1. No category

Radware`s AppDirector and Oracle E-Business Suite 12 Integration

Radware’s AppDirector and Oracle E-Business Suite 12
Integration Guide
Products:
Radware AppDirector
Software: AppDirector version 2.10.00
Platform: On-Demand Switch II XL
E-Business Suite version 12.0.4
-1-
Table of Contents
JOINT SOLUTION OVERVIEW ......................................................................................3
E-BUSINESS SUITE OVERVIEW...................................................................................3
Definitions as they apply to E-Business Suite..................................................................3
General Architecture of Oracle E-Business Suite Release 12 ..........................................4
Diagram 1.0 - EBS General Architecture .........................................................................5
RADWARE APPDIRECTOR OVERVIEW.......................................................................5
DEPLOYMENT NOTES ..................................................................................................6
E-Business Suite Modifications .......................................................................................6
Table 1.0 - E-Business Suite Modifications......................................................................7
AppDirector Modifications ...............................................................................................7
APPDIRECTOR AND E-BUSINESS SUITE INTEGRATION ..........................................8
Diagram 2.0 - E-Business Suite 12 and AppDirector Logical Topology ............................9
Tests Conducted for Solution Validation and Result Summary ........................................9
Table 2.0 - Test Conducted for Solution Validation ........................................................10
Diagram 3.0 - E-Business Suite 12 and AppDirector Physical Topology ........................11
PRIMARY APPDIRECTOR CONFIGURATION ............................................................11
IP Configuration............................................................................................................12
Farm Configuration .......................................................................................................15
Caching ........................................................................................................................16
Create Cache URL Exceptions Rule-Lists .....................................................................17
Create Cache Policy .....................................................................................................18
Create Compression Policy...........................................................................................18
Create SSL Certificate ..................................................................................................19
Create SSL Policy.........................................................................................................21
Create Layer 4 Policy....................................................................................................21
Configure L7 Persistency for the web farm ....................................................................24
Adding Servers to the Farm ..........................................................................................25
Health Monitoring..........................................................................................................27
Create the Health Monitoring Checks. ...........................................................................28
Binding Health Checks to Servers.................................................................................30
GENERAL REDUNDANT CONFIGURATION NOTES .................................................31
Primary AppDirector VRRP Configuration .....................................................................31
Primary Virtual Routers.................................................................................................31
Primary Associated IP Addresses .................................................................................33
Primary Mirroring ..........................................................................................................34
AUTO-GENERATE THE BACKUP APPDIRECTOR CONFIGURATION......................36
Setting up basic IP connectivity on the Backup AppDirector ..........................................36
Auto Generating the Backup Configuration from the Primary AppDirector......................37
Upload the Backup Configuration file to the Backup AppDirector...................................38
APPENDIX....................................................................................................................40
Appendix 1 - Primary AppDirector Configuration File.....................................................40
Appendix 2 - Backup AppDirector Configuration File .....................................................43
Appendix 3 - Oracle Application Server Web Cache - Caching Rules ............................47
Appendix 4 - Insert Cookie - Auto Generated Configuration...........................................48
-2-
Joint Solution Overview
The Radware and E-Business Suite joint solution ensures E-Business Suite 12.0
customer’s solution resilience, efficiency and scale. Radware’s AppDirector
guarantees E-Business Suite applications maximum availability, scalability,
performance and security, managing traffic for the web server content.
AppDirector works in conjunction with E-Business Suite 12.0 servers to offload
resource intensive processing, providing advanced health monitoring and avoiding
system down time to deliver a best of breed subsystem. With a pay as you grow
platform licensing model, AppDirector ensures long term investment protection
facilitating incremental growth demanded by today’s Business. Diagram 2.0 is a
logical depiction of the intended deployment model.
E-Business Suite Overview
See Reference Doc ID: 380489.1
Definitions as they apply to E-Business Suite
Tier
A tier is a logical grouping of services, potentially spread across more than one
physical machine.
Client Tier
The client interface is provided through HTML for the HTML-based applications,
and via a Java applet in a Web browser for the traditional Forms-based interface.
In Oracle Applications Release 12, each user logs in to Oracle Applications
through the E-Business Suite Home Page on a desktop client web browser. The
E-Business Suite Home Page provides a single point of access to HTML-based
applications, Forms-based applications, and Business Intelligence applications.
Application Tier
The application tier hosts the various services that process the business logic and
manage communication between the desktop tier and the database tier. This tier
runs the web server and the associated processes, concurrent processing server,
Interaction and Oracle fulfillment server.
Database Tier
The database tier contains the Oracle database server which stores all the data
maintained by Oracle Applications. This tier has the Oracle data server files and
Oracle Applications database executables that physically store the tables, indexes,
and other database objects in the system.
OPMN
Oracle Process Manager and Notification Server (OPMN) is installed and
configured on every tier designated to run the web application. OPMN provides an
integrated way to manage all Oracle Application Server components. OPMN
consists of two main pieces: the Process Manager and the Notification Server.
The Process manager (PM) is the centralized process management mechanism in
-3-
Oracle Application Server and is used to manage all Oracle Application Server
processes. The PM starts, restarts, stops, and monitors every process it manages.
It also performs death-detection and automatic restart of the processes. Oracle
Notification Server (ONS) is the transport mechanism for failure, recovery, startup,
and other related notifications between components in Oracle Application Server.
OHS
Oracle HTTP Server (OHS) is installed and configured on every tier that is
designated to run the web application. It provides the key infrastructure required
for serving the static and dynamic content generated by Oracle E Business Suite
products.
OC4J
Oracle Containers for J2EE (OC4J) is the core Java 2 Platform Enterprise Edition
(J2EE) runtime component of Oracle Application Server. It is installed and
configured on every tier that is designated to run the web application. It is a fully
J2EE 1.5 compliant container that runs on a standard file based JDK 1.5 Java
Virtual Machine and provides complete support for Java Server Pages (JSP) ,
Servlets, Enterprise Java Beans (EJB), Web Services and all J2EE services.
Web Entry Point
Web Entry Point refers to the host name which is designated to be used by all
users to access the Oracle E-Business Suite Release 12 system. By default, the
web entry point is set to the hostname of the application server where Oracle
E-Business Suite is installed. In the case where a load-balancer is used, the Web
Entry Point becomes the virtual host name resolved to the virtual IP of the
load-balancer.
Session Persistence
Session Persistence is the act of keeping a specific user's traffic going to the same
server that was initially hit when the site was contacted for the first HTTP
transaction. This is especially important for E-Business Suite as various modules
bundled with the suite need to maintain session state. Session persistence is
sometimes referred to as "server stickiness."
General Architecture of Oracle E-Business Suite Release 12
The Oracle E-Business Suite Release 12 architecture, as shown in the figure
below, is a framework for multi-tiered, distributed computing that supports various
Oracle Applications products. In this model, various servers are distributed among
multiple levels, or tiers.
-4-
Diagram 1.0 - EBS General Architecture
A server is a process or group of processes that runs on a single machine and
provides a particular class of functionality, often referred to as a service. For
example, the Oracle HTTP server is a process that listens for and processes HTTP
requests; a Concurrent Processing server is a server that process batch jobs
submitted through concurrent requests.
The three-tier architecture that comprises an Oracle E-Business Suite installation
is made up of:
1. The database tier, which supports and manages the Oracle database
2. The application tier, which supports and manages the various
Applications components, and is sometimes known as the middle tier
3. The client tier, which provides the user interface via a supported web
browser, either natively in HTML or via Forms running in the Sun Java
Runtime Engine
For more information on Oracle E-Business Suite, see
http://www.oracle.com/applications/e-business-suite.html
Radware AppDirector Overview
Radware’s AppDirector is an intelligent application delivery controller (ADC) that
provides scalability and application-level security for service infrastructure
optimization, fault tolerance and redundancy. Radware combined its
next-generation, OnDemand Switch multi-gigabit hardware platform with the
powerful capabilities of the company’s APSolute™ operating system “classifier”
-5-
and “flow management” engine. The result – AppDirector – enables accelerated
application performance; local and global server availability; and application
security and infrastructure scalability for fast, reliable and secure delivery of
applications over IP networks.
