Chapter 2: Configuring CVDM-CSM

Table Of Contents

Configuring CVDM-CSM

Understanding Wizards

Basic Setup Wizard

Welcome Page of the Basic Setup Wizard

Configuring Client and Server Side VLANs

Configuring a Virtual Server

Configuring the Default Policy

Summary

Advanced Setup Wizard

Welcome Page of the Advanced Setup Wizard

Configuring Layer 7 Policies

FAQ

How Do I Set Up a Virtual Server with Default Policy using Wizards?

How Do I Set Up a Virtual Server with Layer 7 Policy using Wizards?

How Do I Set Up a Virtual Server with Default Policy and Layer 7 Policies?

Configuring CVDM-CSM

CVDM-CSM allows user to setup the CSM module features with the help of wizards, which simplify the complex configuration.

This section includes the following topics:

• Understanding Wizards

• Basic Setup Wizard

• Advanced Setup Wizard

• FAQ

Understanding Wizards

CVDM-CSM Manager allows you to choose between two types of setup wizards: basic and advanced.

To choose between the two wizards:

Step 1 Click Setup from the task bar.

Step 2 Click Wizards in the Setup pane. The setup wizards information appears in the content area.

Step 3 Select either of the two wizards:

•Basic Setup Wizard

•Advanced Setup Wizard

Step 4 Click Launch Selected Task to launch the corresponding wizard.

Basic Setup Wizard

The Basic Setup Wizard allows you to configure and manage client and server VLANs and virtual servers, and associate Layer 4 policies. Figure 2-1 shows the Basic Setup Wizard page.

Figure 2-1 Basic Setup Wizard Page

Welcome Page of the Basic Setup Wizard

This wizard guides you to setup a virtual server with a default server farm and set of real servers. It also guides you to setup client-side or server side VLANs. You can also associate the VLAN to the Virtual Server.

The Welcome page lists the three basic configuration steps:

•Step 1: Configure Client and Server side VLANs in Route (different subnet) or Bridge (single subnet) Mode. For more information, see Configuring Client and Server Side VLANs.

•Step 2: Configure a Virtual Server. For more information, see Configuring a Virtual Server.

•Step 3: Configure a Default Policy. For more information, see, Configuring the Default Policy.

Configuring Client and Server Side VLANs

You can create client-side VLAN and server-side VLAN in route mode (different subnets) or bridge mode (single subnet), from this step. If you have configured at least one client-side or server-side VLAN, this step is optional.

In bridge mode configuration, the client-side and server-side VLANs are on the same subnets. Hence, the IP address and mask values of the client VLAN are populated for the server VLAN.

In route mode configuration, the client-side and server-side VLANs are on different subnets.

Select the radio button to configure in the Route mode or Bridge mode.

The fields in the table will vary according to the mode of configuration. In bridge mode configuration, you can configure only VLAN ID. The IP address and mask have to be the same for both client-side and server-side VLANs.

You can configure the following in the Configuring Client and Server Side VLANs dialog box.

Field

Action/Description

Client VLAN

VLAN ID

Specify the ID of the client-side VLAN. You can create a new VLAN or choose from a list of available VLANs.

Click and select one of the following:

•Select VLAN—Allows you to select a VLAN from a list. If you choose local, CSM-S forwards the packets directly to the real server.

•Create VLAN—Allows you to create a VLAN by entering the VLAN ID.

•Clear VLAN—Allows you to clear the VLAN field.

IP Address

Enter the IP address of the client-side VLAN. You can configure only one management IP address per VLAN.

Alias

Click and select Add Alias. The Add Alias dialog box appears. Enter the alias IP address. You can add an alias IP address only after you add a valid IP address.

You can configure up to 255 aliases per VLAN. When more than one alias IP address is listed, they will appear serially, separated by a comma.

Gateways

Click and select Add Gateways. The Add Gateways dialog box appears. From the list, select the gateway for the client-side VLAN.

You can configure up to 7 gateways per VLAN, with a total of up to 255 gateways for the entire system.

A gateway must be in the same network as specified in the IP address. When more than one gateway IP address is listed, they will appear serially, separated by a comma.

Static Routes

Specify the static route. When more than one static route is listed, they will appear serially, separated by a comma.

Click and select Add Static Route to add a static route from a list. For more information on adding static routes, see Adding Static Routes.

