Table of Contents
Table of Contents······························································································································ i
Packing List····································································································································iii
Main Components···························································································································· 1
Front View··································································································································· 1
Rear View···································································································································· 2
WebMux™ Overview······················································································································· 3
Key Features······························································································································· 3
The WebMux™ Family ··············································································································· 5
Network Overview······················································································································· 7
Sample Configurations···················································································································· 9
Single WebMux™························································································································ 9
Redundant Installation·············································································································· 11
Installation without IP Address Change··················································································· 13
Configuring the WebMux ·············································································································· 15
Before you Start ························································································································ 15
Hardware Setup --- Collect Information··················································································· 16
Hardware Setup ---Setup the new network ··············································································· 16
Hardware Setup ---Configuration Summary············································································· 17
Initial Configuration······················································································································ 17
NAT Mode Related Configuration ···························································································· 18
Out-of-Path Related Configuration··························································································· 20
NAT and Out-of-Path Common Configuration········································································· 20
What if I made mistake in my configuration? ··········································································· 23
Management Console···················································································································· 24
Login········································································································································· 24
Main Management Console ······································································································ 26
SSL Keys···································································································································· 27
Administration Set Up··············································································································· 33
Change Browser Login Password: ··························································································· 39
Set Clock:·································································································································· 41
Upload/Download····················································································································· 43
Add Farm ·································································································································· 44
i
Modify Farm ····························································································································· 49
Add Server: ······························································································································· 51
Modify Server···························································································································· 54
Initial setup change Through Browser······················································································ 56
Initial Configuration Worksheets·································································································· 58
Sample Configuration Worksheets ································································································ 59
Contact Information······················································································································ 63
FAQs·············································································································································· 64
Regulations···································································································································· 67
Appendix 1 – How to Add A Loopback Adapter············································································ 68
Appendix 2 - How to make route delete reboot persistent····························································· 70
Appendix 3 - Phone Paging Codes································································································ 71
Appendix 4 – Virtual Hosting Issues····························································································· 73
Appendix 5 – Sample Custom CGI Code······················································································· 74
Appendix 6 – Access CLI Commands···························································································· 75
Appendix 7 – Extended Regular Expressions················································································ 76
Index·············································································································································· 77
ii
Packing List
• One (1) WebMux™ unit
• One (1) Power cord
• One (1) User Manual
• One (1) Warranty registration card
iii
iv
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Main Components
Front View
Toggle Power Switch
This switch toggles power on and off. To power off, the switch must be pressed
and held for 5 seconds.
Reset Button
Press and release the reset button to reset the WebMux™. This process may
take several minutes to complete.
Up Arrow Button, Down Arrow Button
When each button is pressed, the value on the cursor location increases or
decreases. It goes through lower case letters, upper case letters, numbers and
symbols. When the cursor is located at the left most position on the LCD, the up
and down arrow allows the user to select a different item to setup.
Left Arrow Button and Right Arrow Button
When each button is pressed, the cursor moves to the left and right.
Check Mark Button, and Cross Button
Check Mark Button confirms the selection, Cross Button cancels the selection. At
any time when the system is running holding down to the Check Mark Button will
invoke the configuration menu, where you can change IP addresses and other
settings.
Copyright© 1997-2006 CAI Networks, Inc.
1
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Rear View
Server LAN Port
Connect this port to the Server LAN switch or hub. This port connects to the
servers and your local computers. It is the right most RJ45 socket. In Out-of Path
configuration, this is the only Ethernet cable to be connected.
Backup WebMux™ Port
Optionally, you may connect another WebMux™ to this port so that you can have
redundancy. If you have more than one WebMux™, you can connect them using
a cross over cable, or a regular cable with a hub.
Router LAN Port
Connect this port to the Router LAN switch or hub. In most situations, this port
connects to the Internet side network in NAT mode. It is the left most RJ45
Socket.
PLEASE NOTE: The Router LAN and Server LAN port are not interchangeable.
External Modem Connect Port
To utilize the phone pager function of the WebMux™, please connect the
external modem to this port. In some cases, if you prefer support engineers to
not use diagnostic ports over the Internet, our support engineers can also
connect through the modem to assist you with setup issues. A US Robotics
V.Everything modem is required: US Robotics part number 3CP3453. Modem dip
switch has 3, 8, and 10 down, rest up. A standard external modem cable is also
needed. Check with your modem supplier for the cable.