AppDirector is powered by the innovative OnDemand Switch platform. OnDemand
Switch, which has established a new price/performance standard in the industry,
delivers breakthrough performance and superior scalability to meet evolving
network and business requirements. Based on its on demand, “pay-as-you-grow”
approach, no forklift upgrade is required even when new business requirements
arise. This helps companies guarantee short-term and long-term savings on
CAPEX and OPEX for full investment protection. Radware’s OnDemand Switch
enables customers to pay for the exact capacity currently required, while allowing
them to scale their ADC throughput capacity and add advanced application-aware
services or application acceleration services on demand to meet new or changing
application and infrastructure needs. And it does it without compromising on
performance.
AppDirector lets you get the most out of your service investments by maximizing
the utilization of service infrastructure resources and enabling seamless
consolidation and high scalability. AppDirector’s throughput licensing options
allows pay as you grow investment protection. Make your network adaptive and
more responsive to your dynamic services and business needs with AppDirector’s
fully integrated traffic classification and flow management, health monitoring and
failure bypassing, traffic redirection, bandwidth management, intrusion prevention
and DoS protection.
For more information, please visit: http://www.radware.com/
Deployment Notes
E-Business Suite Modifications
In order for E-Business Suite to work with an AppDirector, there are several
parameters that need to be defined. The Load Balancer Entry Point URL used to
access the Applications logon page needs to be defined as a single entry point, the
Application servers that are being load balanced need to be defined, the protocol,
port and active web portal need to be defined on both Application Servers. The
configuration file that needs to be modified is the Applications Context File. The
servers Applications Context File is Located:
$INST_TOP/appl/admin/ VIS_narmada.xml
Use the AutoConfig Context Editor to set the configuration values in the
applications context file on server 1 and 2. The table below describes how the
context value should be changed when a load balancer is configured in front of
application servers. For example:
-6-
Load Balancer Entry Point: AppDirector.estuate
Application Server 1: narmada.estuate
Application Server 2: kavery.estuate
Web Entry protocol: https
Application Tier Web Protocol: https
Application Tier Web Port: 8010
Active Web Port:443
Context Variable
Name
s_webentryprotocol
s_webentryhost
s_webentrydomain
s_active_webport
s_login_page
s_external_url
Context Variable
Description
Protocol that desktop
clients use to
communicate with the
entry point server
Name of the host that
receives the first HTTP
request from the
desktop client
Old Context Value
New Context Value
http
https for AppDirector.estuate
narmada on Application
Server 1
kavery on Application
Server 2
AppDirector as the web entry host for
narmada and kaveri
Domain name of the
host that receives the
first HTTP request from
the desktop client
Port on the web server
or load balancer that
listens for HTTP
requests
URL used to access the
Applications logon page
estuate
Estuate
8010 on narmada and
kaveri
443 for AppDirector.estuate
http://narmada.estuate:80
10/OA_HTML/AppsLogin
http://kaveri.estuate:8010/
OA_HTML/AppsLogin
https://AppDirector.estuate/OA_HTML/Ap
psLogin
URL that third party
tools use to connect to
the E-Business Suite
System. This is used
only by the Oracle Web
Services product.
http://narmada.estuate:80
10/OA_HTML/AppsLogin
http://kaveri.estuate:8010/
OA_HTML/AppsLogin
https://AppDirector.estuate/OA_HTML/Ap
psLogin
Table 1.0 - E-Business Suite Modifications
The values listed for the context variables in the table above should only be used
as a reference to change your applications context file. It is possible that system
administrators may have changed the default values to perform other advanced
configurations. After completing the changes shown above, do the following:
1. Run the AutoConfig utility on all the application tier Servers
2. Restart application server processes
3. Test sign on from different entry points.
AppDirector Modifications
The AppDirector was configured for SSL offload to accelerate SSL traffic and
offload servers. AppDirector handles the SSL key negotiation with the client and
encrypting and decrypting of communication. AppDirector serves as a proxy,
terminating the SSL client sessions and opening a separate session to the
-7-
backend servers. SSL Offload is necessary to manipulate TLS components, L7
persistence would not work without SSL offload, as the data payload would be
encrypted.
Farm aging time was tuned to just over 2 hours (7300) from default value for
testing. This was to ensure that state entries would not be terminated prior to client
aging time.
appdirector farm table setCreate "web server farm" -at 7300 -cm \
"No Checks" -sm RemoveOnSessionEnd-SPS
Reset of the sessions if still existing after the aging. This will ensure any clean-up
of abandoned sessions which could hold state on the servers inadvertently.
appdirector farm extended-params set "web server farm" -sc Enabled -ic \
"Enable and remove cookie on return path"
AppDirector and E-Business Suite Integration
Key features implemented on the AppDirector to support this solution:
•
•
•
•
•
•
•
Service health monitoring
Layer 7 load balancing
Caching
Compression
TCP Multiplexing
SSL Offloading
VRRP
-8-
Diagram 2.0 - E-Business Suite 12 and AppDirector Logical Topology
Tests Conducted for Solution Validation and Result Summary
The following tests were conducted to ensure the most appropriate solution was
defined and validated. All tests were successfully completed using the
AppDirector and Oracle E-Business Suite 12 configurations following Table 2.0.
See the embedded document on the following page for a full test plan description.
-9-
OracleEBS11i_validat
ion-test-plan.doc
EBSO Basic Health Check
Test Case
EBS Web Login Page
EBS Self-Service: Home Page
EBS Application Manager Screen
EBS Self-Service: Create a Purchase Requisition from iProcurement module
EBS Self-Service: Query a purchase requisition
EBS Forms Service: EBS Home Page
EBS Forms Service: Create User
EBS Forms Service: Query User record
EBS Web Server
Hardware Failure/Power down
Status
PASS
PASS
PASS
PASS
PASS
PASS
PASS
PASS
PASS
PASS
Load Distribution
Test Case
Status
EBS Web Server Load Balance
PASS
Fail Over server
Test Case
Status
EBS Web Server Failover
PASS
Persistency Check
Test Case
Status
EBS Web Server Session Persistence Enabled
PASS
EBS Web Server Session Persistence Disabled
PASS
EBS Web Client Session Timeout
PASS
Table 2.0 - Test Conducted for Solution Validation
- 10 -
Diagram 3.0 - E-Business Suite 12 and AppDirector Physical Topology
Primary AppDirector Configuration
Using a serial cable and a terminal emulation program, connect to the AppDirector.
The default console port settings are:
•
•
•
•
•
Bits per Second: 19200
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: None
- 11 -
1. Using the following Command line, assign management IP address
192.168.1.50 / 24 to interface MNG-1 (Dedicated Management Interface) of
the AppDirector:
net ip-interface create 192.168.1.50 255.255.255.0 MNG-1 -pa 10.168.1.51
2. Using a browser, connect to the management IP Address of the AppDirector
(192.168.1.50) via HTTP or HTTPS. The default username and password are
“radware” and “radware”. HTTPS is recommended as it is required for
TLS/SSL configuration management which will be part of the configuration.
Failure to establish a connection may be due to the following:
•
•
•
•
Incorrect IP Address in the browser
Incorrect IP Address or default route configuration in the AppDirector
Failure to enable Web Based Management or Secure Web Based
Management in the AppDirector
If the AppDirector can be successfully pinged, attempt to connect to it
via Telnet or SSH. If the pinging or the Telnet/SSH connection are
unsuccessful, reconnect to the AppDirector via its console port. Once
IP Configuration
1. From the menu, select Router IP Router Interface Parameters to
display the IP Interface Parameters page similar to the one shown below:
- 12 -
2. Click the Create button.
3. On the IP Interface Parameters Create page, enter the necessary parameters
as shown below:1
4. Click the Set button to save parameters.
5. On the IP Interface Parameters page, click the Create button to configure
another interface. enter the necessary parameters as shown below:
1
Items circled in red indicate settings that need to be entered or changed. Items not circled should
be left to default settings.
- 13 -
6. Click the Set button to save parameters.
7. Verify that the new entries were created on the IP Interface Parameters page:
- 14 -
Farm Configuration
1. From the menu, select AppDirector Farms Farm Table to display the
Farm Table page similar to the one shown below:
2. Click the Create button.
3. On the Farm Table Create page, enter the necessary parameters as shown
below:
4. Click the Set button to save parameters.
Note: The following two farms, Server_53_Farm and Server_56_Farm were
created for administrative and maintenance of the servers and are a one to one
mapping of a server to a farm.
5. On Farm Table page Click the Create button to configure another farm. enter
the necessary parameters as shown below:
- 15 -
6. Click the Set button to save parameters.
7. On Farm Table page Click the Create button to configure another farm. enter
the necessary parameters as shown below:
8. Click the Set button to save parameters.
9. Verify that the new entries are created on the Farm Table page:
Caching
With caching there may be a need to create exceptions for certain URI’s. We had a
need to create an exception for our deployment.
There is a Dashboard page used by EBS administrators to check the health and
status of the EBS servers. On the page there are tabs that reference overview,
performance, critical activities, diagnostics, business flows, security and software
updates.
The issue with caching this page is that the URI looks the same to the cache no
mater what tab is selected and therefore the page view never changes, it’s stuck
on the cached page
You can create an exception in the AppDirector or Install and configure Oracle
Application Server Web Cache and create the exception rule their (see appendix
3 Oracle Application Server Web Cache - Caching Rules for more details)
- 16 -
Create Cache URL Exceptions Rule-Lists
1. From the menu, select AppDirector Layer 4 Traffic Redirection Cache
URL Exceptions Rule-Lists to display the Cache URL Exceptions
Rule-Lists page similar to the one shown below:
2. Click the Create button.
3. On the Cache URL Exceptions Rule-Lists Create page, enter the necessary
parameters as shown below.
Where the URL is: /OA_HTML/weboam/oam/oamApps$target=VIS
4. Click the Set button to save the parameters.
5. Verify that the new entries were created on the Cache URL Exceptions
Rule-Lists page:
- 17 -
Create Cache Policy
1. From the menu, select AppDirector Layer 4 Traffic Redirection Caching Policies to display the Caching Policies page similar to the one
shown below:
2. Click the Create button.
3. On the Caching Policies Create page, enter the necessary parameters as
shown below.
4. Click the Set button to save the parameters.
Create Compression Policy
1. From the menu, select AppDirector Layer 4 Traffic Redirection Compression Policies to display the Compression Policies page similar to
the one shown below:
2. Click the Create button.
- 18 -
3. On the Caching Policies Create page, enter the necessary parameters as
shown below.
Note: Hardware compression is a hardware option that must be supported.
4. Click the Set button to save the parameters.
Create SSL Certificate
1. From the menu, select Security Certificates Table to display the
Certificates Table page similar to the one shown below:
2. Click the Create button.
3. On the Certificates Table Create page, enter the necessary parameters as
shown below.
- 19 -
4. There will be a popup when you click on the Key Passphrase field, asking you
to enter in a “Passphrase”, as shown below.
5. Click the Set button to save the Passphrase.
6. Click the Set button to save the Certificate parameters.
7. Verify that the new entries are created on the Certificate Table page:
- 20 -
Create SSL Policy
1. From the menu, select AppDirector Layer 4 Traffic Redirection SSL
Policies to display the SSL Policies page similar to the one shown below:
2. Click the Create button.
3. On the SSL Policies Create page, enter the necessary parameters as shown
below.
4. Click the Set button to save the parameters.
Create Layer 4 Policy
1. From the menu, select AppDirector Layer 4 Traffic Redirection Layer 4
Policies to display the L4 Policies page similar to the one shown below:
2. Click the Create button.
3. On the L4 Policies Create page, enter the necessary parameters as shown
below.
- 21 -
4. Click the Set button to save the parameters.
5. On L4 Policies page Click the Create button to configure another L4 Policy.
Enter the necessary parameters as shown below:
Note: The following layer 4 policies, EBS_Server_53 and EBS_Server_56, were
created for administrative and maintenance and are a one to one mapping of the
VIP and servers.
- 22 -
6. Click the Set button to save the parameters.
7. On L4 Policies page Click the Create button to configure another L4 Policy.
Enter the necessary parameters as shown below:
- 23 -
8. Click the Set button to save the parameters.
9. Verify that the new entries were created on the L4 Policies page:
Configure L7 Persistency for the web farm
Persistence is handled at the web tier with cookie insertion and removal
configured in Extended Farm Parameters as seen below.
1. From the menu, select AppDirector Farms Extended Parameters to
display the Extended Farm Parameters page similar to the one shown.
2. Select the “web server farm” under the Farm Name to display the Extended
Farm Parameters Update page, enter the necessary parameters as shown
below:
3. Click the Set button to save parameters.
Note: Close Session At Aging: will reset sessions if still existing when their
Aging Time expires. This will ensure any clean-up of abandoned sessions which
could hold state on the servers inadvertently.
- 24 -
Note: Configuring Cookie Insertion for Web Service HTTP Persistence in the
Extended Farm Parameters Update page generates all of the L7 persistence
logic automatically from the single drop down menu. See Appendix 4 to view and
better understand the entries that auto generate to facilitate this function. Cookies
are inserted on reply and removed on request.
Adding Servers to the Farm
1. From the menu, select AppDirector Servers Application Servers Table to display the Server Table page similar to the one shown below:
2. Click the Create button
3. On the Server Table Create page, enter the necessary parameters as shown
below:
4. Click the Set button to save parameters.
5. On Server Table page Click the Create button to configure another server.
enter the necessary parameters as shown below:
- 25 -
6. Click the Set button to save parameters.
7. On Server Table page Click the Create button to configure another server.
enter the necessary parameters as shown below:
8. Click the Set button to save parameters.
9. On Server Table page Click the Create button to configure another server.
enter the necessary parameters as shown below:
- 26 -
10. Click the Set button to save parameters.
11. Verify that the new entries were created on the Server Table page:
Health Monitoring
1. From the menu, select Health Monitoring Global Parameters to display
the Health Monitoring Global Parameters page.
2. On the Health Monitoring Global Parameters page, change the parameters
as shown below:
- 27 -
3. Click the Set button to save parameters.
Create the Health Monitoring Checks.
1. From the menu, select Health Monitoring Check Table to display the
Health Monitoring Check Table page similar to the one shown below:
2. Click the Create button.
3. Create a set of health checks for the web servers. On the Health Monitoring
Check Table Create page, enter the necessary parameters as shown below:
4. Before clicking the Set button, choose the button next to Arguments
populate the specific logic settings related to the method for this check.
5. Enter the information below:
- 28 -
to
6. Click the Set button for the Method Arguments and click the Set button again in
the Health Monitoring Check Table Create window.
7. Repeat the steps 5-10 to create the second server health check for web server
web_56, host 10.10.10.56.
8. Verify the new entries were created on the Health Monitoring Check Table
The status of this check may display “Unknown” until the server replies
successfully to the AppDirector’s check.
- 29 -
Binding Health Checks to Servers
1. From the menu, select Health Monitoring Binding Table to display the
Health Monitoring Binding Table page similar to the one shown below:
2. Click the Create button.
3. Create the health check binding for the web servers. On the Health
Monitoring Binding Table Create page, enter the necessary parameters as
shown below:
4. Click the Set button to save parameters.
5. Repeat the steps 2-5 to bind the second web server health check.
Web_56: Farm web server farm - 10.10.10.56 – 8010.
6. Verify that the new entries were created on the Health Monitoring Binding
Table page:
- 30 -
General Redundant Configuration Notes
For complete high-availability, Radware encourages implementing pairs of
AppDirector units in an Active / Backup configuration. If your implementation of
this architecture includes only a single AppDirector, then it is unnecessary to follow
the steps in this section.
Primary AppDirector VRRP Configuration
1. From the menu, select AppDirector Redundancy Global Configuration
and set the parameters as noted below:
2. Click the Set button to save these changes.
Primary Virtual Routers
1. From the menu, select AppDirector Redundancy VRRP Virtual
Routers to display the Virtual Router Table page similar to the one shown
below.
- 31 -
2. Click the Create button
3. On the Virtual Router Table page, enter the necessary parameters as shown
below.
4. Click the Set button to save the parameters.
5. On the Virtual Router Table Create page, click the Create button to configure
another interface. enter the necessary parameters as shown below:
6. Click the Set button to save the parameters.
7. Verify that the new entries were created on the Virtual Router Table page:
- 32 -
Primary Associated IP Addresses
1. From the menu, select AppDirector Redundancy VRRP Associated
IP Addresses to display the Associated IP Addresses page similar to the
one shown below:
2. Click the Create button
3. On the Associated IP Addresses Create page, enter the necessary
parameters as shown below:
4. Click the Set button to save the parameters
5. Repeat the steps 2-4 to create the associated IP Addresses
76.197.19.55((VIP), VR ID = 1), 76.197.19.53((VIP), VR ID = 1) and
76.197.19.56((VIP), VR ID = 1). Also associate 10.10.10.1((default gateway
for the web servers), VR ID = 2).
6. Verify that the new entries were created on the Associated IP Addresses
page:
7. Go to AppDirector Redundancy VRRP Virtual Routers and click on
the link to If Index G-1
- 33 -
8. Raise all of the Virtual interfaces to up by selecting VRIDs to All Up click the
Set button to save the parameters.
9. Make certain that the State of this VR is displayed as Master in the Virtual
Router table:
Primary Mirroring
1. Go to AppDirector Redundancy Mirroring Active Device
Parameters and set the Client Table Mirroring status to enable:
- 34 -
2. Click the Set button to save the parameters.
3. From the menu, select AppDirector Redundancy Mirroring Mirror
Device Parameters to display the Mirror Device Parameters page similar to
the one shown below.
4. Click the Create button
5. On the Mirror Device Parameters page, enter the necessary parameters as
shown below:
Note: This sets the Backup AD IP used as the target address for mirroring traffic.
6. Click the Set button to save the parameters.
This completes the configuration of the Primary AppDirector.
- 35 -
Auto-Generate the Backup AppDirector Configuration
To create the Backup AppDirector configuration is very easy.
Once the Backup AppDirector is configured for basic IP connectivity and is
available to the network, simply export the Backup Configuration file from the
Primary AppDirector and upload it to the Backup AppDirector. The steps are
defined below.
Setting up basic IP connectivity on the Backup AppDirector
Using a serial cable and a terminal emulation program, connect to the AppDirector.
The default console port settings are:
• Bits per Second: 19200
• Data Bits: 8
• Parity: None
• Stop Bits: 1
• Flow Control: None
1. Using the following Command line, assign management IP address
192.168.1.51 / 24 to interface MNG-1 (Dedicated Management Interface) of the
AppDirector:
net ip-interface create 192.168.1.51 255.255.255.0 MNG-1 -pa 192.168.1.50
2. Using a browser, connect to the management IP Address of the AppDirector
(192.168.1.51) via HTTP or HTTPS. The default username and password are
“radware” and “radware”.
Failure to establish a connection may be due to the following:
•
•
•
•
Incorrect IP Address in the browser
Incorrect IP Address or default route configuration in the AppDirector
Failure to enable Web Based Management or Secure Web Based
Management in the AppDirector
If the AppDirector can be successfully pinged, attempt to connect to it
via Telnet or SSH. If the pinging or the Telnet/SSH connection are
unsuccessful, reconnect to the AppDirector via its console port.
- 36 -
Auto Generating the Backup Configuration from the Primary AppDirector
1. From the web interface menu of the Primary AppDirector, select File
Configuration Receive from Device to display the Download
Configuration File page similar to the one shown below:
Note: Switch from the Backup to Primary AppDirector to auto-generate the
Backup configuration file.
2. On the Configuration File Download page, choose the necessary
parameters as shown below:
- 37 -
3. Click the Set button to launch save file window.
4. Click the SAVE button to save the file to a local directory.
Upload the Backup Configuration file to the Backup AppDirector
1. From the web interface menu of the Backup AppDirector, select File Configuration Send to Device to display the Configuration File Upload
page similar to the one shown below:
- 38 -
Note: Clicking the Browse button and navigate to the updated configuration file.
2. Click the Set button to upload the configuration. The Backup device will reboot
and be ready for use.
This completes the configuration of the Backup AppDirector.
- 39 -
Appendix
Appendix 1 - Primary AppDirector Configuration File
!
!Device Configuration
!Date: 13-06-2009 00:36:38
!DeviceDescription: AppDirector with Cookie Persistency
!Base MAC Address: 00:03:b2:3d:dc:00
!Software Version: 2.10.00 (Build date Apr 7 2009, 22:33:12,Build#150)
!APSolute OS Version: 10.31-03.05(40):2.06.09
!
!
! The following commands will take effect only
! once the device has been rebooted!
!
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
manage
system
system
system
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
snmp
tune
tune
tune
bridge-fft-table set 1024
ip-fft-table set 240000
arp-table set 1024
client-table set 1200000
routing-table set 512
url-table set 256
request-table set 5000
nat-address-table set 4
nat-ports-table set 64511
session-id-table set 32000
l3-client-table-size set 20
outbound-nat-address set 1
outbound-nat-ports set 64511
outbound-intrcpt-tbl set 4
radius-attribute-table set 1
segments set 15
l4-policy-table set 512
static-dns-persistency set 5
dynamic-dns-persistency set 10
versions-after-reset set "v1 & v2c & v3"
session-pasv-protocols set 16
session set 512
session-resets set 100
!
! The following commands take effect immediately
! upon execution!
!
