IMPORTANT NOTICE
This guide is delivered subject to the following conditions and restrictions: Copyright Radware Ltd. 2002. All rights reserved. The copyright and all other intellectual property rights and trade secrets included in this guide are owned by Radware Ltd. The guide is provided to Radware customers for the sole purpose of obtaining information with respect to the installation and use of the WSD, and may not be used for any other purpose. The information contained in this guide is proprietary to Radware and must be kept in strict confidence. It is strictly forbidden to copy, duplicate, reproduce or disclose this guide or any part thereof without the prior written consent of Radware.
SAFETY INSTRUCTIONS
CAUTION Due to the risks of electrical shock, and energy, mechanical, and fire hazards, any procedures that involve opening panels or changing components must be performed by qualified service personnel only. To reduce the risk of fire and electrical shock, disconnect the instrument from the power line before removing cover or panels. SERVICING Do not perform any servicing other than that contained in the operating instructions unless you are qualified to do so. There are no user-serviceable parts inside the unit chassis. HIGH VOLTAGE Any adjustment, maintenance, and repair of the opened instrument under voltage should be avoided as much as possible and, when inevitable, should be carried out only by a skilled person who is aware of the hazard involved. Capacitors inside the instrument may still be charged even if the instrument has been disconnected from its source of supply. GROUNDING Before connecting this instrument to the power line, the protective earth terminals of this instrument must be connected to the protective conductor of the (mains) power cord. The mains plug should only be inserted in a socket outlet provided with a protective earth contact. Do not use an extension cord (power cable) without a protective conductor (grounding).
III
Safety Instructions
FUSES Make sure that only fuses with the required rated current and of the specified type are used for replacement. The use of repaired fuses and the short-circuiting of fuse holders must be avoided. Whenever it is likely that the protection offered by fuses has been impaired, the instrument must be made inoperative and be secured against any unintended operation. LINE VOLTAGE Before connecting this instrument to the power line, make sure the voltage of the power source matches the requirements of the instrument. Refer to the Specifications for information about the correct power rating for the device. TRADEMARKS WSD and Configware are trade names of Radware Ltd. This document contains trademarks registered by their respective companies. SPECIFICATION CHANGES Specifications are subject to change without notice.
NOTE: This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules and EN55022 Class A, EN 50082-1 For CE MARK Compliance. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense.
WSD/DC, WSD-PRO/DC, WSD-DS/DC, WSD-NP/DC If you purchased one of these devices, make note of the following additional instructions. RESTRICT AREA ACCESS This device should only be installed in a restricted access area.
IV
Safety Instructions
INSTALLATION CODES This device must be installed in accordance with the National Electrical Code, Articles 110-16, 110-17, and 110-18 and the Canadian Electrical Code, Section 12. OVERCURRENT PROTECTION A readily accessible listed branch-circuit over current protective device 20 A must be incorporated in the building wiring. Caution - To Reduce the Risk of Electrical Shock and Fire 1. All servicing should be undertaken only by qualified service personnel. There are not user serviceable parts inside the unit. 2. DO NOT plug in, turn on or attempt to operate an obviously damaged unit. 3. Ensure that the chassis ventilation openings in the unit are NOT BLOCKED. 4. Replace a blown fuse ONLY with the same type and rating as is marked on the safety label adjacent to the power inlet, housing the fuse. 5. DO NOT operate the unit in a location where the maximum ambient temperature exceeds 40 degrees C. 6. Be sure to unplug the power supply cord from the wall socket BEFORE attempting to remove and/or check the main power fuse. Attention: Pour Reduire Les Risques d'Electrocution et d'Incendie 1. Toutes les oprations d'entretien seront effectues UNIQUEMENT par du personnel d'entretien qualifi. Aucun composant ne peut tre entretenu ou remplac par l'utilisateur. 2. NE PAS connecter, mettre sous tension ou essayer d'utiliser un ensemble qui est dfectueux de manire vidente. 3. Assurez vous que les ouvertures de ventilation du chssis NE SONT PAS OBSTRUEES. 4. Remplacez un fusible qui a saut, SEULEMENT par un fusible du mme type et de mme capacit, comme indiqu sur l'tiquette de scurit proche de l'entre de l'alimentation qui contient le fusible. 5. NE PAS UTILISER l'quipement dans des locaux dont la temprature maximale dpasse 40C.
