Nortel Networks WEB OS 212777 Manuale Utente Pagina 104
- Pagina / 482
- Indice
- SEGNALIBRI
Valutato. / 5. Basato su recensioni clienti
Web OS 10.0 Application Guide
104
Chapter 5: Secure Switch Management
212777-A, February 2002
RADIUS Authentication Features in Web OS
The following Radius Authentication features are supported in Web OS:
n Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and
2866.
n Enables/disables support of RADIUS authentication and authorization.
The default disables the use of RADIUS for authentication and authorization.
n Allows RADIUS secret password up to 32 bytes and less than 16 octets.
n Supports secondary authentication server so that when the primary authentication server
is unreachable, the switch can send client authentication requests to the secondary authen-
tication server.
Use the /cfg/sys/radius/cur command to show the currently active RADIUS
authentication server.
n Supports user-configurable RADIUS server retry and time-out values.
The parameters are:
Time-out value = 1-10 seconds
Retries = 1-3
The switch will time out if it does not receive a response from the RADIUS server in 1-3
retries. The switch will also automatically retry connecting to the RADIUS server before it
declares the server down.
n Supports user-configurable RADIUS application port.
The default is 1645/UDP based on RFC 2138. Port 1812 is also supported.
n Allows network administrator to define privileges for one or more specific users to access
the switch at the RADIUS user database.
n SecurID is supported if the RADIUS server can do an ACE/Server client proxy. The pass-
word is the PIN number, plus the token code of the SecurID card.
- Web OS Switch Software 1
- 10.0 Application Guide 1
- 212777-A, February 2002 2
- Web OS 10.0 Application Guide 10
- Contents 10
- Contents 11
- Glossary 471 12
- Index 475 12
- Figures 14
- Figures 15
- Tables 18
- New Features 19
- Who Should Use This Guide 21
- Preface 22
- Typographic Conventions 23
- Contacting Us 24
- Basic IP Routing 27
- IP Routing Benefits 28
- Routing Between IP Subnets 28
- Chapter 1: Basic IP Routing 29
- Chapter 1: Basic IP Routing 30
- Example of Subnet Routing 31
- Route Cache 35
- Border Gateway Protocol (BGP) 36
- DHCP Relay 41
- CHAPTER 2 43
- VLAN ID Numbers 44
- VLAN Tagging 44
- VLANs and the IP Interfaces 45
- Chapter 2: VLANs 46
- Chapter 2: VLANs 47
- Multiple Spanning Trees 51
- VLANs and Default Gateways 58
- Configuring the Local Network 60
- VLANs and Jumbo Frames 63
- Figure 2-7 Jumbo Frame VLANs 64
- Aggregate Port Trunk 65
- Statistical Load Distribution 66
- Built-In Fault Tolerance 66
- Port Trunking Example 67
- OSPF Overview 69
- ABR = Area Border Router 70
- ASBR = Autonomous System 70
- Boundary Router 70
- Types of OSPF Routing Devices 71
- Neighbors and Adjacencies 72
- The Link-State Database 72
- The Shortest Path First Tree 73
- OSPF Implementation in Web OS 74
- Defining Areas 75
- Interface Cost 77
- Summarizing Routes 77
- Default Routes 78
- Virtual Links 79
- Router ID 80
- Authentication 80
- Chapter 4: OSPF 82
- OSPF Configuration Examples 83
- Example 1: Simple OSPF Domain 84
- Example 2: Virtual Links 86
- Other Virtual Link Options 89
- Example 3: Summarizing Routes 90
- Stub Area 92
- Backbone 92
- 5. Define the backbone 97
- 6. Define the stub area 97
- Verifying OSPF Configuration 98
- Secure Switch Management 101
- Requirements 102
- Internet 103
- Web Switch User Accounts 105
- Secure Shell and Secure Copy 107
- SCP Services 108
- RSA Host and Server Keys 109
- Radius Authentication 110
- SecurID Support 110
- Configuring SSH/SCP 111
- 212777-A, February 2002 112
- Port Mirroring 113
- Part 2: Web Switching 115
- Fundamentals 115
- Web Switching Fundamentals 116
- Server Load Balancing 117
- Network Topology Requirements 122
- IP Address Ranges Using imask 129
- Configuring Multiple Services 130
- Minimum Misses 131
- Least Connections 132
- Round Robin 132
- Response Time 133
- Bandwidth 133
- Weights for Real Servers 134
- Backup/Overflow Servers 135
- Extending SLB Topologies 136
- Mapping Ports 139
- Load Balancing Metric 141
- Direct Server Interaction 142
- Layer 2 Switch 143
- Web Switch 143
- Server farm 143
- Using Proxy IP Addresses 144
- Monitoring Real Servers 145
- Normal Request 146
- DoS SYN Attack 146
- Configuring Delayed Binding 148
- Detecting SYN Attacks 148
- IP Server Load Balancing 149
- FTP Server Load Balancing 150
- Preconfiguration Tasks 152
- RTSP Implementation 156
- Using RADIUS Snooping 160
- Configuring RADIUS Snooping 161