Server VLAN

In bridge mode configuration, you can configure only VLAN ID. The IP address and mask have to be the same for both client-side and server-side VLANs.

VLAN ID

Specify the ID of the server-side VLAN. You can create a new VLAN or choose from a list of available VLANs.

Click and select one of the following:

•Select VLAN—Allows you to select a VLAN from a list. If you choose local, CSM-S directly forwards the packets to the real server.

•Create VLAN—Allows you to create a VLAN by entering the VLAN ID.

•Clear VLAN—Allows you to clear the VLAN field.

IP Address

(Disabled for bridge mode) Enter the IP address of the server-side VLAN. You can configure only one management IP address per VLAN.

Alias

(Only in route mode) Click and select Add Alias. The Add Alias dialog box appears. Enter the alias IP address. You can add an alias IP address only after you add a valid IP address.

When more than one alias IP address is listed, they will appear serially, separated by a comma.

Mask

(Disabled for bridge mode) From the list, select the IP mask to be applied. You can choose from Class A, Class B, Class A and Class D masks.

If it is not specified, the default for network mask is 255.255.255.255.

Gateways

(Only in route mode) Click and select Add Gateways. The Add Gateways dialog box appears. From the list, select the gateway for the server-side VLAN.

You can configure up to seven gateways per VLAN, with a total of up to 255 gateways for the entire system. A gateway must be in the same network as specified in the IP address. When more than one gateway IP address is listed, they will appear serially, separated by a comma.

Static Routes

(Only in route mode) Specify the static route. When more than one static route is listed, they will appear serially, separated by a comma.

Click and select Add Static Route to add a static route from a list. For more information on adding static routes, see Adding Static Routes.

Adding Static Routes

Step 1 Click Setup from the task bar.

Step 2 Click Wizards in the Setup pane. The Setup Wizards information appears in the content area.

Step 3 You can select either of the following two wizards:

•Basic Setup Wizard

•Advanced Setup Wizard

Step 4 Click Launch Selected Task to launch the corresponding wizard. The Welcome page appears.

Step 5 Click Next. The Configure Client and Server Side VLAN dialog box appears.

Step 6 In the Client and Server VLAN section, click in the static route field. The Add Static Route dialog box appears, displaying the following columns.

Field

Description

Destination IP

Enter the IP address of the destination.

Mask

From the list, select the mask to be applied. You can choose from Class A, Class B, Class A and Class D masks.

The default for network mask is 255.255.255.255.

Next Hop

Enter the IP address of the next hop.

Configuring a Virtual Server

The Basic Setup Wizard allows you to configure the basic parameters of a virtual server. You can configure the IP address, mask, protocol, port, service type and also specify a VLAN to enable traffic from it.

The Advanced Setup Wizard allows you to configure client and server VLANs and also create layer 4 to layer 7 policies.

The Configure Virtual Server dialog box appears, displaying the following columns:

Column

Description

Virtual Server

Click and select one of the following:

•Select Virtual Server—Allows you to select a virtual server from a list.

•Create Virtual Server—Allows you to create a virtual server by entering its name.

Virtual IP Address

IP Address

Enter the IP address of the virtual server.

Mask

Enter the mask for the IP address, to allow connections for the entire network. The default IP mask is 255.255.255.255.

Protocol

From the list, select the load-balancing protocol.

Allow Traffic from VLAN

From the list, select a VLAN to enable traffic from it.

Port

From the list, select the port.

This field is enabled only when you choose TCP or UDP as the protocol.

Service Type

From the list, select the service type. You can combine connections associated with the same service. This allows all related connections from a client to use a particular real server.

The options depend on the protocol you choose. You can choose from the following:

•FTP—Combines connections to FTP port 21.

•RTSP—Combines connections to Real Time Streaming Protocol (RTSP) TCP port 554.

•Termination—Enables TCP termination for DoS attack protection.

•Per-packet—Load balances each packet independently. This option is for non-TCP only.

Configuring the Default Policy

From this step, you can configure multiple real servers and associate them to the server farm, and delete the association of the existing real server.

The following columns appear in the Configure Default Policy dialog box:

Field

Description

Default Server Farm

Click and select one of the following:

•Select Server Farm—Allows you to select a server farm from a list.

•Create Server Farm—Allows you to create a server farm by entering its name.

Associated Real Servers

Real

The real server associated to the server farms.

Local

Indicates if this real server is the SSL card.

Minimum Connections

Minimum number of connections for the real server.