Safety Instructions
6. Assurez vous que le cordon d'alimentation a t dconnect AVANT d'essayer de l'enlever et / ou vrifier le fusible de l'alimentation gnrale. Manahmen zum Schutz vor elektrischem Schock und Feuer 1. Alle Wartungsarbeiten sollten ausschlielich von geschultem Wartungspersonal durchgefuhrt werden. Keine im Gert befindlichen Teile durfen vom Benutzer gewartet werden. 2. Offensichtlich defekte oder beschdigte Gerte durfen nicht angeschlossen, eingeschaltet oder in Betrieb genommen werden. 3. Stellen Sie sicher, dass die Beluftungsschlitze am Gert nicht blockiert sind. 4. Ersetzen Sie eine defekte Sicherung ausschlielich mit Sicherungen laut Sicherheitsbeschriftung. 5. Betreiben Sie das Gert nicht in Rumen mit Temperaturen uber 40C. 6. Trennen Sie das Netzkabel von der Steckdose bevor Sie die Hauptsicherung prufen oder austauschen.
VI
VII
CONTENTS
Chapter 1 - Introducing WSD Chapter 2 - Installing WSD
Checking the Contents Mounting the Device Connecting WSD to Your Network
AC Power Connection ASCII Terminal (Serial) Connection LAN Connections
1-1 2-1
2-2 2-2 2-3
2-3 2-3 2-4
2-5 2-9
2-9 2-9 2-9 2-9 2-10 2-10
2-11
IX
Table of Contents
3-1
3-2
3-2 3-2 3-2 3-3
Step Step Step Step Step Step Step Step Step Step
1: Global Parameters 2: Interfaces 3: Community Configuration 4: Routing Configuration 5: Farm Configuration 6: Server Configuration 7: Select Backup Method 8: Generate Redundancy Configuration 9: Convert CDB 10: Update Device
3-4 3-5 3-6 3-7 3-8 3-9 3-10 3-12 3-13 3-14
Introducing WSD
1
1-1
WSD is a dynamic load balancing system for effective management of traffic, it offers powerful load balancing and fault tolerance capabilities, which together ensure the highest degree of availability and an effective growth path. The purpose of this Quick Start Guide is to describe, step by step, the basic configuration of WSD, from first-time installation to an up and running unit, based on the network design on the following page.
Radware has designed a suite of WSD products to provide you with both local and global solutions, depending on your network. The WSD family includes: WSD Pro: It is a basic version of the WSD Pro+ that does not contain global redirection support, application server support, and has limited bandwidth. WSD Pro+: Can manage up to 3,000 different farms. Each of the servers can serve any number of farms. WSD for Distributed Sites (WSD-DS): WSD-DS directs clients to the data center that is most available. Availability is determined by load, relative strength of server farms and bandwidth available to a site. This solution directs the user to the best available site, therefore providing optimal, reliable and efficient service. WSD for Network Proximity (WSD-NP): Provides a unique load balancing system that minimizes traffic on the organization's backbone, by means of a powerful dual decision-making mechanism that transparently redirects traffic to sites according to network proximity and actual load. For example, WSD-NP redirects clients to the nearest site, unless that site is overloaded or down, in which case it redirects clients to an alternative site, according to network proximity and availability, meaning current load.
Servers 1, 2, & 3
WSD
Access Router
1-2
Installing WSD
2
2-1
This chapter describes how to setup WSD and install Configware, Radware's management software tool. This chapter is divided into the following sections: Checking the Contents, page 2-2. Mounting the Device, page 2-2. Connecting WSD to Your Network, page 2-3. Configuring WSD IP Host Parameters, page 2-5. WSD Specifications and Requirements, page 2-9. Installing Configware Management Software, page 2-11.
1. 2.
To rack-mount the device: Attach one bracket to each side of the device, using the screws provided. Attach the device to the rack with the mounting screws.
2-2
AC Power Connection
1. 2. To connect the AC power connection: Connect the power cable to the main socket, located on the rear panel of the device. Connect the power cable to the grounded AC outlet.
Note: WSD supports Telnet access, therefore you can create user names and passwords to control access, or disable Telnet access entirely.
1. 2. 3. 4.
To make the ASCII terminal connection: Connect the serial port connector to the front panel. Connect the other end of the serial port connector cable to your computer. Access HyperTerminal. From the HyperTerminal opening window, select the File menu, then Properties, Or
2-3
5. 6.