- WAN Link Load Balancing 166
- Filtering 169
- Overview 170
- Stacking Filters 172
- Overlapping Filters 172
- The Default Filter 173
- VLAN-based Filtering 174
- Optimizing Filter Performance 176
- Filter Logs 176
- IP Address Ranges 178
- TCP Rate Limiting 179
- Chapter 7: Filtering 181
- Real serversClients 183
- Filter-based Security 185
- For UDP: 189
- Similarly, for TCP: 189
- Network Address Translation 191
- Configuring Static NAT 192
- Dynamic NAT 193
- Configuring Dynamic NAT 194
- FTP Client NAT 195
- Matching TCP Flags 197
- Matching ICMP Message Types 201
- Chapter 7: Filtering 202
- Application Redirection 203
- Client Switch 205
- RTSP Web Cache Redirection 211
- IP Proxy Addresses for NAT 213
- Excluding Noncacheable Sites 215
- Virtual Matrix Architecture 217
- Health Checking 219
- Chapter 10: Health Checking 220
- Real Server Health Checks 221
- DSR Health Checks 222
- Link Health Checks 223
- TCP Health Checks 224
- ICMP Health Checks 224
- Script-Based Health Checks 225
- Script Format 226
- Script Configuration Examples 227
- Scripting Guidelines 227
- HTTP Health Checks 231
- UDP-Based DNS Health Checks 233
- FTP Server Health Checks 234
- POP3 Server Health Checks 235
- SMTP Server Health Checks 236
- IMAP Server Health Checks 237
- NNTP Server Health Checks 238
- RADIUS Server Health Checks 239
- WAP Gateway Health Checks 240
- WSP Content Health Checks 241
- WTLS Health Checks 242
- LDAP Health Checks 243
- ARP Health Checks 245
- Failure Types 246
- High Availability 247
- VRRP Overview 248
- Virtual Router MAC Address 249
- Owners and Renters 249
- VRRP Operation 251
- Active-Standby Failover 252
- Failover Methods 253
- Active-Standby Redundancy 254
- Active-Active Redundancy 255
- Hot-Standby Redundancy 256
- Virtual Router Group 257
- Synchronizing Configurations 258
- Web OS Extensions to VRRP 259
- Master-Active VR 1 260
- Tracking VRRP Router Priority 261
- Parameter Description 262
- Task 2: SLB Configuration 269
- Task 4: Configuring Switch 2 273
- Configuration Procedure 276
- Persistent Sessions 283
- On the Master Switch 285
- On the Backup Switch 285
- If the switch is a master: 286
- If the switch is a backup: 286
- Part 3: Advanced Web 287
- Switching 287
- Advanced Web Switching 288
- Global Server Load Balancing 289
- GSLB Overview 290
- How GSLB Works 291
- Configuring GSLB 293
- How IP Proxy Works 305
- Verifying GSLB Operation 308
- Firewall Load Balancing 313
- Firewall Overview 314
- Basic FWLB 316
- Basic FWLB Implementation 317
- Configuring Basic FWLB 319
- Four-Subnet FWLB 326
- Configuring Four-Subnet FWLB 329
- Configure the Routers 330
- Configure the Firewalls 330
- Verify Proper Connectivity 337
- Advanced FWLB Concepts 346
- >> # ../group 1 347
- Note: There can be 349
- Firewall Health Checks 351
- Using HTTP Health Checks 352
- Virtual Private Network Load 353
- Balancing 353
- 7. Enable SLB 361
- 1. Turn off BOOTP 365
- 3. Turn off STP 365
- Test the VPN 369
- Content Intelligent Switching 371
- Parsing Content 373
- HTTP Header Inspection 374
- Virtual Hosting 380
- Browser-Smart Load Balancing 386
- Configuring URL Hashing 387
- Header Hash Load Balancing 389
- DNS Load Balancing 390
- Layer 7 RTSP Load Balancing 392
- Example 1: Hashing on the URL 407
- Regular Expression Matching 412
- /cfg/slb/layer7/slb/add 413
- Content Precedence Lookup 414
- Layer 7 Deny Filter 417
- Persistence 421
- Overview of Persistence 422
- Using Cookies 423
- Using SSL Session ID 423
- Cookie-Based Persistence 424
- Cookie Formats 425
- Cookie Properties 426
- Cookie Modes of Operation 427
- Passive Cookie Mode 428
- Rewrite Cookie Mode 429
- Chapter 16: Persistence 433
- Example 2: Parsing the Cookie 434
- Chapter 16: Persistence 440
- Bandwidth Management 441
- Bandwidth Policies 444
- Rate Limits 445
- Data Pacing 446
- Classification Criteria 447
- Combinations 448
- Precedence 448
- Frame Discard 449
- Cache servers 450
- Statistics Maintained 452
- Operational Keys 453
- Web Site Preference Example 460
- Security Management Example 468
- Glossary 471
- Glossary 474
- Numerics 475
Prodotti e manuali riguardandi Networking Nortel Networks WEB OS 212777
(18 pagine)
Networking Nortel Networks M3820 Manuale Utente
(264 pagine)
(264 pagine)
Networking Nortel Networks 8683POS Manuale Utente
(154 pagine)
(154 pagine)
Networking Nortel Networks BCM200 Manuale Utente
(382 pagine)
(382 pagine)
© 2020, manymanuals.it. Tutti i diritti riservati | 0.098 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale