208
primary unit routing table changes.
Once a routing table update is sent, the primary unit waits the
route-hold
time before sending the next update.
Usually routing table updates are periodic and sporadic.
Subordinate units should receive these changes as soon as
possible so
route-wait
is set to 0 seconds.
route-hold
can
be set to a relatively long time because normally the next route
update would not occur for a while.
In some cases, routing table updates can occur in bursts. A
large burst of routing table updates can occur if a router or a
link on a network fails or changes. When a burst of routing table
updates occurs, there is a potential that the primary unit could
flood the subordinate units with routing table updates. Setting
route-wait
to a longer time reduces the frequency with which
additional routing updates are sent, which prevents floodingof
routing table updates from occurring.
schedule {hub | ip |
ipport |
leastconnection | none
| random | round-robin
| weight-round-robin}
A-A load balancing schedule.
none: no load balancing. Use none when the cluster interfaces
are connected to load balancing switches.
hub: load balancing if the cluster interfaces areconnected to a
hub. Traffic is distributed to cluster units based on the Source IP
and Destination IP of the packet.
leastconnection: least connection load balancing. If the cluster
units are connected using switches, use leastconnection to
distribute traffic to the cluster unit currently processing the
fewest connections.
round-robin: round robin load balancing. If the cluster units are
connected using switches, use round-robin to distribute traffic to
the next available cluster unit.
weight-round-robin: weighted round robinload balancing. Similar
to round robin, but weighted values are assigned to each of the
unitsin a cluster based on their capacity and on how many
connections they are currently processing. For example, the
primary unit should have alower weighted value because it
handles scheduling and forwards traffic. Weighted round robin
distributes traffic more evenly becauseunits that are not
processing traffic will be more likely to receive new connections
than units that are very busy. You can optionally use the weight
keyword to set a weighting for eachcluster unit.
random: random load balancing. If the cluster units are
connected using switches, use random to randomly distribute
traffic to cluster units.
ip: load balancing according to IP address. If the cluster units
are connected using switches, use ipto distribute traffic to units
in a cluster based on the Source IP and Destination IP of the
round-
robin
Summary of Contents for freeGuard 100
Page 1: ...freeGuard 100 UTM Firewall CLI USER S MANUAL P N F0025000 Rev 1 1...
Page 3: ......
Page 7: ......
Page 87: ...80 The config ips anomaly command has 1 subcommand config limit...
Page 183: ...176...