7.
Click the Properties icon in the toolbar. The New Connection Properties dialog box is displayed. Click Configure. The Properties dialog box containing the Port Settings tab is displayed. Verify that the fields are set as follows: Bits per second: 19200 Data bits: 8 Parity: None Stop bits: 1 Flow Control: None Turn on the power to the unit. When WSD is connected and operating properly, the PWR and System OK indicators on the front panel are lit continuously.
LAN Connections
Use a standard UTP or STP cable to connect WSD to the LANs. The cables used differs in each platform of the device, as follows: Application Switch I: In eight of the ports, a 10/100BaseT cable can be used, and/or in two ports, a 1000BaseSX cable can be used. In 16 of the ports, a 10/100BaseT cable can be used, and in five ports, a 1000BaseSX cable must be used.
1. 2.
To connect a WSD port to a network LAN: Connect a standard UTP or STP cable to the port interface, located on the front panel. Connect the other end of the cable to the LAN switch.
2-4
1. 2. 3.
To manually configure WSD IP host parameters in the Application Switch platforms: Ensure that the ASCII terminal is connected to the device. Turn on the power to the device. If you require to access the command line, press any key within three seconds of the boot up. The following command line is displayed: ? @ e w q u r print this list boot (load and go) print fatal exception download via xmodem erase configuration from flash download to secondary boot via xmodem clear Log file
4.
If you do not require to access this command line, the Startup Configuration window is automatically displayed. Select the @ symbol to access the Startup Configuration window.
2-5
5. 6.
Enter the number of the parameter for which you require to define the information. Enter the parameters configuration and click Enter. The value of the parameter is displayed in the screen. The following list defines the parameters in the Startup Configuration window: IP Address: The IP address of the interface is the only mandatory parameter. This address is used for SNMP management. IP Subnet Mask: The IP subnet mask address of the device. The default value of this parameter is the mask of the IP address class. Port Number: WSD port number to which the IP interface is defined. The default value is 1. Other possible values include 1, 2, or 1, 2, 3, 4, or 1, 2, 3, 4, 5, 6, 7, or 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, or 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, depending on the platform, or 100001. If you enter 100001, all WSD ports are included in the IP VLAN, and the IP interface therefore sits on the IP VLAN.
2-6
Default Router IP Address: The IP Address of the router through which the NMS can be reached. The default value for this parameter is 0.0.0.0, which means that no default router is configured. RIP Version: The RIP version used by the network router. The default value for this parameter is: disable. OSPF Enable: This parameter enables or disables the OSPF protocol. The default value is: disable. OSPF Area ID: When the OSPF protocol is enabled, you can enter an area ID other than the default value. Enter an ID in the form of an IP address. The default value is 0.0.0.0. The following three parameters are only necessary when the NMS is remote to the CSD. They offer three different ways to connect to the remote NMS. If the NMS is remote, enter a value for at least one of the following options. NMS IP address: The required NMS IP address. Enter a value if you require to limit the device to a single, specified NMS. The default value is 0.0.0.0 (any NMS). Community Name: CSD community name. The default community name is public. Enter a different name that you want as the community name. Configuration file name: The name of the file, in a format required by the server, which contains the configuration. Select this parameter when you require to download a configure file an NMS. The file must, however, be located on the NMS, and the NMS must be located on a TFTP server. When you exit the Startup Configuration window, CSD loads that configuration file from the NMS, resets and starts operating with the new configuration. The default value is: no name. The remaining parameters allows you to enable the device to use remote terminals to configure the device, via Telnet, SSH, or Web Based Management. User Name: A username which is added to the Users Table. The default username is radware.
2-7
User Password: The password used to access the device remotely using WBM, Telnet or SSH. The default password is radware. Telnet enable: Indicates whether Telnet access to the device is enabled. The default is No. SSH enable: Indicates whether Web access to the device is enabled. The default is No. Web Based Management enable: Enables Web Based Management.
Notes: 1. FireProof enters a default value for the parameters that are 1. incomplete, with the exception of the IP Address, which is mandatory. A validity check of all the parameters is then performed. 2. An initial default configuration is provided. When a device boots up 1. for the first time, if the Start-Up is not used for 30 seconds, and a 1. bootp server is not found within another 30 seconds, default settings 1. are assigned to the device. The initial default configuration consists 1. of a private IP Address (192.168.1.1), a subnet mask 1. 1. (255.255.255.0), an NMS IP Address (0.0.0.0, allowing any station 1. to manage the device using SNMP), community string of public, 1. Telnet, SSH and WBM are enabled with a default user of radware 1. with password radware.