Power Switch
This switches the WebMux™ on and off. When in the "off" position, the front
panel power switch is disabled.
Power Cord
Please use the supplied power cord to connect the WebMux™ to the power
source. 1U WebMux™ has a 115V/230V AC universal power supply.
Copyright© 1997-2006 CAI Networks, Inc.
2
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
WebMux™ Overview
Key Features
The WebMux™ is a standalone network appliance designed primarily to load
balance IP traffic to multiple servers. The WebMux™ includes the following key
features.
• Improves performance by distributing the traffic for a site or domain
among multiple servers. No one server will be bogged down trying to
service a particular site.
• SSL Termination to reduce the cost of multiple certificates.
• Provides high availability by tracking which servers are functioning
properly and which servers are out of service. If a server unexpectedly
goes down, the WebMux™ will automatically re-direct the traffic to other
servers, or will bring a standby or backup server online to service the
traffic. The WebMux™ does application level health check to many
network protocols on servers.
• Provides Persistent Connections by memorizing the user browser
session and the server session and sending the same user to the same
server. This is important for sites using shopping cart and dynamically
generated pages, like BroadVision, ASP and JSP sites.
• Provides fault tolerance. This installation requires two WebMuxes, a
primary and a secondary. The two WebMuxes will automatically sync the
configuration datum.
• Easy management. It can be managed via a secured web browser
session from anywhere in the world. By using https 128 bit encryption to
the management web console, secure remote management of server
farms is truly possible.
• Operating System independent. No software or agent to load on the
servers. Non-intrusive load/failure detection and management.
• Provides Proxy function. When communication is initiated from behind
the WebMux™, the WebMux™ will substitute its own address for the
internal address. This allows the web servers to initiate communication for
Copyright© 1997-2006 CAI Networks, Inc.
3
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
services such as credit card validation and mapping services. (Note: this
function only works in NAT mode).
• Built-in Firewall Protections. Stop possible hacker intrusion into your
network from Internet. All IP addresses and ports are blocked except the
farm IP address. Built-in functions will detect any possible denial of service
attack and make your services always available. (Note: this function only
works in NAT mode with “Forwarding Deny”, see setup for details).
• In-Path or Out-of-Path Load Balancing. In normal setup, the WebMux™
can be configured In-Path, to act as firewall in addition to the load balancer
and health checker. However, if outbound traffic is much larger than
inbound traffic and you already have a firewall in place, or change of IP
address causes problems, consider using Out-of-Path configuration. Outof-Path load balancing is also called direct routing, or one leg operation.
• Layer 7 Load Balancing. WebMux™ can direct traffic to specific groups
of servers within a farm according to a match pattern in HTTP MIME
header. This allows you, for example, to group servers that serve only a
specific type of content while serving other types of content on another
group of servers. WebMux™ Layer 7 load balancing also includes URI
load directing with host name MIME header matching and cookies in order
to memorize the user browser session and the server session and send the
same user to the same server. This is important for sites using shopping
cart and dynamically generated pages.
• Informs you of the status of your network. It provides phone pager
and email notification so that the network administrator can be paged or
emailed whenever a server or WebMux™ goes down, and when it returns
online. This feature could reduce server room night shift operator costs, or
timely repair should the server goes down unexpectedly.
Copyright© 1997-2006 CAI Networks, Inc.
4
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
The WebMux™ Family
The 1U WebMux™ family consists of three models. They are:
• The WebMux™ 480S
• The WebMux™ 580SG
• The WebMux™ 680SP
The table below compares the features of the models.
Model Number: 480S 580SG 680SP
Speeds:
Copper Ethernet Speed 10/100 10/100/1000 10/100/1000
MAX. SSL Termination 1024
RSA Transaction/S
Max SSL Terminated connection 5,000 10,000 20,000
Max Active SSL Certificates 16 16 16
Balancing Method:
Round-Robin Yes Yes Yes
Persistent Round-Robin Yes Yes Yes
Weighted Round-robin Yes Yes Yes
Persistent Weighted Round-
robin
Least Connections Yes Yes Yes
Persistent Least Connections Yes Yes Yes
Weighted Least Connections Yes Yes Yes
Persistent Weighted Least
Connections
Weighted Fast Response Yes Yes Yes
Persistent Weighted Fast
Response
Layer 7 URI load directing Yes Yes Yes
Layer 7 URI load directing with
host name MIME header
matching and cookies
Layer 7 hashed URI load
directing
Fault Tolerance:
120 200 2000
Yes Yes Yes
Yes Yes Yes
Yes Yes Yes
Yes Yes Yes
Yes Yes Yes
Diskless Design Yes Yes Yes
Port aggregation Yes Yes Yes
Failover via Ethernet Yes Yes Yes
Service aware Yes Yes Yes
Server aware Yes Yes Yes
Backup server Yes Yes Yes
Copyright© 1997-2006 CAI Networks, Inc.
5
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Performance:
Maximum concurrent
connections
Maximum New Connections/S 7,000 40,000 50,000
Maximum throughput per second 200 MBit/s 1 GBit/s 2 Gbit/s
Maximum Internet Link Speed 2 X T3 1.5 X OC-12 1.5 X OC-12
Management:
Secure web browser access Yes Yes Yes
In service/Not in service Yes Yes Yes
Page alarms (ext modem req) Yes Yes Yes
Email Notification Yes Yes Yes
Configuration access Yes Yes Yes
Remote telnet access Yes Yes Yes
Persistent connections Yes Yes Yes
Port mapping Yes Yes Yes
Port-specific services Yes Yes Yes
Security Features
Network Address Translation Yes Yes Yes
Network Port Translation Yes Yes Yes
TCP SYN protection Yes Yes Yes
TCP DoS protection Yes Yes Yes
SSL support Yes Yes Yes
Device Support:
Maximum virtual farms 500 Unlimited Unlimited
Maximum real servers 65,532 65,532 65,532
Device's role in the network IP router IP router IP router
UDP-based service support Yes Yes Yes
Misc.
Overnight Exchange Unit Service Contract ServiceContract ServiceContract
Free Email/Phone Support Three Years Three Years Three Years
Warranty on Hardware/Firmware Three Years Three Years Three Years
Power Consumption 120W 200W 350W
115VAC Current 2.5A 3.5A 5A
Heat Production 350BTU/H 550BTU/H 800BTU/H
1,440,000 2,880,000 5,760,000
Power and Cooling Requirement
95 – 130VAC or 195-235VAC at 50-60Hz universal input power required.
Absolute operating temperature range is 0-40C. Recommended operation
ambient temperature should not to exceed 30C.
Copyright© 1997-2006 CAI Networks, Inc.
6
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Network Overview
The WebMux™ has two modes, In-Path, or NAT (Network Address Translation)
and Out-of-Path (Direct Routing) mode. Each mode has its advantage and
disadvantages. Lets look the NAT mode first.
The main purpose of the WebMux™ is to balance the traffic among multiple web
or other servers. The diagram above shows an NAT installation with two
WebMuxes. In this configuration, one WebMux™ is serving as the primary, and
the other is serving as the secondary, or backup, providing a fault tolerant
solution.
In order for the web servers to share the incoming traffic, the WebMux™ must be
connected to the network. There are two interfaces on the WebMux™. One
interface connects to the Router LAN. This is the network to which the Internet
router is connected. The other interface is connected to the Server LAN. This
network connects all the web servers. The WebMux™ routes traffic between
these two networks.
Next, a Virtual Farm or multiple farms must be configured on the WebMux™. A
virtual farm is a single representation of the servers to the clients. A farm consists
Copyright© 1997-2006 CAI Networks, Inc.
7
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
of a group of servers that service the same domain, website or services. For
example, to configure a farm (or virtual farm) to serve www.cainetworks.com:
• First, Server 1 and Server 2 would each need the website
www.cainetworks.com configured on them and HTTP/HTTPS services
started, and
• Second, a farm on the WebMux™ is defined with Server 1 and Server 2 in
it. The servers would be setup to either share the traffic, or setup as a
primary server and standby server. In either case, if Server 1 goes down,
then all traffic will be automatically directed to Server 2 by the WebMux™.
