out-of-service.
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 OOS 8 0 0 0
192.168.1.1 21 0 OOS 8 0 0 0
192.168.1.1 default 0 OOS 8 0 0 0
www.joe.com 80 0 OOS 8 0 0 0
www.joe.com default 0 OOS 8 0 0 0
192.168.1.3 80 0 OOS 8 0 0 0
192.168.1.3 21 0 OOS 8 0 0 0
192.168.1.3 default 0 OOS 8 0 0 0
LocalDirector(config)#LocalDirector(config)# is real 192.168.1.1 all
LocalDirector(config)# is real www.joe.com
LocalDirector(config)# is real 192.168.1.3 80
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 IS 8 0 0 0
192.168.1.1 21 0 IS 8 0 0 0
192.168.1.1 default 0 IS 8 0 0 0
www.joe.com 80 0 OOS 8 0 0 0
www.joe.com default 0 IS 8 0 0 0
192.168.1.3 80 0 IS 8 0 0 0
192.168.1.3 21 0 OOS 8 0 0 0
192.168.1.3 default 0 OOS 8 0 0 0
Assign the system IP address for the LocalDirector. (Configuration mode.)
ip address ip [subnet_mask]| ip | System IP address of the LocalDirector. |
| [subnet_mask] | Subnet mask of LocalDirector network. |
The ip address command assigns an IP address to the LocalDirector. Use the show ip address command to view the address.
In the following example, the system IP address is 192.170.123.1, and the failover IP address is 192.170.123.2. The current IP of 192.170.123.2 indicates that this is the standby unit for failover. If the current IP is the system IP address, the unit is active. If the current IP is the failover IP address, the unit is standby.
See also: failover
LocalDirector(config)# show ip address
System IP 192.170.123.1, system subnet 255.255.255.0
Current IP 192.170.123.2
LocalDirector(config)#
Terminate a Telnet session. (Privileged mode.)
kill id| id | Telnet session ID. |
The kill command terminates a Telnet session. Use who or show who to view the Telnet session ID value. When you kill a Telnet session, LocalDirector lets any active commands terminate and then drops the connection without warning to the user.
LocalDirector(config)# show who
2: From 192.168.2.2
1: From 192.168.1.3
0: On console
LocalDirector(config)# kill 2
LocalDirector(config)# who
1: From 192.168.1.3
0: On console
Map a virtual server port to a port on a real machine to send TCP connections. (Configuration mode.)
[no] map virtual_id virtual_port real_port virtual_id
| Virtual server IP address or name. |
virtual_port
| Virtual server target port number. |
real_port
| Real server port number to map virtual_port into. Connections bound for the virtual server that you assign to this real server also have the destination port number changed to real_port. |
Use the map command to point the virtual server IP address and port number to a port on the real server bound to the virtual server. Use no map to remove mappings, and show map to display the current mappings.
LocalDirector(config)# map www.pete.com 80 8000
LocalDirector(config)# map www.joe.com 80 8001
LocalDirector(config)# show map
Port mappings for all machines
www.pete.com 80 maps to 8000
www.joe.com 80 maps to 8001
LocalDirector(config)#
Set the maximum number of connections that a real server will accept. (Configuration mode.)
[no] maxconns real_id number real_id
| The IP address and port (if a port-bound server) or name of the real server. |
number
| The maximum number of connections allowed for the server, or "unlimited" if there is no limit. |
You can set the maximum number of connections that a real server accepts to avoid overloading the server. There is no default setting for maxconns, and the value is "unlimited" when viewed with the show maxconns command.
See the section "Maximum Connections and Weighted Configuration" in Chapter 3, "Configuring LocalDirector," for more information about using this command.
LocalDirector(config)# show maxconns
Machine Port Limit
192.168.1.1 default unlimited
192.168.1.2 default unlimited
LocalDirector(config)# maxconns 192.168.1.1 500
LocalDirector(config)# show maxconns
Machine Port Limit
192.168.1.1 default 500
192.168.1.2 default unlimited
LocalDirector(config)#
Specify the maximum transmission unit (MTU) value for the specified network interface. (Configuration and Privileged modes.)
mtu unit bytes| unit | The interface (0 or 1) for which the MTU is being specified. |
| bytes | The MTU for the interface. Specify a number between 64 and 65,535. |
For Ethernet interfaces, the default MTU should be 1,500 bytes in a block; for FDDI, specify 4,096 bytes.