1. 1. 1. 1. 1. 1.
2-8
Memory
Memory
2-9
2-10
1.
2. 3.
4.
5. 6. 7.
2-11
8.
1.
2.
3. 4.
5. 6. 7.
8.
To install Configware as a client-server browser-based application: Double-click on the Index.htm file in the directory where the software is located. The Selecting the Installation Directory window is installed. Select the Client-Server Browser-Based Mode button, then click Next. In the following Selecting the Installation Directory window enter, or browse to, the path to the wwwroot directory, and the required location of the directory in which Configware should be installed. Click Next. In the Setting the Web Alias window, enter an alias for the Configware web applet directory. Click Next. In the Setting the Configware Server Communication Port window, enter a unique, vacant, port to connect to the Configware Web server. Click Next. In the Setting the Java Interpreter window, enter the absolute path to your preferred Java Interpreter file. Click Next. In the Setting the Configware Security Mode window, select your security option, either No Security or Encrypted Session. Click Next. The Installation Summary window is displayed. You can edit the information by clicking Back until you reach the appropriate screen. Click Finish. The installation is complete.
2-12
3
3-1
Configware is a Java-based SNMP network management system with a graphical user interface. For more information on configuration, advanced configuration and monitoring, refer to the User Guide or the Online Help. This guide describes only those procedures necessary for basic WSD configuration and contains the following steps: Configuring the General Set Up, page 3-2 Step 1: Global Parameters, page 3-4 Step 2: Interfaces, page 3-5 Step 3: Community Configuration, page 3-6 Step 4: Routing Configuration, page 3-7 Step 5: Farm Configuration, page 3-8 Step 6: Server Configuration, page 3-9 Step 7: Select Backup Method, page 3-10 Step 8: Generate Redundancy Configuration, page 3-12 Step 9: Convert CDB, page 3-13 Step 10: Update Device, page 3-14
Web-Based
To run Configware using a Web browser: Browse to the URL of the application as entered during installation.
Using Buttons
Configware windows have toolbars with buttons that correspond to certain actions. Each window contains only those buttons relevant to that window. Throughout this document, buttons will be referred to by name. Refer to the Icons and Buttons flip-out page at the back of the Quick Start Guide for a picture list of Configware buttons.
Connecting to a Device
1. To connect to a device: In the Configware window, do one of the following: From the Devices dropdown list, choose a device. In the IP Address field, enter the IP Address of the device. Adjust the community as required. Click Connect. The Zoom View of the device is displayed.
2. 3.
3-2
Zoom View
Zoom View is a real-time representation of a Radware device. Each of the device's interfaces are represented. Zoom View for WSD units also includes the color-coded LED's located on the WSD front panel. All Configware options are accessed through Zoom View.
Note: If Configware is unable to connect to the WSD a Connection Error dialog box is displayed, in which you can try to reconnect by entering a new IP address, or the correct community name, or exit and return to the Configware window.
Explanation Interface is Okay. Interface has generated an Error message, or the interface is not connected, or has been put in standby by the spanning tree algorithm.
1.
2.
3.
Enter the following information in the fields provided: Name: The name of the device, which is assigned by the user. Location: The physical location of the device. Contact Person: The name of the person responsible for the device. System Time: The current time set for the device. System Date: The current date set for the device. Click Next Step to save your definitions and proceed to the next step.
3-4
Step 2: Interfaces
For WSD to perform IP routing, you must configure IP interfaces. IP interfaces comprise of a particular IP address coupled with a particular subnet mask. WSD performs IP routing between all defined IP interfaces. 1. The Step 2: Interfaces dialog box is displayed, as shown below.
2.
3. 4.
Click Insert to define the IP Interfaces of the WSD device. The IP Router Interface Parameters dialog box is displayed. Enter the following information in the fields provided: IP Address: The IP address of the physical port or VLAN. Network Mask: The IP Network Mask address, which is determined by the setup of the network. If Num: The number of the interface. Click Update, then in the Step 2: Interfaces dialog box click Set to save your definitions. Click Next Step to proceed to the next step.
3-5
2.
3. 4.
3-6
Click Insert to define the community configuration of the IP interfaces. Enter the following information in the fields provided: Management Address: The IP address of the management station. Community String: The community name of the management station. Community Access: Access to the management station is either Read Only or Read Write. Send Traps: The management station can receive traps from the device, by choosing Enable or Disable. Click Update, then in the Step 3: Community Configuration dialog box click Set to save your definitions. Click Next Step to proceed to the next step.
2.
3. 4.
Click Insert to define the routing configuration of the IP interfaces. Enter the following information in the fields provided: Destination IP Address: The destination IP address of the router. Network Mask: The destination Network Mask address of this router. Next Hop: Address of the next router of this route, local to the interface. If Num: The If (interface) index of the local interface through which the next hop of this route is reached. Click Update, then in the Step 4: Routing Configuration dialog box click Set to save your definitions. Click Next Step to proceed to the next step.
3-7
2.
3. 4.
3-8
Click Insert to define the farms that the device will handle. The Farm Table Insert dialog box is displayed, and the following information is required: IP Address: A virtual IP address representing the farm to the clients. Farm Name: Enter a name, up to 50 characters in length, to describe the WSD farm. Dispatch Method: The method that determines to which server in the farm traffic is directed. Refer to the WSD User Guide for a full reference of the Dispatch Method options. Redundancy Mode: The mode for redundancy operation, which can be either Regular or Backup. Click Update, then in the Step 5: Farm Configuration dialog box click Set to save your definitions. Click Next Step to proceed to the next step.
2.
3. 4.
Click Insert to define the servers that the device will handle. In the Application Server Table Insert dialog box, enter the following information in the fields provided: Farm Address: The IP address of the farm. Server Address: The IP address of the server. Server Name: The name of the physical server. Weight: The weight of the servers defines which ones can serve more clients. Operation Mode: The operation mode of the server is either Regular or Backup. Type: The types of server used in this configuration are either Regular, Remote, Distributed, or Local Triangulation. Click Update, then in the Step 6: Server Configuration dialog box click Set to save your definitions. Click Next Step to proceed to the next step.
3-9
2.
Select the radio button that enables you to configure the device according to your requirements, for example, as a main device, a backup device, a mutually redundant device, or a stand-alone device. In this step the set up differs depending on your selection: Main Device: Select this radio button to define the device as a main device and the wizard configuration is concluded when you click Next Step. Mutual Redundancy or Backup Device: Define the device as either one of these options. The next step involves editing the Redundancy Table. Stand-alone: This selection proceeds to the End of Setup dialog box.
3-10
3.
Select the Mutual Redundancy or Backup Device radio buttons. The following dialog box is displayed.
4.
5. 6.
Click Insert to define the redundancy configuration for the mutually redundant or backup device. The IP Redundancy Table Insert dialog box is displayed, and the following information is required: Interface IP Address: The IP address of the interface. Main Router Address: The IP address of the main router. Poll Interval: The polling interval for the WSD, in seconds. If the interval is 0, the WSD is not polled. The default is 3. Time Out: The interval, in seconds, during which the WSD must respond. If the WSD does not respond within this interval, it is considered inoperative. If Time Out is 0, the WSD ignores the row. The default is 12. Click Update, then click Set to save your definitions. Click Next Step to proceed to the next step.
3-11
2. 3.
In the File Name field, enter a name for the configuration file of the first device. Click Next Step to save your definitions and to proceed to the next step.
3-12
2. 3.
Specify the file name of the second device, the Own and Redundant IP Address, or click Convert to generate the configuration file. Click Next Step to save your definitions and to proceed to the next step.
3-13
2.
3. 4.
Specify the destination IP address of the second device in the field provided, and then click Send to Device to send the configuration file to the second device. Click Next Step. The End of Setup dialog box is displayed. Click Next Step again to complete the setup.
3-14
Advanced Filters
Close Screen
Basic Filters
Control Panel
Browse
Convert files
Cancel
Delete
Cancel
Delete All
Duplicate Line
Checks Table
Edit
Error Log
Filter Groups
Full Table
Generate Graph
Help
Insert
Perform
Left Arrow
OK
Properties
Refresh
Right Arrow
Save
Secondary Server
Undo
Set
Update
Show Graph
SSF Farm
SSF Server