In Out-of-Path mode, only one network in the setup, that is the server LAN, is
connected to the Internet through the firewall and router. Internet traffic or local
connections can both be directly sent to the WebMux™, which routes the
packets to the proper server(s), then the server routes the return traffic back to
the remote or local clients directly.
In most situations, the incoming traffic is in small requests, and return traffic from
servers back to clients is large amount of data, pictures, or documents. Using
direct routing will allow up to 100 times more traffic to be handled by the
WebMux™ load balancer. The disadvantage for direct routing is that the firewall
protections built-in to the WebMux™ will no longer function. Users then must
provide their own firewall for incoming and outgoing traffic.
Copyright© 1997-2006 CAI Networks, Inc.
8
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Sample Configurations
Single WebMux™
This installation requires one WebMux™.
•
• One WebMux™ interface connects to the Router LAN. The other
interface connects to the Server LAN.
Copyright© 1997-2006 CAI Networks, Inc.
9
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
• The WebMux™ translates the Internet addresses to an internal non-
routable class-C address. In this example, the netmask is 255.555.255.0.
The IP address of the WebMux™ interface attached to the Server LAN is
192.168.199.251.
• The Default Gateway for all the servers is 192.168.199.1.
• Farm 1 IP address is 205.133.156.200. Servers 1 and 2 serve Farm 1.
• Farm 2 IP address is 205.133.156.210. Servers 2 and 3 serve Farm 2.
• Changes to the server: change the default gateway to 192.168.199.1, as
well as the IP address to the 192.168.199.xxx address. If on the server
there is a service attached to the IP address (HTTP/S, FTP, etc), please
make sure the service will run on the new IP address.
NOTE: Although the WebMux™ can work with any IP address range, all server IP addresses
should be Internet non-routable address so that the source address from the Internet does not
conflict with the IP addresses on the Server LAN.
NOTE: If there is a firewall between the WebMux™ and the Internet Router, a rule must be
defined in the firewall to allow the IP address of the WebMux™ interface on the Router LAN along
with the farm IP address to communicate out to the Internet on all ports. If you are doing Network
Address Translation of the farm address to a non-routable address, then both the farm address
and the WebMux™ interface address must be translated to communicate outbound on all ports.
Copyright© 1997-2006 CAI Networks, Inc.
10
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Redundant Installation
The installation requires two WebMuxes. One will be the primary, and the
•
other the secondary. They connect together with the Ethernet cable that
is either cross-over or through a hub. The primary redundant interface IP
address is 192.168.255.253; the secondary redundant interface IP
address is 192.168.255.254. They can not be changed.
• Both WebMuxes connect to the Router LAN, and to the Server LAN. Each
WebMux™ interface has a unique IP address.
Copyright© 1997-2006 CAI Networks, Inc.
11
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
• The registered Internet IP address range is a class C address range. The
IP address of the WebMuxes’ Virtual Farms must be in the same network
range as the Internet router.
• The WebMux™ translates the Internet addresses to an internal non-
routable class A address. In this example, the subnet-mask is 255.0.0.0.
The IP address of the WebMux™ interfaces attached to the Server LAN
are 10.1.1.10 and 10.1.1.20.
• The Default Gateway for all the servers is 10.1.1.1.
• Farm 1 IP address is 205.133.156.200.
• Servers 1 and 2 serve Farm 1.
• Farm 2 IP address is 205.133.156.210.
• Servers 2 and 3 serve Farm 2.
• Changes to the servers: change default the gateway to 10.1.1.1, as well
as the IP addresses to the 10.3.1.10/20/30 addresses. If on the server
there is a service attached to the IP address (HTTP/S, FTP, etc), please
make sure the service will run on the new IP address.
NOTE: Although the WebMux™ can work with any IP address range, all server IP addresses
should be Internet non-routable address so that the source address from the Internet does
not conflict with the IP addresses on the Server LAN.
NOTE: If there is a firewall between the WebMux™ and the Internet Router, a rule must be
defined in the firewall to allow the IP address of the WebMux™ interfaces on the Router LAN
in addition to the farm IP address (could be same as the WebMux™ Router LAN IP address)
to communicate out to the Internet on all ports. Since the WebMux™ doing Network Address
Translation of the farm address to a non-routable address, the farm addresses on the
WebMux™ interface must communicate outbound on all ports defined in the farms.
Copyright© 1997-2006 CAI Networks, Inc.
12
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Installation without IP Address Change
Out-of-Path Mode:
The above diagram is an example about how to configure the WebMux™ in outof-path mode without changing the IP addresses of the web servers and other
servers that already exist on the network. This is particularly helpful when the
changing of an existing network of servers causes problems.
In this configuration, all the servers still remain on the same IP network and can
communicate. From the servers “view”, the WebMux™ is on the same network
as the servers. On the WebMux™, only the server LAN cable is connected,
since there is only one network in direct routing mode. The WebMux™ takes at
least two IP addresses to work in this mode, server LAN Interface IP address and
farm IP address.
Copyright© 1997-2006 CAI Networks, Inc.
13
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Out-of-path mode also allows two WebMuxes to fully backup each other. The two
WebMuxes are connected to each other through a cross-over Ethernet cable.
Two simple changes must be made to each server in the farm. 1) Have a new
loopback adapter installed and have its address set to the farm address. Do not
set the gateway on the loopback adapter. Please refer to Appendix 1 and
Appendix 2 for how to configure a loopback adapter, as well as how to remove
the route from the servers. Please note for Out-of-Path to work properly, the
loopback adapter must route the return traffic through the real network
interface. In other words, the loopback adapter cannot have the gateway
specified. Please refer to Appendix 1 and 2 for more details on how to
configure the loopback adapter on servers. In case the server is running
Windows 2003, the route created during adding loopback adapter cannot
be deleted; please make sure the loopback adapter has much higher metric.
2) If your service is bind to any specific IP address, add the loopback adapter’s
IP address to that service.
The firewall configuration must be changed to point to the new farm address on
the WebMux™. Since the WebMux™ always uses one IP address in the server
LAN, the farm address must be a different IP address in the server LAN in Outof-Path mode.
NOTE: Under normal Out-of-Path operations, you will only need to set the external gateway IP
address for the WebMux™. However, if you are going to have the WebMux™ do SSL
termination or Layer 7 load balancing, you must set a server LAN gateway IP in the WebMux™
and have the servers’ default gateway point to that IP address.
Copyright© 1997-2006 CAI Networks, Inc.
14
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Configuring the WebMux™
Before you Start
Please collect the information about names and IP addresses designated by the
arrows in the network topology below.
Network Terminology
A Virtual Farm includes the WebMux™ setup and the servers under it.
Functionally, it acts as a single unit on a network. For example,
http://www.cainetworks.com is one virtual server farm;
https://www.cainetworks.com is another farm, and ftp://ftp.cainetworks.com is the
third farm. The first farm works on a set of servers on port 80, the second farm
consists of another set of servers on port 443, and the third farm works on a set
of servers on port 21. Please note that the WebMux™ does support combining
80/443 ports as one single farm, so that same client browsing the site in HTTP
mode will be send to the same server for HTTPS requests. In the combined
mode, ports 80/443 will be combined into one farm.
Copyright© 1997-2006 CAI Networks, Inc.
15
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
To serve the Internet, there must be at least one Internet Router. This local
area network that connects the router and the WebMux™ is called the Router
LAN. In this LAN, the WebMux™ takes the Internet traffic and distributes it to
the servers behind it. The LAN connecting the WebMux™ and real servers
together is called Server LAN.
In NAT mode, only the WebMux™ boxes are connected to both Router LAN and
Server LAN. At least one WebMux™ is needed to define the Router LAN and
the Server LAN.
The side of the WebMux™ that connects to the Router LAN is to send and
receive all the IP packets from the router to the Internet. The side of the
WebMux™ that connects to the Server LAN is to send and receive IP packets to
and from the servers in the farms. By properly configuring the WebMux™, one
can create one or more Virtual Farms on top of physical hardware.
Hardware Setup --- Collect Information
• Make a drawing of the existing network and note all the configuration
settings. This will help you to fall back to the existing configurations if
needed.
• Make a new drawing for the new setup with the WebMux™ and the web
farm in place. This will be used as a guide for setup and preparation of all
the necessary material and equipment.
• Collect all the IP addresses, their network masks, network addresses, and
broadcast addresses for the Server LAN and Router LAN WebMux™
interfaces. The IP address of the Internet router is also needed.
• Label all the cables. Prepare additional cables if needed.
• Make sure there are enough electrical or UPS outlets for all the new
equipment.
Hardware Setup ---Setup the new network
• Power down all the devices on the network.
• If you have a secondary WebMux™, connect the WebMuxes with a cross-
over Ethernet cable.
• Connect the servers to the Server LAN
• Connect the WebMux™(es) to the Server LAN
• Connect the WebMux™(es) to the Router LAN (NAT mode only).
Copyright© 1997-2006 CAI Networks, Inc.
16
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
• Power up all devices in the network.
• Verify that all the devices are up and running.
• You are now ready to configure WebMux™.
Hardware Setup ---Configuration Summary
CAUTION: Do not proceed without collecting all necessary information.
• Turn on the WebMux™. Turn on the switch on the back of the WebMux™
and push the power-on button in the front momentarily. You will see the
version number like this:
•
After self-test, hold down the Check-Mark button on the WebMux™ until
the LCD displays the first question – “Enter WebMux™ host name”.
During the initial configuration, you will be asked to provide names and IP
•
addresses. (See next section.) Each item is explained in the order it is
asked.
Answer the questions. Reboot. Note: When reboot is complete, the
•
service statistics screen will appear.
Run the Management Browser.
•
Initial Configuration
Enter WebMux™ Host Name:
Enter the host name of the WebMux™. Use the right arrow to move the position,
the up and down arrows to select characters, left arrow to move back in position,
check mark button to confirm the change. This host name is for identification
purposes. You may call it webmux1, webmux2, etc. (Trick to enter name
Copyright© 1997-2006 CAI Networks, Inc.
17
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
quickly: If you hold down the up/down button for more than a second, the letter
will start changing quickly.) Note the left most down arrow on the LCD allows the
user to skip certain entries.
Enter WebMux™ Domain Name:
This is for identification only; no effect for network operation. Although it can be
any name, we suggest using the primary domain name of the Router LAN
network. If you have only one domain, use that domain name. Note the left most
position on the LCD has changed to an up and down arrow, allowing the user to
go back and forth for questions and answers.
Choose NAT mode or Out-of-Path Mode:
This is where to choose NAT (Network Address Translation) or Out-of-Path mode.
“*” is a default or selected option. Network address translation provides
protection to the servers; it can handle large amounts of data as noted in the
specification. It provides the best security for isolating servers from any other
part of the networks. Out-of-Path provides better performance when huge
amounts of data need to go back to clients (up to 100X more than on the
specification chart); it also does not require a change to the server IP address. If
choosing NAT, continue to the next setting; otherwise, skip next few settings and
go to direct routing. If answer NO here, please continue setup referring to page
20, the Out-of-Path Related Configuration section.
NAT Mode Related Configuration
Enter Router LAN WebMux™ Proxy IP Address:
This is the IP address that the WebMux™ uses as the external IP address when
it functions as a proxy. This IP address can be used to setup the first farm.
When any server behind the WebMux™ (on the Server LAN) initiates
communication with another host, the WebMux™ substitutes the servers’ IP
address with this address. (This is true for all services, except FTP services,
which use the FTP farm IP address for passive FTP connection). For redundant
setup, secondary WebMux™ uses the same IP address for this entry as the
primary one. This address floats between primary and secondary WebMuxes.
Copyright© 1997-2006 CAI Networks, Inc.
18
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
Enter Router LAN Network IP Address Mask:
This is the network mask of the Router LAN network. It is usually 255.255.255.0
for class C networks.
Enter Server LAN WebMux™ IP Address:
This is the IP address of the WebMux™ interface that connects to the Server
LAN. This IP address must also be unique for each WebMux™. This address
must be different from the server LAN gateway address. The purpose of this IP
address is to allow WebMux™ to check the network and server health situation.
Even for the backup WebMux™, this address must be unique. It is highly
recommended to add this IP address to your servers /etc/hosts file, along with
the gateway IP address, to allow faster name resolution, especially on
Linux/Unix.
In an installation with a primary and secondary WebMux™, one unique IP
address is required for each WebMux™ interface that connects to the Server
LAN. Those two unique IP addresses are in addition to the gateway IP address
that is floating between the primary and secondary WebMux™.
These IP addresses cannot be your Internet registered addresses. They must be
Internet non-routable. For example, you can assign addresses in a 10.0.0.0
network address range, or a 192.168.199.0, etc.
Enter Server LAN Network IP Address Mask:
This is the network mask of the Server LAN. For a class A network, it may be
255.0.0.0. For a class C network, it may be 255.255.255.0.
Enter Server LAN Gateway IP address:
This IP address will be the Default Gateway entry for all the servers on the
Server LAN. In an installation with two WebMuxes, if a gateway IP address of
10.1.1.1 is used, this address will ‘float’ between the primary and secondary
Copyright© 1997-2006 CAI Networks, Inc.
19
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
WebMux™. If the Primary went down, the 10.1.1.1 address will float to the
backup.
In the single WebMux™ setup, this address CANNOT be the same as the
WebMux™ IP interface address on the Server LAN. For the NAT setup, please
continue to the Common Configuration section on the next page.
Out-of-Path Related Configuration
Enter Server LAN WebMux™ IP Address:
This is the IP address of the WebMux™ interface that connects to the Server
LAN. This IP address must also be unique for each WebMux™. The purpose of
this IP address is to allow the WebMux™ to check the network and server health.
Even for the backup WebMux™, this address must be unique. It is highly
recommended to add this IP address to your servers /etc/hosts file, along with
the gateway IP address, to allow faster name resolution, especially on
Linux/Unix. Please also refer to Appendix for adding loopback to servers.
In an installation with a primary and secondary WebMux™, one unique IP
address is required for each WebMux™ interface that connects to the Server
LAN. Those two unique IP addresses are in addition to the farm IP address that
is floating between the primary and secondary WebMux™.
Enter Server LAN Network IP Address Mask:
This is the network mask of the Server LAN. For a class A network, it may be
255.0.0.0. For a class C network, it may be 255.255.255.0.
Enter Server LAN Gateway IP address (optional):
This is an optional configuration that is used only if you are going to do SSL
termination or Layer 7 load balancing.
NAT and Out-of-Path Common Configuration
Enter External Gateway:
Copyright© 1997-2006 CAI Networks, Inc.
20
The WebMux™ Model 480S, 580SG, and 680PG User Guide – Version 7.0.x
This is the common setup for both NAT and Out-of-Path modes. This is an
address on the firewall or router local interface. In NAT mode, the WebMux™
needs to know this to route the server replies back to the clients. Although in Outof-Path mode this is not being used to route return traffic back to the Internet
clients, the WebMux™ does check the connectivity to the incoming side on this
gateway or through this gateway to the ISP side routers. In SSL termination or
Layer 7 load balancing, servers need to route traffic back to the WebMux™ via
the server LAN gateway (previously mentioned). The WebMux™ then forwards it
to the client.
Is this a Primary WebMux™?
If this is the Primary, answer Yes. If this is the Secondary WebMux™, answer
No.
The secondary WebMux™ automatically gets configuration information from the
Primary once it sets up. If this is the only WebMux™, answer Yes.
Primary WebMux™ Information
This question is not asked for the Secondary WebMux™.
Is this WebMux™ running solo without a backup WebMux™?
If the Primary WebMux™ is running in a standalone configuration (see sample
configuration – Standalone WebMux™.), answer Yes. If you plan to add 2nd
WebMux™ later, you may answer no.
Clear Allowed Host File?
Allowed host file prevents any unauthorized access to the WebMux™
Management Console. If a workstation’s IP address is not in the allowed host
file, that computer will not be able to reach the WebMux™ management console
through the network. However, sometimes a wrong IP address is entered so that
no computer can access the browser management console. At that point,
clearing the allowed host file will allow any browser to access it. By default, the
Copyright© 1997-2006 CAI Networks, Inc.
21
Loading...