The value for the mtu command depends on the type of network interface specified in the interface command. The minimum value for val is 64 and the maximum is 65,535 bytes.
LocalDirector(config)# show mtu
mtu 0 1500
mtu 1 1500
LocalDirector(config)# mtu 0 4096
LocalDirector(config)# show mtu
mtu 0 4096
mtu 1 1500
Associate a name with an IP address. (Configuration mode.)
[no] name ip name ip
| The IP address of the virtual server or real server being named. This does not include port numbers associated with port-bound servers. |
name
| The name assigned to the IP address. |
Use the name command to identify a virtual or real server by a text name. This makes it easier to change the LocalDirector configuration because you can refer to real and virtual servers by name rather than IP address; however, the port number must be included with the name when identifying port-bound servers. The name command can be used before or after a server is defined.
The name command is optional, and it is not related to DNS. It provides a means of making LocalDirector servers easier to configure, and the names associated to the configuration do not have to be synchronized with DNS.
In the example below, the IP address 192.168.1.1 is assigned the name "server1" and then defined as a real server with the real command. Then, the name "server1" is used as the real_id with the in-service command.
LocalDirector(config)# name 192.168.1.1 server1
LocalDirector(config)# real server1
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
server1 default 0 OOS 8 0 0 0
LocalDirector(config)# in-service real server1
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
server1 default 0 IS 8 0 0 0
LocalDirector(config)#
Determine whether IP addresses or server names display in screen output. (Configuration mode.)
[no] namesYou can use either the server name or IP address to configure real and virtual servers regardless of whether the names command is on or off. The status of the names command does not affect the write terminal and show configuration commands. Use the show names command to check the status of names.
LocalDirector(config)# show names
names are on
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
server1 default 0 IS 8 0 0 0
server2 default 0 IS 8 0 0 0
LocalDirector(config)# no names
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.0.1 default 0 IS 8 0 0 0
192.168.0.2 default 0 IS 8 0 0 0
LocalDirector(config)# show names
names are off
LocalDirector(config)#
Mark a virtual or real server as being out of service (OOS). (Configuration mode.)
out-of-service {virtual|real} real_id|virtual_id [all]| virtual | Mark a virtual server as out of service. |
| real | Mark a real server as out of service. |
real_id
| The IP address and port (if a port-bound server) or name of a real server. Only servers previously defined in LocalDirector are marked as out of service. |
| virtual_id | The IP address and port (if a port-bound server) or name of a virtual server. Only servers previously defined in LocalDirector are marked as out of service. |
| [all] | Mark all virtual servers or all real servers with the same IP address as out of service. This applies to servers with specific ports defined, and the port number for each virtual and real server does not have to be specified. |
When you mark a real server as being out of service, LocalDirector does not assign new connections to it, but lets old connections continue to run until they complete. Any connection attempt or traffic on exiting connections causes LocalDirector to return a reset (RST) packet to the client. An out-of-service real server can still be accessed by clients specifying its actual IP address. Use show real to watch the status of open connections; when all connections appear as OOS, you can power-off the server or reconfigure it as required.
In following example, the out-of-service (oos) command is used with the all option to take all ports of real server 192.168.1.1 out-of-service. This takes all ports of the real server (both default and port-bound) out-of-service with just one command.
Server www.joe.com is placed out-of-service by using the name of the server for server_id. Because no port is specified, only the default ports are taken out-of-service.
When port-bound server 192.168.1.3 80 is placed out-of-service, the remaining ports (both default and port-bound) are left in-service.
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 IS 8 0 0 0
192.168.1.1 21 0 IS 8 0 0 0
192.168.1.1 default 0 IS 8 0 0 0
www.joe.com 80 0 IS 8 0 0 0
www.joe.com default 0 IS 8 0 0 0
192.168.1.3 80 0 IS 8 0 0 0
192.168.1.3 21 0 IS 8 0 0 0
192.168.1.3 default 0 IS 8 0 0 0
LocalDirector(config)#LocalDirector(config)# oos real 192.168.1.1 all
LocalDirector(config)# oos real www.joe.com
LocalDirector(config)# oos real 192.168.1.3 80
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 OOS 8 0 0 0
192.168.1.1 21 0 OOS 8 0 0 0
192.168.1.1 default 0 OOS 8 0 0 0
www.joe.com 80 0 IS 8 0 0 0
www.joe.com default 0 OOS 8 0 0 0
192.168.1.3 80 0 IS 8 0 0 0
192.168.1.3 21 0 IS 8 0 0 0
192.168.1.3 default 0 OOS 8 0 0 0
Control display output. The pager command is on by default. (Configuration and Privileged modes.)
[no] pager| lines | Indicates that you are defining the number of lines that will be displayed. In order to use this option, pager must be turned on first (see example). |
| number | The number of lines displayed. |
If the pager option is on, only one screen of output appears at a time. Pressing the spacebar displays the next page of information, and pressing Enter displays the next line. Pressing the "q" key stops the output and returns to the system prompt.
If the no pager command is used, screen output scrolls until the end without stopping.
Use the show pager command to see if the pager option is on or off.
LocalDirector(config)# show pager
pager is off
LocalDirector(config)# pager lines 20
turn pager on first
LocalDirector(config)# pager
LocalDirector(config)# pager lines 20
LocalDirector(config)# show pager
pager is on
LocalDirector(config)#
Modify Telnet login password. (Configuration mode.)
password password| password | A password of up to 16 alphanumeric characters, which is not case sensitive. LocalDirector converts the password to all lowercase. |
The password command sets a password for Telnet access. The default password is cisco.
See also: enable password
LocalDirector# password athensge0rg1a
LocalDirector#
Send a Ping request message. (Configuration mode.)
ping ip| ip | The IP address of a host on the network. |
The ping command determines if the LocalDirector has connectivity or if a host is available on the network. The command output shows if the response was received; that is, that the host exists on the network. If the host is not responding, ping displays "no response received." Use show interface to ensure that the LocalDirector is connected to the network and has connectivity.
The command displays three attempts to reach the specified address:
LocalDirector(config)# ping 192.168.42.54
192.168.42.54 response received - 10Ms
192.168.42.54 response received - 10Ms
192.168.42.54 response received - 10Ms
LocalDirector(config)#
Turn on or off the ability to ping a virtual address. The default is to NOT allow a virtual address to be pinged. (Configuration mode.)
[no] ping-allow unit| unit | Interface 0 or 1. |
By default, virtual addresses cannot be pinged. This helps protect virtual addresses from an ICMP echo flood.
Use the ping-allow command to enable a LocalDirector virtual address to respond to a ping request.
The following example allows a virtual address to be pinged from interface 0:
LocalDirector(config)# ping-allow 0
LocalDirector(config)#
Choose the type of load balancing for each virtual server. (Configuration mode.)
predictor virtual_id {fastest|roundrobin|leastconns|weighted} [roundrobin|none]| virtual_id | The IP address and port (if a port-bound server) or name of the virtual server. |
| fastest | Assigns new connections to the physical server with the fastest predicted response time. |
| roundrobin | Rotates through the list of physical servers bound to virtual, assigning connections to the next server. |
| leastconns | Assigns new connections to the physical server that has the least number of current connections. This is the default. |
| weighted | Assigns new connections based on values set with the weight command. The default weight for each server is one. |
| none | Disables slowstart for the virtual server. Use the roundrobin option to enable slowstart. |
Each virtual server can have a different predictor option. The show virtual command shows an asterisk (*) next to the active predictor. This indicates whether the virtual server is using the selected predictor value, or is in slowstart mode.
The slowstart option is available for the leastconns or weighted arguments. The LocalDirector will rotate through the servers until the number of connections reaches a pre-determined level when slowstart is enabled. This avoids overloading a server with too many requests when it is brought in-service. The slowstart option is enabled by default.
See Appendix B, "Load Balancing Options," for more information.
LocalDirector(config)# show virtual
Virtual Machines:
Machine Port State Connect Sticky Predictor Slowstart
www.site.com default IS 0 0 leastconns roundrobin*
LocalDirector(config)# predictor www.site.com weighted none
LocalDirector(config)# show virtual
Virtual Machines:
Machine Port State Connect Sticky Predictor Slowstart
www.site.com default IS 0 0 weighted* none*
LocalDirector(config)#
Define a real server. (Configuration mode.)
[no] real real_id [real_port] [service-state]| real_id | The IP address or name of a real server. |
| [real_port] | The port traffic that will run on the server. If you do not identify a specific port, all traffic will be allowed to the server and the port will be labeled "default." Zero is the same as default. Servers with a port specified are referred to as "port-bound" servers. |
| [service-state] | In service (is) or out of service (oos). The default is oos. |
Real servers are actual host machines with unique IP addresses that provide TCP/IP services to the network. Use no real to remove a real server from LocalDirector. Real servers can still be accessed using their actual IP address.
Use the show real command to check the service state of real servers. Possible service states are:
The show real command provides the following information:
| Column heading | Description |
|---|---|
| Machine | IP address and port (if a port-bound server) or name of the server. |
| Port | port traffic that is accepted by the server, default indicates all ports. |
| Connect | the current number of connections to the server. This does not include direct connections to the server that are bridged by the LocalDirector. |
| State | IS (in-service), OOS (out-of-service), failed, or testing. |
| Thresh | threshold value for reassignments before server is marked as failed. |
| No Answer Reassigns | number of connections that are not answered by a real server. |
| TCP Reset Reassigns | number of connections that are reassigned because a real server responded with a RST on a new connection. |
| DataIn Conns | number of clients requesting but not receiving data. |
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 IS 8 0 0 0
192.168.1.1 21 0 IS 8 0 0 0
192.168.1.1 default 0 IS 8 0 0 0
www.joe.com 80 0 OOS 8 0 0 0
Set number of retries to a real server before the connection is reassigned to another server. (Configuration mode.)
reassign real_id val| real_id | The IP address and port (if a port-bound server) or name of a real server. |
| val | The number of retries allowed. This value can be a number between 1 and 4. The default is 3. |
If reassign is at the default of 3, then TCP will attempt to connect three times before going to another server. If threshold is set to 8, this can happen eight times before the server is marked as failed.
See "Server Failure Adjustments" in Chapter 3, "Configuring LocalDirector," for more information.
LocalDirector(config)# show reassign
Machine Port Reassign
192.168.89.252 default 3
192.168.89.251 default 3
LocalDirector(config)# reassign 192.168.89.252 4
LocalDirector(config)# show reassign
Machine Port Reassign
192.168.89.252 default 4
192.168.89.251 default 3
LocalDirector(config)#
Reboot and reload the configuration from flash memory. (Configuration and Privileged modes.)
reloadThe reload command reboots the LocalDirector and reloads the configuration from flash memory.
LocalDirector# reload
Proceed with reload? [confirm]
Rebooting...
Take a server out of service, and then bring it back in service. (Privileged and Configuration modes.)
restart real|virtual [real_id|virtual_id]| real_id | The IP address and port (if a port-bound server) or name of the real server that will be restarted. |
| virtual_id | The IP address and port (if a port-bound server) or name of the virtual server that will be restarted. |
The restart command takes a server out-of-service and puts it back in-service with one command.
LocalDirector(config)# restart real server1
LocalDirector(config)#
Specify the number of minutes before a failed machine will be sent a live connection to check its state. (Configuration mode.)
retry real_id val| real_id | Real server IP address or name and port (if a port-bound server). |
| val | The number of minutes before a failed server is retried. The default is one minute. |
The retry command sets the number of minutes before a failed real machine is assigned another connection. If the retry is set to zero, the failed server will not be retried until the server is brought back into service with the in-service command.
LocalDirector(config)# show retry
Machine Port Retry
server1 default 1
server2 default 1
LocalDirector(config)# retry server1 5
LocalDirector(config)# show retry
Machine Port Retry
server1 default 5
server2 default 1
LocalDirector(config)#
Enable IP routing table updates from received RIP broadcasts. (Configuration mode.)
[no] rip passiveIf you have RIP on your network, enter the rip passive command. If you are not using RIP on your network, you must assign a static route with the route command. The LocalDirector does not broadcast RIP, it only listens to RIP.
LocalDirector(config)# show rip
no rip passive
LocalDirector(config)# rip passive
LocalDirector(config)# show rip
rip passive
LocalDirector(config)#
Add a static route to the IP routing table. (Configuration mode.)