health-monitoring check create Web_53 -id 4 -m HTTP -p 8010 -a \
PATH=/OA_HTML/AppsLogin.jsp|HOST=10.10.10.53|MTD=G|PRX=N|NOCACHE=N|C1=200| \
-d 10.10.10.53
health-monitoring check create web_56 -id 8 -m HTTP -p 8010 -a \
PATH=/OA_HTML/AppsLogin.jsp|HOST=10.10.10.56|MTD=G|PRX=N|NOCACHE=N|C1=200| \
-d 10.10.10.56
net ip-interface create 10.10.10.1 255.255.255.0 G-11 -pa 10.10.10.2
net ip-interface create 76.197.19.61 255.255.255.240 G-1 -pa \
76.197.19.63
net ip-interface create 192.168.1.50 255.255.255.0 MNG-1 -pa \
192.168.1.51
net route table create 0.0.0.0 0.0.0.0 76.197.19.62 -i G-1
redundancy mode set VRRP
appdirector farm table setCreate "web server farm" -at 7300 -cm \
"No Checks" -sm RemoveOnSessionEnd-SPS
appdirector farm table setCreate "Server_53_Farm " -at 7300
appdirector farm table setCreate Server_56_Farm -at 7300
appdirector farm server table create "Server_53_Farm " 10.10.10.53 None \
-sn EBS_Server_53 -id 23
appdirector farm server table create Server_56_Farm 10.10.10.56 None -sn \
EBS_Server_56 -id 22
appdirector farm server table create "web server farm" 10.10.10.53 8010 \
-sn Web_Server_53 -id 27
- 40 -
appdirector farm server table create "web server farm" 10.10.10.56 8010 \
-sn Web_Server_56 -id 28
appdirector l7 farm-selection method-table setCreate Auto-G_Cookie_web_s \
-cm "Set Cookie" -ma KEY=yI8cugcRkX|VAL=$Server_SID_Cookie|P=/|
appdirector l7 farm-selection method-table setCreate Auto-G_RCookie_web_ \
-cm Cookie -ma KEY=yI8cugcRkX|
redundancy interface-group set Enabled
appdirector dns status set Disabled
appdirector nat server status set disable
redundancy mirror main client-status set Enabled
redundancy mirror address setCreate 76.197.19.63
appdirector dns two-records set Disabled
redundancy backup-in-vlan set Disabled
appdirector farm connectivity-check httpcode setCreate "web server farm"\
"200 - OK"
appdirector farm connectivity-check httpcode setCreate "Server_53_Farm "\
"200 - OK"
appdirector farm connectivity-check httpcode setCreate Server_56_Farm\
"200 - OK"
appdirector l7 server-persistency static-persist-table setCreate\
"web server farm" WGZaq0HAer0K -sa 10.10.10.53 -sp 8010 -fl 1
appdirector l7 server-persistency static-persist-table setCreate\
"web server farm" tEz9r2P2Ek9l -sa 10.10.10.56 -sp 8010 -fl 1
appdirector nat server specific-nat-address set 0.0.0.0
redundancy backup-fake-arp set Enabled
net next-hop-router setCreate 76.197.19.62 -id 10 -fl 1
appdirector farm nhr setCreate 0.0.0.0 -ip 76.197.19.62 -fl 1
appdirector farm extended-params set "web server farm" -sc Enabled -ic \
"Enable and remove cookie on return path"
appdirector nat client address-range setCreate 10.10.10.100 -t \
10.10.10.100
appdirector nat client range-to-nat setCreate 10.10.10.50 -t 10.10.10.53
appdirector nat client status set Disabled
redundancy backup-interface-group set Enabled
system internal appdirector full-session-id-table setCreate\
"web server farm" 0 TCP -k yI8cugcRkX -l Cookie -fl 1
net vlan-tag-handling set Overwrite
appdirector nat outbound status set Disabled
appdirector segmentation nhr-table setCreate DefaultNHR -ip 76.197.19.62 \
-fl 1
appdirector l4-policy caching-url-rules-lists create\
EBS_App_Dashboard_VIS tabs -u /OA_HTML/weboam/oam/oamApps$target=VIS
appdirector l4-policy ssl-policy create EBS -c ebs -lp 8010
appdirector l4-policy compression create EBS_Cache -pe Hardware
appdirector l4-policy caching create EBS_Cache -r EBS_App_Dashboard_VIS
appdirector l4-policy table create 76.197.19.53 TCP Any 0.0.0.0\
EBS_Server_53 -fn "Server_53_Farm "
appdirector l4-policy table create 76.197.19.56 TCP Any 0.0.0.0\
EBS_Server_56 -fn Server_56_Farm
appdirector l4-policy table create 76.197.19.55 TCP 443 0.0.0.0 SecureEBS \
-fn "web server farm" -ta HTTPS -sl EBS -co EBS_Cache -ca EBS_Cache
redundancy vrrp automated-config-update set Enabled
appdirector l7 modification table setCreate Auto-G_Cookie_web_s -i 0 -f \
"web server farm" -d Reply -am Auto-G_Cookie_web_s
appdirector l7 modification table setCreate Auto-G_RCookie_web_ -i 0 -f \
"web server farm" -ac Remove -mm Auto-G_RCookie_web_
redundancy global-configuration failure-action set Ignore
health-monitoring binding create 4 27
health-monitoring binding create 8 28
health-monitoring status set enable
health-monitoring response-level-samples set 0
redundancy vrrp virtual-routers create G-1 1 -as Up -p 255 -pip \
76.197.19.61
redundancy vrrp virtual-routers create G-11 2 -as Up -p 255 -pip \
10.10.10.1
redundancy vrrp associated-ip create G-1 1 76.197.19.61
redundancy vrrp associated-ip create G-1 1 76.197.19.55
redundancy vrrp associated-ip create G-11 2 10.10.10.1
redundancy vrrp associated-ip create G-1 1 76.197.19.53
redundancy vrrp associated-ip create G-1 1 76.197.19.56
manage user table create radware -pw GndridF04zNWSGOrZjKFV78REiEra/Qm
manage telnet status set enable
- 41 -
manage telnet server-port set 23
manage web status set enable
manage ssh status set enable
manage secure-web status set enable
services dns client primary-server set 68.94.156.1
services dns client alt-server set 0.0.0.0
services dns client status set Enabled
services dns client static-table setCreate narmada.estuate -i \
76.197.19.53
services dns client static-table setCreate kaveri.estuate -i \
76.197.19.56
services dns client static-table setCreate appdirector.estuate -i \
76.197.19.55
manage ftp server-port set 21
manage ftp status set enable
redundancy arp-interface-group set Send
net l2-interface set 100001 -ad up
net l2-interface set 100063 -ad up
redundancy vrrp global-advertise-int set 0
manage snmp groups create SNMPv1 public -gn initial
manage snmp groups create SNMPv1 ReadOnlySecurity -gn InitialReadOnly
manage snmp groups create SNMPv2c public -gn initial
manage snmp groups create SNMPv2c ReadOnlySecurity -gn InitialReadOnly
manage snmp groups create UserBased radware -gn initial
manage snmp groups create UserBased ReadOnlySecurity -gn InitialReadOnly
