load balance rule redirect
Creates load-balancing redirect rules.
Syntax
load balance rule redirect addrs <ip-address> [src <subnet>/<mask>] [dest <subnet>/<mask> dest-port <port>] [peer {<ip-address> |any | probe-only| non-probe}] [rulenum <rule-number>] [description "<description>"] [vlan <vlan-number>] [fair-peering {yes | no}]
Parameters
addrs <ip-address> | Specifies a comma-separated list of SteelHead IP addresses to which traffic can be redirected. (Specify the IP address for the SteelHead inpath0_0 interface.) If a rule matches, connections are redirected to a SteelHead in the list according to the load-balancing algorithm. This parameter is not required for rules of type pass. You must also configure Interceptor-to-SteelHead communication and SteelHead-to-Interceptor communication for peering between appliances. For detailed information, see steelhead communication interface. |
src <subnet>/<mask> | Specifies the IP address for the source network. Use the following format: XXX.XXX.XXX.XXX/XX |
dest <subnet>/<mask> | Specifies the IP address for the destination network. Use the following format: XXX.XXX.XXX.XXX/XX |
dest-port <port> | Specifies a port number or port label. |
peer <ip-address> | Specifies the peer IP address to apply pass-through load-balancing rules to this IP address only. |
peer any | Applies the pass-through rule to any SYN packet and probe. |
peer probe-only | Applies the pass-through rule to any probes from any router. |
peer non-probe | Applies the pass-through rule to any SYN packet without a probe. |
rulenum <rule-number> | Specifies the rule number. The rule is inserted before the existing pass-through load-balancing rule. |
description "<description>" | Specifies a description of the rule. |
vlan <vlan-number> | Specifies the VLAN tag identification number (ID). |
fair-peering {yes | no} | Uses (yes) or (no) removes fair peering for the load-balanced rule. |
Usage
Load-balancing rules define the characteristics by which traffic is selected for load balancing and the availability of LAN-side SteelHead for such traffic.
Typically, your rules list should:
• Account for traffic over all subnets and ports that have been selected for redirection.
• Account for all SteelHeads you have configured as neighbor peers to be targets of redirect rules or reserved for the automatic load-balancing rule.
• If a neighbor SteelHead is specified as a target for a rule, it is reserved for traffic that matches that rule and is not available to the pool used for automatic load balancing.
• If a neighbor SteelHead is not specified as a target for a rule, it is available for automatic load balancing.
• Account for second-preference cases where you would rather pass-through traffic than tax the autoload-balancing pool.
The SteelHead Interceptor processes load-balancing rules as follows:
1. Redirect rule matches and target SteelHead available: Redirect to a target appliance according to the load-balancing algorithm.
2. Redirect rule matches but none of the target SteelHeads for the rules are available: Consults the next rule in list.
3. Pass-through rule matches: Pass-through, traversing Riverbed routes but unoptimized.
4. Redirect rule matches but no capacity and does not match a pass-through rule: Automatically balances load among neighbor SteelHeads not reserved by other rules.
5. No rules match or no rules specified, target SteelHeads are chosen based on the following rules:
• Peer Affinity - Prefers a target SteelHead that has had a previous connection with the source SteelHead. If no SteelHead has peer affinity, the connection is redirected to the SteelHead with the least current connections.
• Least Connections - If more than one target SteelHead has peer affinity, the connection is redirected to one that has the least current connections.
• No Peer Affinity - If no SteelHead has peer affinity, the connection is redirected to the SteelHead with the least current connections.
Example
amnesiac (config) # load balance rule redirect addrs 10.0.0.1,10.0.0.2 src 10.0.0.1/16 dest 10.0.0.2/16 dest-port 1240 description test vlan 12
Product
Interceptor
Related Commands
Interceptor Peering and Redirect Commands
This section describes the Interceptor peering and redirect commands.