[no] route dest_net net_mask gateway [metric] dest_net
| Destination IP network address; if default route, specify as all zeros (0.0.0.0). |
net_mask
| Subnet mask for the network; if default route, specify as all zeros (0.0.0.0). |
gateway
| The adjacent gateway to reach network. |
[metric]
| Optional distance metric (defaults to one). |
If you want to change an existing route, you must first use the no route command to clear the route, and then specify the new route with the route command. Defining a new IP route with the route command will not overwrite a route that is already established.
LocalDirector(config)# route 0.0.0.0 0.0.0.0 192.168.1.1 1
LocalDirector(config)#
View LocalDirector information. (All modes.)
show (variable command)Any settings left at their default values will not be displayed with the write terminal command. Use the show command and the command associated with the setting to view the default value in the configuration (for example, show retry). The only exception to this is the show configuration command which displays the configuration stored in flash memory, and therefore will not include default values either.
Use the show ? command to view the names of the arguments that can be used with show.
The pager command is used to control the display of show command output.
See also: pager
LocalDirector(config)# show real
Real Machines:
No Answer TCP Reset DataIn
Machine Port Connect State Thresh Reassigns Reassigns Conns
192.168.1.1 80 0 IS 8 0 0 0
192.168.1.1 21 0 IS 8 0 0 0
192.168.1.1 default 0 IS 8 0 0 0
www.joe.com 80 0 OOS 8 0 0 0
Configure the LocalDirector SNMP agent. (Configuration mode.)
[no] snmp-server contact text| contact | Indicates that you are supplying your name or that of the LocalDirector system administrator. |
| host | Indicates that you are specifying an IP address of a host to which SNMP traps should be sent. You can specify a maximum of five host IP addresses, one per command. |
| location | Indicates that you are specifying your LocalDirector location. |
| text | When used with contact, specify your name or that of the LocalDirector system administrator. When used with location, specify your LocalDirector location. |
| ipaddr | When used with host, the IP address of a host to which SNMP traps should be sent. You can specify a maximum of five host IP addresses. |
This command configures the SNMP agent on the LocalDirector. LocalDirector converts the contact and location information to lowercase.
See "Configuring SNMP" in Chapter 3, "Configuring LocalDirector," for more information.
LocalDirector(config)# show snmp-server
no snmp-server contact
no snmp-server location
LocalDirector(config)# snmp-server contact System Administrator
LocalDirector(config)# snmp-server location Corporate Headquarters
LocalDirector(config)# snmp-server host 10.10.10.2
LocalDirector(config)# show snmp-server
snmp-server host 10.10.10.2
snmp-server contact system administrator
snmp-server location corporate headquarters
LocalDirector(config)#
Set the number of minutes defining the period of inactivity between connections before the client is sent to another server. (Configuration mode.)
[no] sticky virtual_id minutes| virtual_id | Virtual server IP address or name and port (if a port-bound server). |
| minutes | The elapsed time of connection inactivity, after which a connection from the same client can be reassigned to a different real server. The default is 0 minutes. |
The sticky command ensures that the same client (based on IP address) gets the same server for multiple connections. This is used when applications require a consistent and constant connection to the same server. If you are connecting to a system that keeps state about your connection, sticky allows you to get back to the same real server again and retain the statefulness of the system. For example, if an online form is being completed by a client, the sticky command will ensure that multiple connections are sent to the same server in order to complete the transaction.
The sticky command is not timing how long a client will be connected, it is timing periods of inactivity. If sticky is set to five, and the client is active, new requests from the client are not sent to another server via load balancing after five minutes. However, if five minutes of connection inactivity elapse, the requests from the client could be sent to another real server.
Use show sticky or show virtual to display the sticky value. Use the no sticky command to return to the default value of 0.
LocalDirector(config)# show virtual
Virtual Machines:
Machine Port State Connect Sticky Predictor Slowstart
192.168.1.100 default OOS 0 0 leastconns* roundrobin
LocalDirector(config)# sticky 192.168.1.100 10
LocalDirector(config)# show sticky
Machine Port Sticky
192.168.1.100 default 10
LocalDirector(config)#
Set the number of unanswered SYNs to a virtual server before entering synguard mode. (Configuration mode.)
A SYSLOG message is sent when the LocalDirector enters synguard mode.
[no] synguard virtual_id count| virtual_id | Virtual server IP address or name and port (if a port-bound server). |
| count | The number of unanswered SYNs allowed before entering synguard mode. The default is 0. |
The synguard command provides limited protection against SYN attacks to the virtual IP address. Once the number of unanswered SYNs set with synguard command is reached, the LocalDirector starts to protect the real network and servers from a SYN attack.
Use the no synguard command to return to the default value of 0.
LocalDirector(config)# show synguard
Machine Port SynGuard Status
www.site.com default 0
LocalDirector(config)# synguard www.site.com 400
LocalDirector(config)# show synguard
Machine Port SynGuard Status
www.site.com default 400
LocalDirector(config)# show syn
Machine Port Conns Syn Count
www.site.com default 572 215
The following example shows synguard active:
LocalDirector(config)# show synguard
Machine Port SynGuard Status
www.site.com default 400 Active
LocalDirector(config)# show syn
Machine Port Conns Syn Count
www.site.com default 722 400
LocalDirector(config)#
Log messages to SYSLOG server. (Configuration mode.)
[no] syslog {host|console} ip| host | Define which hosts are sent SYSLOG messages. |
| console | Displays SYSLOG messages on the console port. Use no syslog console to stop the display. SYSLOG messages to the console will appear as they are logged, and may appear in the middle of other screen information. SYSLOG messages scroll on the screen without pausing. |
| output | Set the facility number and error level for messages sent to SYSLOG, hosts, and to the console. |
| ip | The IP address of the log host. |
| facility | Eight facilities LOCAL0(16) through LOCAL7(23); the default is LOCAL4(20). Hosts file the messages based on the facility number in the message. The facility number is a unique device number that identifies logging information and is saved in a log file shared by a number of devices. |
| level | Message type; sets the level above which LocalDirector suppresses messages to the SYSLOG hosts. Setting the level to 3, for example, allows messages with levels 0, 1, 2, and 3 to display. The default is 3. The levels are:
· 0 -- System unusable · 1 -- Take immediate action · 2 -- Critical condition · 3 -- Error message · 4 -- Warning message · 5 -- Normal but significant condition · 6 -- Informational · 7 -- Debug message |
Messages are sent to the SYSLOG host over UDP. Use the syslog host command to specify which systems receive the messages. You can use show syslog to view previously sent messages.
Logging is enabled by configuring the LocalDirector with the IP address of the log host.
See "Configuring SYSLOG" in Chapter 3, "Configuring LocalDirector," for more information.
The following example shows SYSLOG error messages generated by a bridge loop:
LocalDirector(config)# show syslog
<163> Bridge Loop, 00a0.2409.4f41 on multiple interfaces.
<163> Bridge Loop, 00a0.24c0.e863 on multiple interfaces.
<163> Bridge Loop, 00a0.c90d.10bd on multiple interfaces.
<163> Bridge Loop, 00a0.c933.287b on multiple interfaces.
<163> Bridge Loop, 00a0.c90d.10bd on multiple interfaces.
LocalDirector(config)#
Add authorized IP addresses for Telnet access to LocalDirector. (Configuration mode.)
[no] telnet ip mask| ip | The IP address or network of a host that is authorized to access the LocalDirector Telnet management interface. |
| mask | The subnet mask for the network specified in this command. Use any valid mask, or a network IP address to enable access to all in the subnet; for example if you set mask to 255.255.255.0, all systems in the subnet can access the LocalDirector over Telnet. If you set mask to 255.255.255.255, only the IP address you specify can access the LocalDirector. |
The telnet command is used to identify who can configure the LocalDirector via Telnet. Up to 16 hosts or networks are allowed access to the LocalDirector console, four simultaneously. The show telnet command displays the list of IP addresses authorized to access the LocalDirector. Use no telnet or clear telnet to remove Telnet access from an IP address. Use the who command to view IP addresses that are accessing the LocalDirector.
Use the password command to change the access password for Telnet.
LocalDirector(config)# telnet 192.168.1.3 255.255.255.255
LocalDirector(config)# telnet 192.168.1.4 255.255.255.255
LocalDirector(config)# telnet 192.168.2.0 255.255.255.0
LocalDirector(config)# show telnet
192.168.1.3 255.255.255.255
192.168.1.4 255.255.255.255
192.168.2.0 255.255.255.0
LocalDirector(config)# no telnet 192.168.1.3
LocalDirector(config)# show telnet
192.168.1.4 255.255.255.255
192.168.2.0 255.255.255.255
LocalDirector(config)#
Configure the number of consecutive TCP connection reassignments that a real server can exhibit before LocalDirector marks the real server as failed. (Configuration mode.)
threshold real_id connect_failures| real_id | Real server IP address or name and port (if a port-bound server). |
| connect_failures | The number of consecutive connection reassignments to tolerate; the default is 8. Zero is the same as one and the maximum number of reassigns is limited to 256. |
Use show real or show threshold to display real server threshold values. When the number of connection reassignments is equal to the threshold value, the server is failed by the LocalDirector. Failed real servers are not utilized by virtual servers while in the failed state; however, LocalDirector retests each failed server periodically with a single TCP connection attempt to see if the server has returned to normal behavior. If so, LocalDirector marks the server as in service which makes it available to handle virtual server requests.
See also: reassign, retry, and "Server Failure Adjustments" in Chapter 3, "Configuring LocalDirector."
LocalDirector(config)# show threshold
Machine Port Threshold
192.168.1.1 default 8
192.168.1.1 80 8
192.168.1.2 default 8
LocalDirector(config)# threshold 192.168.1.1 80 10
LocalDirector(config)# threshold 192.168.1.2 5
LocalDirector(config)# show threshold
Machine Port Threshold
192.168.1.1 default 8
192.168.1.1 80 10
192.168.1.2 default 5
LocalDirector(config)#
Set connection timeout for real machine. (Configuration mode.)
timeout real_id idle_minutes| real_id | Real server IP address or name and port (if a port-bound server). |
| idle_minutes | The number of minutes the server maintains a connection before dropping it. The default is 120 minutes, and the minimum is 5 minutes. To calculate this value, match the timeout setting in the server's operating system for TCP connections. |
Idle connections will be timed out after the number of minutes set with the timeout command for each real server. In addition, every two minutes the LocalDirector will remove a connection that has not been fully established (that is, either the client or server did not complete the TCP handshaking sequence to get the connection established).
LocalDirector(config)# show timeout
Machine Port Timeout
192.168.1.1 80 120
192.168.1.1 default 120
192.168.1.2 default 120
LocalDirector(config)# timeout 192.168.1.1 80 360
LocalDirector(config)# timeout 192.168.1.2 200
LocalDirector(config)# show timeout
Machine Port Timeout
192.168.1.1 80 360
192.168.1.1 default 120
192.168.1.2 default 200
LocalDirector(config)#
Create a virtual server to accept a connection from the network. (Configuration mode.)
[no] virtual virtual_id [virtual_port] [service-state]| virtual_id | The IP address or name of the virtual server being defined. |
| [virtual_port] | The port traffic that runs on the server. If you do not identify a specific port, all traffic will be allowed to the server and the port will be labeled "default." Zero is the same as default. Servers with a port specified are referred to as "port-bound" servers. |
| [service-state] | In service (is) or out of service (oos). The default is oos. |
The virtual command creates a virtual server to accept a connection from the network. Virtual servers present a single address for a group of real servers and load balance service requests between the real servers in a site. The virtual server IP address is published to the user community, but the real IP address can remain unpublished.
In cases where the published or "advertised" addresses are different from internal addresses, the IP address of the LocalDirector must be on the network from which you want to access the LocalDirector. That is, if your virtual servers are on network 206.214.127.x, and your real servers are on network 192.168.89.x, then the IP address of the LocalDirector should be either 206.214.127.x (if accessing the LocalDirector from outside) or 192.168.89.x (if accessing the LocalDirector from inside). Here "accessing" means using Telnet, SNMP, or SYSLOG to connect to the LocalDirector.
Specify the IP address of the LocalDirector with the ip address command before defining virtual servers. If no real servers are bound to the virtual server, the no virtual command can be used to remove the virtual server from LocalDirector.
The show virtual command indicates the service state of virtual servers. Possible service states are:
The show virtual command provides the following information:
| Column heading | Description |
|---|---|
| Machine | IP address and port (if a port-bound server) or name of the server. |
| Port | port traffic that is accepted by the server, default indicates all ports. |
| State | IS (in-service), OOS (out-of-service), or Max. |
| Connect | number of connections to the server. |
| Sticky | elapsed time of inactivity before connection is sent to another server. |
| Predictor | type of load balancing. An asterisk (*) indicates that this predictor is active. |
| Slowstart | slowstart option set with predictor command (roundrobin or none). An asterisk (*) indicates that this predictor is active. |
Create a virtual server IP address:
LocalDirector(config)# virtual 192.168.0.99
LocalDirector(config)# show virtual
Virtual Machines:
Machine Port State Connect Sticky Predictor Slowstart
192.168.0.99 default OOS 0 0 leastconns* roundrobin
Associate a name to an IP address, and then define it as a virtual server that is in-service:
LocalDirector(config)# name 192.168.1.101 www.site.com
LocalDirector(config)# virtual www.site.com is
LocalDirector(config)# show virtual
Virtual Machines:
Machine Port State Connect Sticky Predictor Slowstart
192.168.0.99 default OOS 0 0 leastconns* roundrobin
www.site.com default IS 0 0 leastconns roundrobin*
LocalDirector(config)#
Assign a relative value to the distribution of connections for real servers. (Configuration mode.)
[no] weight real_id number| real_id | The IP address and port (if a port-bound server) or name of a real server. |
| number | The number that will be averaged to determine the distribution of current connections among real servers. The default is one. |
Assign a larger number to servers with higher performance. In the example below, the weights of all of the servers equals eight. Therefore, server 192.168.1.1 would receive 4/8 of the connections, or 50%. Server 192.168.1.2 would receive 25% of the connections, and servers 192.168.1.3 and 192.168.1.4 would each receive 12.5% of the connections. Faster servers will still receive more connections because they will service the connection faster, regardless of the percentage of connections that they are assigned at the time.
LocalDirector(config)# show weight
Machine Port Weight
192.168.1.1 default 1
192.168.1.2 default 1
192.168.1.3 default 1
192.168.1.4 default 1
LocalDirector(config)# weight 192.168.1.1 4
LocalDirector(config)# weight 192.168.1.2 2
LocalDirector(config)# show weight
Machine Port Weight
192.168.1.1 default 4
192.168.1.2 default 2
192.168.1.3 default 1
192.168.1.4 default 1
LocalDirector(config)#
Show active Telnet administration sessions. (Unprivileged mode.)
who [ip]| [ip] | An optional IP address to limit the listing to one IP address or to a network IP address. |
The who command shows the tty_id and IP address of each Telnet client currently logged in to the LocalDirector. This command is the same as the show who command.
LocalDirector# who
2: From 192.168.2.2
1: From 192.168.1.3
0: On console
LocalDirector#
Store the current configuration. (Privileged and Configuration modes.)
write {erase|floppy|memory|standby|terminal}| erase | The write erase command clears the flash memory configuration. To clear the current running configuration, use write erase and then use the reload command to reboot the LocalDirector. |
| floppy | The write floppy command stores the current running configuration on floppy disk. The write floppy command assumes that the floppy disk is formatted for an IBM computer; however, once you use write floppy to write to the disk, its contents can only be accessed with the LocalDirector. |
| memory | The write memory command saves the current running configuration to flash memory. When using failover, this will force the configuration to be written to flash memory on the standby unit also. |
| standby | This will copy the active configuration to the standby unit. Use this if there is a problem with the configuration. |
| terminal | The write terminal command displays the current running configuration on the console computer. Before using this command, set your terminal communications program to store the screen display in a log file. |
Use the write floppy command to save the current running configuration to floppy disk, and use the write memory command to save to flash memory. You can save your configuration on the distribution diskette that shipped with your LocalDirector. Use configure memory or configure floppy to restore the saved configuration.
Any settings left at the default value will not be displayed with the write terminal command. Use the show command and the command associated with the setting to view the default value in the configuration (for example, show retry). The only exception to this is the show configuration command which displays the configuration stored in flash memory, and therefore will not include default values either.
LocalDirector(config)# write floppy
Building configuration...
[OK]
LocalDirector(config)#
|
|