manage snmp access create initial SNMPv1 noAuthNoPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly SNMPv1 noAuthNoPriv -rvn \
ReadOnlyView
manage snmp access create initial SNMPv2c noAuthNoPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly SNMPv2c noAuthNoPriv -rvn \
ReadOnlyView
manage snmp access create initial UserBased authPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly UserBased authPriv -rvn \
ReadOnlyView
manage snmp views create iso 1
manage snmp views create ReadOnlyView 1
manage snmp views create ReadOnlyView 1.3.6.1.4.1.89.2.7.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.18.1.1 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.15.1.2.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.4.1.89.35.1.61 -cm \
excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.4 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.5 -cm excluded
manage snmp notify create allTraps -ta v3Traps
manage snmp global engine-id set 80000059030003b23ddc00
manage snmp users create radware -cf 0.0 -ap MD5 -akc \
54118f8ecffedac7e39d16b7c9cab095 -pp DES -pkc \
54118f8ecffedac7e39d16b7c9cab095
manage snmp target-address create v3MngStations -tl v3Traps -p \
radware-authPriv
manage snmp target-parameters create public-v1 -d SNMPv1 -sm SNMPv1 -sn \
public -sl noAuthNoPriv
manage snmp target-parameters create public-v2 -d SNMPv2c -sm SNMPv2c -sn \
public -sl noAuthNoPriv
manage snmp target-parameters create radware-authPriv -d SNMPv3 -sm \
UserBased -sn radware -sl authPriv
manage snmp community create public -n public -sn public
services auditing status set enable
manage telnet session-timeout set 5
manage telnet auth-timeout set 30
system diagnostics policies setCreate Login -i 2 -tr Disabled
system diagnostics capture output file set "ram drive"
system diagnostics capture output term set Disabled
system diagnostics trace-log output file set "ram drive and flash"
system diagnostics trace-log output term set Disabled
system diagnostics trace-log output syslog set Disabled
system diagnostics trace-log modules set HMM -st Enabled -sev Info
system diagnostics capture point set both
- 42 -
redundancy force-down-ports-time set 0
system diagnostics capture traffic-match-mode set "Inbound and Outbound"
appdirector global connectivity-check tcp-timeout set 3
security certificate table \
Name: ebs \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIBrDCCARUCAjsBMA0GCSqGSIb3DQEBBAUAMB4xHDAaBgNVBAMTE2FwcGRpcmVj \
dG9yLmVzdHVhdGUwHhcNMDkwNTEzMjE1NjM5WhcNMTAwNTEzMjE1NjM5WjAeMRww \
GgYDVQQDExNhcHBkaXJlY3Rvci5lc3R1YXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GN \
ADCBiQKBgQDOjLvulEWsrZnqSy4bX/EXzpAUXUJX8QW6HlBC0LSWKPFOdZadL2vu \
bUQNzpDDC2lYcTvqpsttxOAovz/LJFshmDLDGcQR4wVk6EhXMuKSbsLdCwLwhLBE \
dSR78hKpFNlEZ0sVgOAdtIdI+duyj+cwNBhr81/rqgLbHzp2OfPI9wIDAQABMA0G \
CSqGSIb3DQEBBAUAA4GBAFUoMefPH46+zAW3hl5PQnw4spgdbB6kYx350YDE9Oeq \
kyGPvFubNB+P6G7c+C7ToIcvrYSr778+8BAiPH5ZOKgOR1G1TuZ3W8IGOcbtbRyk \
9jXel/an+3ytgMduTenIGGnW3jreF3VlDdquGxMqsF9xNaqDgokksPz9NVguLNKM \
-----END CERTIFICATE----- \
Name: radware \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIB1TCCAX8CAhKeMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRAwDgYD \
VQQIEwdSYWR3YXJlMRAwDgYDVQQHEwdSYWR3YXJlMRMwEQYDVQQDEwoxMC4xMC4x \
MC4xMRAwDgYDVQQKEwdSYWR3YXJlMRswGQYDVQQLExJSYWR3YXJlIHdlYiBzZXJ2 \
ZXIwHhcNMDkwNTEzMDUzNjI2WhcNMTAwNTEzMDUzNjI2WjB1MQswCQYDVQQGEwJV \
UzEQMA4GA1UECBMHUmFkd2FyZTEQMA4GA1UEBxMHUmFkd2FyZTETMBEGA1UEAxMK \
MTAuMTAuMTAuMTEQMA4GA1UEChMHUmFkd2FyZTEbMBkGA1UECxMSUmFkd2FyZSB3 \
ZWIgc2VydmVyMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALBjDweCfhoVHE/CgoNa \
Ib87PK5dbEikaAQzJ2yhK+fHFfgqro5xKElXv3GJE7E+pxZxOsz2YAjgkJK9EE4z \
RaUCAwEAATANBgkqhkiG9w0BAQQFAANBAJw9yoPPd8dX6PXPhPP56JfmbvvPrZzk \
5P4SASgQjccGEY6BhhNYAr++Iz/94CIdima3VrfHz+HQ3dSveYAAWv8= \
-----END CERTIFICATE----- \
Name: rdwrhmm \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIB8zCCAZ0CAjQbMA0GCSqGSIb3DQEBBAUAMIGDMQswCQYDVQQGEwJVUzEQMA4G \
A1UECBMHUmFkd2FyZTEQMA4GA1UEBxMHUmFkd2FyZTEaMBgGA1UEAxMRUlcgU1NM \
IG1vbml0b3JpbmcxEDAOBgNVBAoTB1JhZHdhcmUxIjAgBgNVBAsTGVJhZHdhcmUg \
SGVhbHRoIE1vbml0b3JpbmcwHhcNMDkwNTEzMDUzNjI5WhcNMTAwNTEzMDUzNjI5 \
WjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB1JhZHdhcmUxEDAOBgNVBAcTB1Jh \
ZHdhcmUxGjAYBgNVBAMTEVJXIFNTTCBtb25pdG9yaW5nMRAwDgYDVQQKEwdSYWR3 \
YXJlMSIwIAYDVQQLExlSYWR3YXJlIEhlYWx0aCBNb25pdG9yaW5nMFwwDQYJKoZI \
hvcNAQEBBQADSwAwSAJBAKparPI9S+NfFuNss3oRc8LOjk3P2HN9j7qG7/Y3NNj0 \
4dBZzeqfoBfsDJGETshWIP51KXruegRjCvix++OepuUCAwEAATANBgkqhkiG9w0B \
AQQFAANBAE/tsy6YT6nxO/0cLCUy6kSLvWK/Y/tvn55TeutPjpBegsbqAAUlif9W \
KsH/haHEOfXEK8NmOa6BOS8ku488DKI= \
-----END CERTIFICATE----!File Signature: 76bf772ea8d8ac2d2ca683f87b8dc9c4
Appendix 2 - Backup AppDirector Configuration File
!
!Device Configuration
!Date: 13-06-2009 00:35:06
!DeviceDescription: AppDirector with Cookie Persistency
!Base MAC Address: 00:03:b2:3d:dc:00
!Software Version: 2.10.00 (Build date Apr 7 2009, 22:33:12,Build#150)
!APSolute OS Version: 10.31-03.05(40):2.06.09
!
!
! The following commands will take effect only
! once the device has been rebooted!
!
system tune bridge-fft-table set 1024
system tune ip-fft-table set 240000
system tune arp-table set 1024
- 43 -
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
system
manage
system
system
system
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
tune
snmp
tune
tune
tune
client-table set 1200000
routing-table set 512
url-table set 256
request-table set 5000
nat-address-table set 4
nat-ports-table set 64511
session-id-table set 32000
l3-client-table-size set 20
outbound-nat-address set 1
outbound-nat-ports set 64511
outbound-intrcpt-tbl set 4
radius-attribute-table set 1
segments set 15
l4-policy-table set 512
static-dns-persistency set 5
dynamic-dns-persistency set 10
versions-after-reset set "v1 & v2c & v3"
session-pasv-protocols set 16
session set 512
session-resets set 100
!
! The following commands take effect immediately
! upon execution!
!
