本帖最后由 hj1984930 于 2011-11-1 09:44 编辑
网络配置[size=10.5000pt]Vlan名称端口IP/掩码备注
[size=10.5000pt]Vlan_1381.1202.*.138.53/24
202.*.138.54/24
202.*.138.55/24
[size=10.5000pt]Vlan_1421.1202.*.142.12/27
202.*.142.13/27
202.*.142.14/27
F5主机网络配置(138.53和142.12是f5主机的ip地址,138.84和142.13是f5备机的ip地址,138.55和142.14是浮动ip)
vlan vlan_138 {
tag 4093
interfaces 1.3
}
vlan vlan_142 {
tag 4094
interfaces 1.1
}
vlan vlan_failover {
tag 4092
interfaces 1.8
}
self 1.1.1.1 {
netmask 255.255.255.0
vlan vlan_failover
allow default
}
self 202.*.138.53 {
netmask 255.255.255.0
vlan vlan_138
allow default
}
self 202.*.142.12 {
netmask 255.255.255.224
vlan vlan_142
allow default
}
self 202.*.138.55 {
netmask 255.255.255.0
unit 1
floating enable
vlan vlan_138
allow default
}
self 202.*.142.14 {
netmask 255.255.255.224
unit 1
floating enable
vlan vlan_142
allow default
}
F5备机:self 1.1.1.2 { netmask 255.255.255.0 vlan vlan_failover allow default}
self 202.*.138.54 { netmask 255.255.255.0 vlan vlan_138 allow default}
self 202.*.142.13 { netmask 255.255.255.224 vlan vlan_142 allow default}
self 202.*.138.55 { netmask 255.255.255.0 unit 1 floating enable vlan vlan_138 allow default}
self 202.*.142.14 { netmask 255.255.255.224 unit 1 floating enable vlan vlan_142 allow default}
配置服务器地址池应用名称Pool MemberPortVirtual IP
[size=10.5000pt]Oid1202.*.142.1389202.*.142.15:389tcp
[size=10.5000pt]Oid2202.*.142.2389
[size=10.5000pt]Oid1_ssl202.*.142.1636202.*.142.15:636tcp
[size=10.5000pt] Oid2_ssl202.*.142.2636
[size=10.5000pt]As1202.*.142.107777202.*.142.16:80http
[size=10.5000pt] As2202.*.142.117777配置虚拟服务virtual vs_oid1 { snat automap pool pool_oid1 destination 202.*.142.15:ldap ip protocol tcp persist source_addr}virtual vs_oid2 { snat automap pool pool_oid2 destination 202.*.142.15:ldaps ip protocol tcp persist source_addr}
virtual vs_as_group1 { snat automap destination 202.*.142.16:http ip protocol tcp httpclass { as_group1_charge_httpclass as_group1_dss_httpclass as_group1_gcms_httpclass as_group1_hr_httpclass as_group1_oa_httpclass as_group1_xk_httpclass } persist source_addr profiles { http {} tcp {} }}
F5双机配置
F5主机failover { unit 1}statemirror { addr 1.1.1.1 peer addr 1.1.1.2}F5备机failover { unit 2}statemirror { addr 1.1.1.2 peer addr 1.1.1.1}