Maximum Connections

Maximum number of connections for the real server.

Weight

Weight assigned to the real server. The weight identifies the capacity of the real server compared to other real servers in the server farm.

Admin Status

Lets you know the administrative status of the real server.

Note You can add, edit or delete named and unnamed real servers only after you add or select a server farm.

From the Configure Default Policy dialog box, you can do the following:

•Click Add and do either of the following:

–Select Named Real Server—Opens the Add Named Real Server dialog box. For more information, see Adding a Named Real Server, page 5-23.

–Create Unnamed Real Server—Opens the Add Unnamed Real Server dialog box. For more information, see Adding an Unnamed Real Server, page 5-27.

–Add Multiple Real Servers—Opens the Real Server Selector and allows you to add multiple real servers. For more information, see Adding Multiple Real Servers, page 5-11.

•Click Edit to edit the selected real server. For more information on editing real servers, see Editing a Real Server, page 6-10.

•Click Delete to delete the selected real server.

Summary

You can see a list of all the generated CLI commands that are delivered to the device after you click the Finish button.

Step 1 Click Setup from the task bar, click Wizards in the Setup pane. The Setup Wizards information appears in the content area.

Step 2 You can select any of the following two wizards:

•Basic Setup Wizard

•Advanced Setup Wizard

Step 3 Click Launch Selected Task to launch the corresponding wizard dialog. The Welcome page appears.

Step 4 Click Next. The Configure Client and Server Side VLAN dialog box appears.

Step 5 Click Next. The Configure Virtual Server dialog box appears.

If you selected Advanced Setup Wizard you will have to Configure Layer 7 Policies, then click Next.

Step 6 Click Next. The Configure Default Policy dialog box appears.

Step 7 Click Next. The Summary dialog box appears.

Advanced Setup Wizard

The Advanced Setup Wizard allows you to configure client and server VLANs and also create layer 4 to layer 7 policies. Figure 2-2 shows the Advanced Wizards page.

Figure 2-2 Advanced Wizards Page

Welcome Page of the Advanced Setup Wizard

This wizard guides you to setup a virtual server with a default server farm, set of real servers and create layer 4 to layer 7 policies. It also guides you to setup client-side or server side VLANs and associate a VLAN to virtual server.

The Welcome page lists the four configuration steps:

•Step 1: Configure Client and Server side VLANs in Route (different subnet) or Bridge (single subnet) Mode. For more information, see Configuring Client and Server Side VLANs.

•Step 2: Configure a Virtual Server. For more information, see Configuring a Virtual Server.

•Step 3: Configure Layer 7 Policies. For more information, see Configuring Layer 7 Policies

•Step 4: Configure a Default Policy. For more information, see, Configuring the Default Policy.

Configuring Layer 7 Policies

You can create and associate layer 7 policies to the virtual server. You can view the current policies, add new ones, delete existing ones, and also change the order of the policies.

You can configure the policy, and also configure and associate the following to the policy:

•One map of each type (URL, Header, Cookie and Return Code).

•One sticky group of any type (Cookie, SSL, Header or NetMask).

•One client group.

The Configure and Associate Layer 7 Policies dialog box appears. From this dialog box, you can do the following:

•Click Add and select one of the following:

–Select Policy—Allows you to select from a list of configured policies.

–Create Policy—Allows you to add a new policy. For more information on creating policies, see Adding Policies, page 7-5.

•Select a policy and click Delete to remove it from the virtual server.

•Click the Up button to move the policies up in the list.

•Click the Down button to move the policies down in the list.

Note Be sure to put the policies in the right order. Traffic is routed based on the order of the policies.

FAQ

This section describes some common FAQs:

• How Do I Set Up a Virtual Server with Default Policy using Wizards?

• How Do I Set Up a Virtual Server with Layer 7 Policy using Wizards?

• How Do I Set Up a Virtual Server with Default Policy and Layer 7 Policies?

How Do I Set Up a Virtual Server with Default Policy using Wizards?

The Basic Setup Wizard allows you to configure and associate multiple real servers to the server farm and delete the association of the existing real server.

To setup a virtual server with the default policy:

Step 1 Click Setup from the task bar, click Wizards in the Setup pane. The Setup Wizards information appears in the content area.

Step 2 Select Basic Setup Wizard, then click Launch Selected Task. The Welcome page appears.

Step 3 Click Next to proceed to step 1. The Configure Client and Server Side VLAN dialog box appears. To configure Client and Server Side VLANs, see Configuring Client and Server Side VLANs.

Step 4 Click Next to proceed to step 2. The Configure Virtual Server dialog box appears. To configure a virtual server, see Configuring a Virtual Server.

Step 5 Click Next to proceed to step 3. The Configure Default Policy dialog box appears. To configure the default policy, see Configuring the Default Policy.

How Do I Set Up a Virtual Server with Layer 7 Policy using Wizards?

The Advanced Setup Wizard allows you to configure client and server VLANs and create layer 4 to layer 7 policies.

To setup a virtual server with Layer 7 policy:

Step 1 Click Setup from the task bar, click Wizards in the Setup pane. The Setup Wizards information appears in the content area.

Step 2 Select Advanced Setup Wizard, then click Launch Selected Task. The Welcome page appears.

Step 3 Click Next to proceed to step 1. The Configure Client and Server Side VLAN dialog box appears. To configure client and server-side VLANs, see Configuring Client and Server Side VLANs.

Step 4 Click Next to proceed to step 2. The Configure Virtual Server dialog box appears. To configure virtual server, see Configuring a Virtual Server.

Step 5 Click Next to proceed to step 3. The Configure and Associate Layer 7 Policies dialog box appears. To configure and associate layer 7 policies, see Configuring Layer 7 Policies.

Step 6 Click Next to proceed to step 4. The Configure Default Policy dialog box appears. To configure the default policy, see Configuring the Default Policy.

How Do I Set Up a Virtual Server with Default Policy and Layer 7 Policies?

To set up a virtual server with default Policy and Layer 7 policies:

Step 1 Do one of the following:

•Click Home at the top of the window and click Virtual Servers under Services Dashboard.

Or

•Click Setup from the task bar and click Virtual Servers in the Setup pane.

Step 2 Click Add. The Add Virtual Server dialog box appears.

Step 3 Click one of the following tabs, then proceed to the corresponding section in this guide for configuration information:

• General

• Policies

• Default Policy

• Client Restriction

• Sticky Connections

• Other

General

Click the General tab to configure the basic configuration details.

Figure 2-3 Add Virtual Server > General Dialog Box

The following columns appear:

Columns

Action/Description

Name

Enter the name of the virtual server.

Status

From the list, select the status of the virtual server.

VLAN ID

From the list, specify a VLAN for incoming traffic.

•If you choose All, traffic from all VLANs is enabled.

•If you choose Local, CSM-S directly forwards the packets to the real server.

Virtual IP Address

IP Address

Enter the IP Address of the virtual server.

Protocol

From the list, select the type of protocol to use. You can choose from Any, TCP, or UDP, or enter a number from 1 to 255.

Port

From the list, select the port number. This field is enabled only when you choose TCP or UDP.

Service Type

From the list, select the service type. You can combine connections associated with the same service. This allows all related connections from a client to use a particular real server.

The options depend on the protocol you choose. You can choose from the following:

•FTP—Combines connections to FTP port 21.

•RTSP—Combines connections to Real Time Streaming Protocol (RTSP) TCP port 554.

•Termination—Enables TCP termination for DoS attack protection.

•Per-packet—Load balances each packet independently. This option is for non-TCP only.

Mask

Specify the virtual IP mask.

Advertise

Advertise Virtual IP

Select this to advertise the IP address of the virtual server as the host route.

Advertise only if reals are active

Select this to advertise only if real servers are active.

Policies

Click the Policies tab to add or delete policies.

Figure 2-4 Add Virtual Server > Policies Dialog Box

You have the following options:

•Click Add and select one of the following to associate policies to the virtual server:

–Select Policy—Allows you to select a policy from a list.

–Create Policy—Allows you to create a policy. For more information, see Adding Policies, page 7-5.

•Select a policy from the table and click Delete to remove policies from the virtual server.

•Click the Up button to move the policies up in the list.

•Click the Down button to move the policies down in the list.

Note Be sure to put the policies in the right order. Traffic is routed based on the order of the policies.

Default Policy

Click the Default Policy tab to add the default and backup server farms. You can configure a backup server farm to operate when a server farm is out of service.

To enable partial server farm failover, you can now define the threshold number of real servers to be out of service for the backup server farm to take over. You can also define the number of real servers to be in service for the server farm to be considered active.

Figure 2-5 Add Virtual Server > Default Policy Dialog Box

The following information appears:

Column

Action/Description

Default Server Farm

Click and select one of the following:

•Select Server Farm—Allows you to select one from a list of server farms.

•Create Server Farm—Allows you to create a server farm. For more information, see Adding Server Farms, page 5-5.

•Clear Server Farm—Allows you to clear the field.

Backup Server Farm

Server Farm

Click and select one of the following:

•Select Server Farm—Allows you to select a server farm from a list.

•Create Server Farm—Allows you to create a server farm. For more information, see Adding Server Farms, page 5-5.

•Clear Server Farm—Allows you to clear the field.

Sticky

Select this check box to enable the sticky property.

This ensures that multiple connections from the same client, that match the same SLB policy stick (or attach) to the same real server.

Threshold

Reals Inservice

The number of real servers to be in service for the server farm to be active.

Reals Out of Service

The number of real servers to be out of service for the backup server farm to take over.

Client Restriction

Click the Client Restriction tab to add details of the clients restricted to use the virtual server.

Figure 2-6 Add Virtual Server > Client Restriction Dialog Box

You have the following options:

•Click Add to create client restrictions for multiple clients.

•Click Edit to edit the client restrictions for multiple clients.

•Select a row in the table and click Delete to delete the selected client restriction.

When you click Add or Edit, the following columns appear:

Column

Description

IP Address

IP Address of the client.

Mask

Specify the type of IP mask. It can be from Class A, Class B, Class C, or Class D masks.

If it is not specified, the default for network mask is 255.255.255.255.

Exclude this Client

Select this check box to exclude traffic from this client.

Sticky Connections

Sticky connections are connections from a client that conform to an SLB policy. Sticky connections use the same real server for subsequent connections. To ensure that the CVDM-CSM changes its connections to the opposite direction and sends them back to the source, you can configure a reverse sticky group.

Click the Sticky Connections tab to add details.

Figure 2-7 Add Virtual Server > Sticky Connections Dialog Box

The following information appears:

Column

Description

Sticky Timer

Specifies the period of time (in minutes) that the sticky information is kept.

Mask

From the list, select, Class A, Class B, Class A, and Class D masks.

If it is not specified, the default for network mask is 255.255.255.255.

Sticky Group

Click and select one of the following:

•Select Sticky Group—Allows you to select a sticky group from a list.

•Create Sticky Group—Allows you to create a sticky group. For more information, see Adding a Sticky Group, page 9-6.

•Clear Sticky Group—Allows you to clear the field.

Reverse Sticky Group

Click and select one of the following:

•Select Sticky Group—Allows you to select from a list of sticky groups.

•Create Sticky Group—Allows you to create a sticky group. For more information, see Adding a Sticky Group, page 9-6.

•Clear Sticky Group—Allows you to clear the field.

SSL Sticky

You can stick an incoming SSL connection based only on the offset and length values of the SSL ID.

Offset

Enter the offset for the SSL ID.

Length

Enter the length of the SSL ID.

Other

Click the Other tab to configure performance, load, and traffic parameters. You can configure each virtual server with a pending connection timeout to terminate connections quickly if the switch becomes flooded with traffic.

Figure 2-8 Add Virtual Server > Other Dialog Box

The following information appears:

Column

Description

Performance/Load Parameters

Idle Timer

Enter the idle connection timer duration in seconds.

Pending Timeout

Enter the time (in seconds) to wait before a connection is considered unreachable.

Parse Length

Enter the maximum number of bytes to parse for URLs and cookies.

Maximum Connections

Enter the maximum number of connections to the real server.

URL Hash

Select this check box to enable URL hash load-balancing algorithm.

You can enable the Begin Pattern and End Pattern fields only if you select this check box.

For more information on URL Hashing, see Configuring URL Hashing, page 4-15.

Begin Pattern

Specify the beginning pattern of the URL to parse.

End Pattern

Specify the ending pattern of the URL to parse.

Connection/Traffic Parameters

Enable HTTP Persistence

Select this to enable or disable HTTP persistence for connections on the virtual server.

Enable Unidirectional Traffic

Select this to enable unidirectional traffic.

Field	Action/Description
Client VLAN
VLAN ID	Specify the ID of the client-side VLAN. You can create a new VLAN or choose from a list of available VLANs. Click and select one of the following: •Select VLAN—Allows you to select a VLAN from a list. If you choose local, CSM-S forwards the packets directly to the real server. •Create VLAN—Allows you to create a VLAN by entering the VLAN ID. •Clear VLAN—Allows you to clear the VLAN field.
IP Address	Enter the IP address of the client-side VLAN. You can configure only one management IP address per VLAN.
Alias	Click and select Add Alias. The Add Alias dialog box appears. Enter the alias IP address. You can add an alias IP address only after you add a valid IP address. You can configure up to 255 aliases per VLAN. When more than one alias IP address is listed, they will appear serially, separated by a comma.
Gateways	Click and select Add Gateways. The Add Gateways dialog box appears. From the list, select the gateway for the client-side VLAN. You can configure up to 7 gateways per VLAN, with a total of up to 255 gateways for the entire system. A gateway must be in the same network as specified in the IP address. When more than one gateway IP address is listed, they will appear serially, separated by a comma.
Static Routes	Specify the static route. When more than one static route is listed, they will appear serially, separated by a comma. Click and select Add Static Route to add a static route from a list. For more information on adding static routes, see Adding Static Routes.
Server VLAN	In bridge mode configuration, you can configure only VLAN ID. The IP address and mask have to be the same for both client-side and server-side VLANs.
VLAN ID	Specify the ID of the server-side VLAN. You can create a new VLAN or choose from a list of available VLANs. Click and select one of the following: •Select VLAN—Allows you to select a VLAN from a list. If you choose local, CSM-S directly forwards the packets to the real server. •Create VLAN—Allows you to create a VLAN by entering the VLAN ID. •Clear VLAN—Allows you to clear the VLAN field.
IP Address	(Disabled for bridge mode) Enter the IP address of the server-side VLAN. You can configure only one management IP address per VLAN.
Alias	(Only in route mode) Click and select Add Alias. The Add Alias dialog box appears. Enter the alias IP address. You can add an alias IP address only after you add a valid IP address. When more than one alias IP address is listed, they will appear serially, separated by a comma.
Mask	(Disabled for bridge mode) From the list, select the IP mask to be applied. You can choose from Class A, Class B, Class A and Class D masks. If it is not specified, the default for network mask is 255.255.255.255.
Gateways	(Only in route mode) Click and select Add Gateways. The Add Gateways dialog box appears. From the list, select the gateway for the server-side VLAN. You can configure up to seven gateways per VLAN, with a total of up to 255 gateways for the entire system. A gateway must be in the same network as specified in the IP address. When more than one gateway IP address is listed, they will appear serially, separated by a comma.
Static Routes	(Only in route mode) Specify the static route. When more than one static route is listed, they will appear serially, separated by a comma. Click and select Add Static Route to add a static route from a list. For more information on adding static routes, see Adding Static Routes.

Field	Description
Destination IP	Enter the IP address of the destination.
Mask	From the list, select the mask to be applied. You can choose from Class A, Class B, Class A and Class D masks. The default for network mask is 255.255.255.255.
Next Hop	Enter the IP address of the next hop.

Column	Description
Virtual Server	Click and select one of the following: •Select Virtual Server—Allows you to select a virtual server from a list. •Create Virtual Server—Allows you to create a virtual server by entering its name.
Virtual IP Address
IP Address	Enter the IP address of the virtual server.
Mask	Enter the mask for the IP address, to allow connections for the entire network. The default IP mask is 255.255.255.255.
Protocol	From the list, select the load-balancing protocol.
Allow Traffic from VLAN	From the list, select a VLAN to enable traffic from it.
Port	From the list, select the port. This field is enabled only when you choose TCP or UDP as the protocol.
Service Type	From the list, select the service type. You can combine connections associated with the same service. This allows all related connections from a client to use a particular real server. The options depend on the protocol you choose. You can choose from the following: •FTP—Combines connections to FTP port 21. •RTSP—Combines connections to Real Time Streaming Protocol (RTSP) TCP port 554. •Termination—Enables TCP termination for DoS attack protection. •Per-packet—Load balances each packet independently. This option is for non-TCP only.

Field	Description
Default Server Farm	Click and select one of the following: •Select Server Farm—Allows you to select a server farm from a list. •Create Server Farm—Allows you to create a server farm by entering its name.
Associated Real Servers
Real	The real server associated to the server farms.
Local	Indicates if this real server is the SSL card.
Minimum Connections	Minimum number of connections for the real server.
Maximum Connections	Maximum number of connections for the real server.
Weight	Weight assigned to the real server. The weight identifies the capacity of the real server compared to other real servers in the server farm.
Admin Status	Lets you know the administrative status of the real server.

Columns	Action/Description
Name	Enter the name of the virtual server.
Status	From the list, select the status of the virtual server.
VLAN ID	From the list, specify a VLAN for incoming traffic. •If you choose All, traffic from all VLANs is enabled. •If you choose Local, CSM-S directly forwards the packets to the real server.
Virtual IP Address
IP Address	Enter the IP Address of the virtual server.
Protocol	From the list, select the type of protocol to use. You can choose from Any, TCP, or UDP, or enter a number from 1 to 255.
Port	From the list, select the port number. This field is enabled only when you choose TCP or UDP.
Service Type	From the list, select the service type. You can combine connections associated with the same service. This allows all related connections from a client to use a particular real server. The options depend on the protocol you choose. You can choose from the following: •FTP—Combines connections to FTP port 21. •RTSP—Combines connections to Real Time Streaming Protocol (RTSP) TCP port 554. •Termination—Enables TCP termination for DoS attack protection. •Per-packet—Load balances each packet independently. This option is for non-TCP only.
Mask	Specify the virtual IP mask.
Advertise
Advertise Virtual IP	Select this to advertise the IP address of the virtual server as the host route.
Advertise only if reals are active	Select this to advertise only if real servers are active.

Column	Action/Description
Default Server Farm	Click and select one of the following: •Select Server Farm—Allows you to select one from a list of server farms. •Create Server Farm—Allows you to create a server farm. For more information, see Adding Server Farms, page 5-5. •Clear Server Farm—Allows you to clear the field.
Backup Server Farm
Server Farm	Click and select one of the following: •Select Server Farm—Allows you to select a server farm from a list. •Create Server Farm—Allows you to create a server farm. For more information, see Adding Server Farms, page 5-5. •Clear Server Farm—Allows you to clear the field.
Sticky	Select this check box to enable the sticky property. This ensures that multiple connections from the same client, that match the same SLB policy stick (or attach) to the same real server.
Threshold
Reals Inservice	The number of real servers to be in service for the server farm to be active.
Reals Out of Service	The number of real servers to be out of service for the backup server farm to take over.

Column	Description
IP Address	IP Address of the client.
Mask	Specify the type of IP mask. It can be from Class A, Class B, Class C, or Class D masks. If it is not specified, the default for network mask is 255.255.255.255.
Exclude this Client	Select this check box to exclude traffic from this client.

Column	Description
Sticky Timer	Specifies the period of time (in minutes) that the sticky information is kept.
Mask	From the list, select, Class A, Class B, Class A, and Class D masks. If it is not specified, the default for network mask is 255.255.255.255.
Sticky Group	Click and select one of the following: •Select Sticky Group—Allows you to select a sticky group from a list. •Create Sticky Group—Allows you to create a sticky group. For more information, see Adding a Sticky Group, page 9-6. •Clear Sticky Group—Allows you to clear the field.
Reverse Sticky Group	Click and select one of the following: •Select Sticky Group—Allows you to select from a list of sticky groups. •Create Sticky Group—Allows you to create a sticky group. For more information, see Adding a Sticky Group, page 9-6. •Clear Sticky Group—Allows you to clear the field.
SSL Sticky	You can stick an incoming SSL connection based only on the offset and length values of the SSL ID.
Offset	Enter the offset for the SSL ID.
Length	Enter the length of the SSL ID.

Column	Description
Performance/Load Parameters
Idle Timer	Enter the idle connection timer duration in seconds.
Pending Timeout	Enter the time (in seconds) to wait before a connection is considered unreachable.
Parse Length	Enter the maximum number of bytes to parse for URLs and cookies.
Maximum Connections	Enter the maximum number of connections to the real server.
URL Hash	Select this check box to enable URL hash load-balancing algorithm. You can enable the Begin Pattern and End Pattern fields only if you select this check box. For more information on URL Hashing, see Configuring URL Hashing, page 4-15.
Begin Pattern	Specify the beginning pattern of the URL to parse.
End Pattern	Specify the ending pattern of the URL to parse.
Connection/Traffic Parameters
Enable HTTP Persistence	Select this to enable or disable HTTP persistence for connections on the virtual server.
Enable Unidirectional Traffic	Select this to enable unidirectional traffic.