health-monitoring check create Web_53 -id 4 -m HTTP -p 8010 -a \
PATH=/OA_HTML/AppsLogin.jsp|HOST=10.10.10.53|MTD=G|PRX=N|NOCACHE=N|C1=200| \
-d 10.10.10.53
health-monitoring check create web_56 -id 8 -m HTTP -p 8010 -a \
PATH=/OA_HTML/AppsLogin.jsp|HOST=10.10.10.56|MTD=G|PRX=N|NOCACHE=N|C1=200| \
-d 10.10.10.56
net ip-interface create 10.10.10.2 255.255.255.0 G-11 -pa 10.10.10.1
net ip-interface create 76.197.19.63 255.255.255.240 G-1 -pa \
76.197.19.61
net ip-interface create 192.168.1.51 255.255.255.0 MNG-1 -pa \
192.168.1.50
net route table create 0.0.0.0 0.0.0.0 76.197.19.62 -i G-1
redundancy mode set VRRP
system mib2-name set AppDirector_peer
appdirector farm table setCreate "web server farm" -at 7300 -cm \
"No Checks" -sm RemoveOnSessionEnd-SPS
appdirector farm table setCreate "Server_53_Farm " -at 7300
appdirector farm table setCreate Server_56_Farm -at 7300
appdirector farm server table create "Server_53_Farm " 10.10.10.53 None \
-sn EBS_Server_53 -id 23
appdirector farm server table create Server_56_Farm 10.10.10.56 None -sn \
EBS_Server_56 -id 22
appdirector farm server table create "web server farm" 10.10.10.53 8010 \
-sn Web_Server_53 -id 27
appdirector farm server table create "web server farm" 10.10.10.56 8010 \
-sn Web_Server_56 -id 28
appdirector l7 farm-selection method-table setCreate Auto-G_Cookie_web_s \
-cm "Set Cookie" -ma KEY=yI8cugcRkX|VAL=$Server_SID_Cookie|P=/|
appdirector l7 farm-selection method-table setCreate Auto-G_RCookie_web_ \
-cm Cookie -ma KEY=yI8cugcRkX|
redundancy interface-group set Enabled
appdirector dns status set Disabled
appdirector nat server status set disable
redundancy mirror backup status set Enabled
redundancy mirror main client-status set Disabled
appdirector dns two-records set Disabled
redundancy backup-in-vlan set Enabled
appdirector farm connectivity-check httpcode setCreate "web server farm"\
"200 - OK"
appdirector farm connectivity-check httpcode setCreate "Server_53_Farm "\
"200 - OK"
appdirector farm connectivity-check httpcode setCreate Server_56_Farm\
"200 - OK"
appdirector l7 server-persistency static-persist-table setCreate\
"web server farm" WGZaq0HAer0K -sa 10.10.10.53 -sp 8010 -fl 1
- 44 -
appdirector l7 server-persistency static-persist-table setCreate\
"web server farm" tEz9r2P2Ek9l -sa 10.10.10.56 -sp 8010 -fl 1
appdirector nat server specific-nat-address set 0.0.0.0
redundancy backup-fake-arp set Enabled
net next-hop-router setCreate 76.197.19.62 -id 10 -fl 1
appdirector farm nhr setCreate 0.0.0.0 -ip 76.197.19.62 -fl 1
appdirector farm extended-params set "web server farm" -sc Enabled -ic \
"Enable and remove cookie on return path"
appdirector nat client address-range setCreate 10.10.10.100 -t \
10.10.10.100
appdirector nat client range-to-nat setCreate 10.10.10.50 -t 10.10.10.53
appdirector nat client status set Disabled
redundancy backup-interface-group set Enabled
system internal appdirector full-session-id-table setCreate\
"web server farm" 0 TCP -k yI8cugcRkX -l Cookie -fl 1
net vlan-tag-handling set Overwrite
appdirector nat outbound status set Disabled
appdirector segmentation nhr-table setCreate DefaultNHR -ip 76.197.19.62 \
-fl 1
appdirector l4-policy caching-url-rules-lists create\
EBS_App_Dashboard_VIS tabs -u /OA_HTML/weboam/oam/oamApps$target=VIS
appdirector l4-policy ssl-policy create EBS -c ebs -lp 8010
appdirector l4-policy compression create EBS_Cache -pe Hardware
appdirector l4-policy caching create EBS_Cache -r EBS_App_Dashboard_VIS
appdirector l4-policy table create 76.197.19.53 TCP Any 0.0.0.0\
EBS_Server_53 -fn "Server_53_Farm " -rs Backup
appdirector l4-policy table create 76.197.19.56 TCP Any 0.0.0.0\
EBS_Server_56 -fn Server_56_Farm -rs Backup
appdirector l4-policy table create 76.197.19.55 TCP 443 0.0.0.0 SecureEBS \
-fn "web server farm" -ta HTTPS -rs Backup -sl EBS -co EBS_Cache -ca \
EBS_Cache
redundancy mirror main dns-status set Disabled
redundancy vrrp automated-config-update set Enabled
appdirector l7 modification table setCreate Auto-G_Cookie_web_s -i 0 -f \
"web server farm" -d Reply -am Auto-G_Cookie_web_s
appdirector l7 modification table setCreate Auto-G_RCookie_web_ -i 0 -f \
"web server farm" -ac Remove -mm Auto-G_RCookie_web_
redundancy mirror main sid-status set Disabled
redundancy global-configuration failure-action set Ignore
health-monitoring binding create 4 27
health-monitoring binding create 8 28
health-monitoring status set enable
health-monitoring response-level-samples set 0
redundancy vrrp virtual-routers create G-1 1 -as Up -p 155 -pip \
76.197.19.63
redundancy vrrp virtual-routers create G-11 2 -as Up -p 155 -pip \
10.10.10.2
redundancy vrrp associated-ip create G-1 1 76.197.19.61
redundancy vrrp associated-ip create G-1 1 76.197.19.55
redundancy vrrp associated-ip create G-11 2 10.10.10.1
redundancy vrrp associated-ip create G-1 1 76.197.19.53
redundancy vrrp associated-ip create G-1 1 76.197.19.56
manage user table create radware -pw GndridF04zNWSGOrZjKFV78REiEra/Qm
manage telnet status set enable
manage telnet server-port set 23
manage web status set enable
manage ssh status set enable
manage secure-web status set enable
services dns client primary-server set 68.94.156.1
services dns client alt-server set 0.0.0.0
services dns client status set Enabled
services dns client static-table setCreate narmada.estuate -i \
76.197.19.53
services dns client static-table setCreate kaveri.estuate -i \
76.197.19.56
services dns client static-table setCreate appdirector.estuate -i \
76.197.19.55
manage ftp server-port set 21
manage ftp status set enable
redundancy arp-interface-group set Send
net l2-interface set 100001 -ad up
net l2-interface set 100063 -ad up
- 45 -
redundancy vrrp global-advertise-int set 0
manage terminal prompt set AppDirector_peer
manage snmp groups create SNMPv1 public -gn initial
manage snmp groups create SNMPv1 ReadOnlySecurity -gn InitialReadOnly
manage snmp groups create SNMPv2c public -gn initial
manage snmp groups create SNMPv2c ReadOnlySecurity -gn InitialReadOnly
manage snmp groups create UserBased radware -gn initial
manage snmp groups create UserBased ReadOnlySecurity -gn InitialReadOnly
manage snmp access create initial SNMPv1 noAuthNoPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly SNMPv1 noAuthNoPriv -rvn \
ReadOnlyView
manage snmp access create initial SNMPv2c noAuthNoPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly SNMPv2c noAuthNoPriv -rvn \
ReadOnlyView
manage snmp access create initial UserBased authPriv -rvn iso -wvn iso \
-nvn iso
manage snmp access create InitialReadOnly UserBased authPriv -rvn \
ReadOnlyView
manage snmp views create iso 1
manage snmp views create ReadOnlyView 1
manage snmp views create ReadOnlyView 1.3.6.1.4.1.89.2.7.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.18.1.1 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.15.1.2.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.4.1.89.35.1.61 -cm \
excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.2 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.4 -cm excluded
manage snmp views create ReadOnlyView 1.3.6.1.6.3.16.1.5 -cm excluded
manage snmp notify create allTraps -ta v3Traps
manage snmp global engine-id set 80000059030003b23ddc00
manage snmp users create radware -cf 0.0 -ap MD5 -akc \
54118f8ecffedac7e39d16b7c9cab095 -pp DES -pkc \
54118f8ecffedac7e39d16b7c9cab095
manage snmp target-address create v3MngStations -tl v3Traps -p \
radware-authPriv
manage snmp target-parameters create public-v1 -d SNMPv1 -sm SNMPv1 -sn \
public -sl noAuthNoPriv
manage snmp target-parameters create public-v2 -d SNMPv2c -sm SNMPv2c -sn \
