We have configured below mentioned topics in Muthoot cluster.
Network Interface - LAN & WAN
SD-WAN Rule
Port Forwarding Rule
SD-WAN Network
1. Network Interface - LAN & WAN
First we have configured WAN port on Port1 which is DHCP and Port3 as Static wan, and LAN has been configured on port4 configuration as below.
you can check interface configuration from Profile > Network Interface
1.1 WAN-BB (WAN) - DHCP metric value of 1 and Port1
1.2. WAN-IIL (WAN) -Static metric Value of 50 and Port3
1.3. lanconfig (LAN) - 10.73.217.1/24 on port4
2. SD-WAN Rule for Active-Active Traffic: SD-WAN rule define redundancy of WAN up link where we assign both WAN links and provide priority.
you can check SD-WAN Rule configuration by following below steps.
here we have configured both links as Active-Active Load-balancing.
Your Cluster > SD-WAN > SD-WAN Rule
As below we have gave name to profile as Active-Active and Check interval value as 2 sec every 2 sec system will check both links failure.
On first interface we have selected WAN-BB interface and applied default SLA.
set Weight as 1 and Priority as High.
Weight define packet distribution and Priority define Link Priority it self , Because we have gave same weight and same priority it will work as Active-Active and Load-Balancing.
Packet will go one by one from both links as well as both link will be available for fail-over.
3. Port Forwarding Rule : In which traffic coming on specific port forwarding to given destination and port.
Go to Cluster > Profile > IP Reservation/Port Forwarding
As shown below we have created multiple rules with Port Forwarding enabled.
Below you can see any traffic coming on port 10001 should go to 123.63.252.241 on LanConfig lan interface.
We have created another rule which is responsible for PortForwardingReverseRule
For Source address which we have added in Source and port traffic will be forwarded to Destination we have gave in this case it is WAN-IIL link.
4. SD-WAN Network : SD-Wan will provide connectivity between multiple branches.
follow below steps to check and update config for SD-wan. because SD-WAN created at parent level got to parent cluster.
Parent Cluster > SD-WAN > Networks
here you can see SD-WAN overview like Network port, Tunnel IP, Topology, Tunnel Type and Public IP
You can check SD-WAN members from below steps
Here you can see 3 members where is HUB and Spoke is located, These members are RAY Gateway device only which are added in child clusters.
from here you can add new device to SD-WAN add remote device for SSL VPN. and device details like name, appliance, SD-WAN Ip, and Type
One device has been added as HUB and other device as Spoke. from action button you can configure and modify and restart SD-WAN members.
In below snap you can see device Role as HUB and Routed subnet which are clusters Local subnet which we have routed to outside HUB reachable from Spoke devices.
