Chat with us
- Support Form
- Knowledge base
- Basic concepts
- Installation
- Design
- System
- Management
- Algorithms
- Features
- Ethernet Bonding
- Quality of Service QoS
- Gateway MAC Address (GMAC)
- Connectivity
- Probe
- Security
- Failover and High Availability
- Persistence
- TAG Balancing
- Intelligent DNS (iDNS)
- Intelligent Service Verificator
- SitePathMTPX
- Geolink
- IPv6 Support
- Performance Impact
- USB Mobile Stick
- 3G - 4G Device Form
- Feature Request
- Download Area
- Online Training
- Unboxing a Link Balancer
- Power Protection
- Visio Stencil
- End of sale models
- Elfiq BETA Program
 |
Elfiq Link Balancer Installation
I'm installing my Link LB unit. How can I minimize downtime?
The Link LB layer 2 integration and primary link technology allows you to install it with a very small downtime period of a few seconds, usually just the time to disconnect and reconnect your patch cords. To ensure active sessions on the primary link are not load balanced at the initial Link LB start up:
- Configure your Link LB unit for both links
- Install your second link to the Link LB and test it
- Administratively disable the second link with the STATE GMAC command
- Install the primary link (inside and outside ports)
- Wait at least 30 seconds. Active sessions will pass through the LinkLB and be registered as using the primary link
- Enable the second link, only new sessions will be load balanced.
I host my own mail server, what verification should be done to ensure outgoing mail will not be rejected?
To ensure outgoing mail from the determined IP addresses of each of the links is RFC compliant, each selected IP address for outgoing SMTP must be registered with a PTR record in your ISP DNS servers. It is the system administrator responsibility to ensure the PTR record for each SMTP gateway address is registered with the SMTP gateway name. If you are not sure this PTR record is registered properly for your mail server on all your links, you should use the primary link for all outgoing SMTP mail (for example OPFA algorithm).
I have a VPN server or other device in parallel of my firewall. How can I handle those incoming services.
Simply create a new arp entry and acl nat out statements for this device specifying that this device is located on the INSIDE.
NOTE: Elfiq recommends that the Link LB is installed directly after the internet routers and that all other devices (servers, vpn concentrators, firewalls) are connected to a switch on the inside port.
I just installed my Link LB and I can't browse to the internet or receive incoming connections.
When you install the balancer in a live network, you have to take the ARP caching of all your networking devices into consideration. The best way to know if you are experiencing this problem is to do the following steps:
- Ensure that your cabling is good and that all the devices in the configuration are connected in the zone (inside or outside).
- In the VFI module, enter the
sh gmaccommand. Verify that your GMACs are in Status[enabled] Message[all ok]. If they show "searching for mac address" in the message part, then your Link LB can't see the router for this connection. Ensure that the physical connections are good and if you can, reboot the router. - In the VFI module, enter the
sh arpcommand, examine the results to make sure you have no "incomplete" entries (pay special attention to your firewall(s) IP). Any entry marked as incomplete means that the Link LB can't talk with this particular device. The firewall is usually the culprit with this problem, it sees the balancer as trying to do a "ARP Spoofing" or "ARP poisoning" attack on your network. The solution is to clear the ARP cache of the problematic devices or to simply reboot them.
-
Products
-
Resources
-
Solutions
-
Company
-
Support
-
RSS Subscription
Copyright Elfiq, Inc. 2012
Terms of Use