public -sl noAuthNoPriv
manage snmp target-parameters create radware-authPriv -d SNMPv3 -sm \
UserBased -sn radware -sl authPriv
manage snmp community create public -n public -sn public
services auditing status set enable
manage telnet session-timeout set 5
manage telnet auth-timeout set 30
system diagnostics policies setCreate Login -i 2 -tr Disabled
system diagnostics capture output file set "ram drive"
system diagnostics capture output term set Disabled
system diagnostics trace-log output file set "ram drive and flash"
system diagnostics trace-log output term set Disabled
system diagnostics trace-log output syslog set Disabled
system diagnostics trace-log modules set HMM -st Enabled -sev Info
system diagnostics capture point set both
redundancy force-down-ports-time set 0
system diagnostics capture traffic-match-mode set "Inbound and Outbound"
appdirector global connectivity-check tcp-timeout set 3
security certificate table \
Name: ebs \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIBrDCCARUCAjsBMA0GCSqGSIb3DQEBBAUAMB4xHDAaBgNVBAMTE2FwcGRpcmVj \
dG9yLmVzdHVhdGUwHhcNMDkwNTEzMjE1NjM5WhcNMTAwNTEzMjE1NjM5WjAeMRww \
GgYDVQQDExNhcHBkaXJlY3Rvci5lc3R1YXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GN \
ADCBiQKBgQDOjLvulEWsrZnqSy4bX/EXzpAUXUJX8QW6HlBC0LSWKPFOdZadL2vu \
bUQNzpDDC2lYcTvqpsttxOAovz/LJFshmDLDGcQR4wVk6EhXMuKSbsLdCwLwhLBE \
dSR78hKpFNlEZ0sVgOAdtIdI+duyj+cwNBhr81/rqgLbHzp2OfPI9wIDAQABMA0G \
CSqGSIb3DQEBBAUAA4GBAFUoMefPH46+zAW3hl5PQnw4spgdbB6kYx350YDE9Oeq \
kyGPvFubNB+P6G7c+C7ToIcvrYSr778+8BAiPH5ZOKgOR1G1TuZ3W8IGOcbtbRyk \
9jXel/an+3ytgMduTenIGGnW3jreF3VlDdquGxMqsF9xNaqDgokksPz9NVguLNKM \
-----END CERTIFICATE----- \
- 46 -
Name: radware \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIB1TCCAX8CAhKeMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIEwdSYWR3YXJlMRAwDgYDVQQHEwdSYWR3YXJlMRMwEQYDVQQDEwoxMC4xMC4x
MC4xMRAwDgYDVQQKEwdSYWR3YXJlMRswGQYDVQQLExJSYWR3YXJlIHdlYiBzZXJ2
ZXIwHhcNMDkwNTEzMDUzNjI2WhcNMTAwNTEzMDUzNjI2WjB1MQswCQYDVQQGEwJV
UzEQMA4GA1UECBMHUmFkd2FyZTEQMA4GA1UEBxMHUmFkd2FyZTETMBEGA1UEAxMK
MTAuMTAuMTAuMTEQMA4GA1UEChMHUmFkd2FyZTEbMBkGA1UECxMSUmFkd2FyZSB3
ZWIgc2VydmVyMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALBjDweCfhoVHE/CgoNa
Ib87PK5dbEikaAQzJ2yhK+fHFfgqro5xKElXv3GJE7E+pxZxOsz2YAjgkJK9EE4z
RaUCAwEAATANBgkqhkiG9w0BAQQFAANBAJw9yoPPd8dX6PXPhPP56JfmbvvPrZzk
5P4SASgQjccGEY6BhhNYAr++Iz/94CIdima3VrfHz+HQ3dSveYAAWv8= \
-----END CERTIFICATE----- \
Name: rdwrhmm \
Type: certificate \
-----BEGIN CERTIFICATE----- \
MIIB8zCCAZ0CAjQbMA0GCSqGSIb3DQEBBAUAMIGDMQswCQYDVQQGEwJVUzEQMA4G
A1UECBMHUmFkd2FyZTEQMA4GA1UEBxMHUmFkd2FyZTEaMBgGA1UEAxMRUlcgU1NM
IG1vbml0b3JpbmcxEDAOBgNVBAoTB1JhZHdhcmUxIjAgBgNVBAsTGVJhZHdhcmUg
SGVhbHRoIE1vbml0b3JpbmcwHhcNMDkwNTEzMDUzNjI5WhcNMTAwNTEzMDUzNjI5
WjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB1JhZHdhcmUxEDAOBgNVBAcTB1Jh
ZHdhcmUxGjAYBgNVBAMTEVJXIFNTTCBtb25pdG9yaW5nMRAwDgYDVQQKEwdSYWR3
YXJlMSIwIAYDVQQLExlSYWR3YXJlIEhlYWx0aCBNb25pdG9yaW5nMFwwDQYJKoZI
hvcNAQEBBQADSwAwSAJBAKparPI9S+NfFuNss3oRc8LOjk3P2HN9j7qG7/Y3NNj0
4dBZzeqfoBfsDJGETshWIP51KXruegRjCvix++OepuUCAwEAATANBgkqhkiG9w0B
AQQFAANBAE/tsy6YT6nxO/0cLCUy6kSLvWK/Y/tvn55TeutPjpBegsbqAAUlif9W
KsH/haHEOfXEK8NmOa6BOS8ku488DKI= \
-----END CERTIFICATE-----
\
\
\
\
\
\
\
\
\
\
\
\
\
\
\
\
\
\
\
!File Signature: 5cbe88d0b78986712028fcabafac81b9
Appendix 3 - Oracle Application Server Web Cache - Caching Rules
E-Business Suite does not have any method to implement Caching Rules to
determine what object/page/URI to Cache and which you don’t.
You will have to install/integrate separate Application Oracle Application Server
Web Cache which is designed to help E-Business Suite system combines caching,
compression and assembly technologies to accelerate the delivery of both static
and dynamically generated Web content.
The Caching Rules in Oracle Application Server Web Cache determine which
E-Business Suite objects are cached. Oracle Application Server Web Cache
10g ships with a set of predefined caching, personalization and compression rules
for all the sites. You can choose to delete those rules if they are not applicable to
any site in your web cache configuration.
For Installing Oracle Application Server Web Cache and integrating it with
E-Business Suite 12i please refer Note: 380486.1 Section 4.
For Implementing Caching Rules Please refer Note: 380486.1 Section 5.2. Table
in Section 5.2 shows example how you can set specific URL Expression to
“Cache” or “Don’t Cache”
Example: Here is a URI that needs an exception rule not to cache the content.
Below is a screen shot of the Dashboard page used by EBS administrators to
check the health and status of the EBS servers.
- 47 -
There are tabs that reference overview, performance, critical activities, diagnostics,
business flows, security and software updates.
The issue with caching this page is that the URI looks the same to the cache no
mater what tab is selected and therefore the page view never changes, it’s stuck
on the cached page.
An exception rule can be created in the AppDirector or in Oracle Application Server
Web Cache.
Appendix 4 - Insert Cookie - Auto Generated Configuration
Below are the entries that get generated by enabling insert cookie.
From the menu, select AppDirector Layer 7 Farm Selection Methods to
display the Methods Table page similar to the one shown below:
- 48 -
Select “Auto-G Cookie web s” from the Method Table to display the Methods
Table Update page similar to the one shown.
Select
to see the Arguments values.
Select “Auto-G RCookie web” from the Method Table to display the Methods
Table Update page similar to the one shown.
- 49 -
Select
to see the Arguments values.
From the menu, select AppDirector Layer 7 Modification Rules to display
the Layer 7 Modification Table page similar to the one shown below:
Select “Auto-G Cookie web s” from the Layer 7 Modification Table to display
the Layer 7 Modification Table Update page similar to the one shown.
- 50 -
Select “Auto-G RCookie web” from the Layer 7 Modification Table to display
the Layer 7 Modification Table Update page similar to the one shown.
From the menu, select AppDirector Layer 7 Server Persistence Text
Match to display the Text Match Session ID Persistence page similar to the one
shown below:
- 51 -
Select “web server farm” from the Text Match Session ID Persistence to
display the Text Match Session ID Persistence Update page similar to the one
shown.
From the menu, select AppDirector Layer 7 Server Persistence Static
Session ID Persistency to display the Static Session ID Persistency page
similar to the one shown below:
- 52 -
Select “WGZaq0HAer0K” from the Static Session ID Persistency page to
display the Static Session ID Persistency Update page similar to the one shown.
Select “tEz9r2P2Ek9l” from the Static Session ID Persistency page to display
the Static Session ID Persistency Update page similar to the one shown.
- 53 -
Radware Technical Support
Radware offers technical support for all of its products through the Radware
Certainty Support Program. Please refer to your Certainty Support contract, or the
Radware Certainty Support Guide available at:
http://www.radware.com/content/support/supportprogram/default.asp.
For more information, please contact your Radware Sales representative or:
U.S. and Americas: (866) 234-5763
International: +972(3) 766-8666
© 2008 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service
names are registered trademarks or trademarks of Radware in the U.S. and other countries. All
other trademarks and names are the property of their respective owners.
- 54 -

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz