a***n 发帖数: 262 | 1 What's the trick to make it better,
I recalled that Zher mentioned some secret to share :-) |
z**r 发帖数: 17771 | 2 what do you mean by better? F3 is Linux based now, used to be BSD, so you
can do a lot of scripting stuff on it
【在 a***n 的大作中提到】 : What's the trick to make it better, : I recalled that Zher mentioned some secret to share :-)
|
m**t 发帖数: 1292 | 3 love F5. only thing so far i hate is the Cisco CLI :) changes from version
to version sucks |
a****8 发帖数: 2771 | 4 F5的documentation非常好,要是有trick也一定是documented. |
m**t 发帖数: 1292 | 5
不错,一些疑难问题登录到SUPPORT里面也能找到。 如果改成LINUX 就更爽了,不过是
HARDEN 的linux, 有东西肯定不AVAILABLE
【在 a****8 的大作中提到】 : F5的documentation非常好,要是有trick也一定是documented.
|
a***n 发帖数: 262 | 6 Just participated a design for F5 and exchange 2010.
exchange 2010 everything except public folder access
could be load balanced. Pulic folder still needs direct
communication between real servers and clients.
Unfortunately, F5 is administered by an application guy.
You can imagine how much network knowledge he has. Windows
people don't give a second thought to network design too.
They end of selecting a SNAT+NAT arhcitecture. Real servers
will have default gateway to router not F5. SNAT+NAT will be
used for non-public folder access while direct communication
will totally go around F5.
【在 a****8 的大作中提到】 : F5的documentation非常好,要是有trick也一定是documented.
|
a***n 发帖数: 262 | 7 I think the NAT design with forwarding virtual
server for public folder access will work too.
F5 will be in line and do the routing and nat.
public folder access will still go thru F5 but
just regular forwarding w/o NAT. Public folder
is only needed for outlook 2003 or older and is
rarely used anyway. NAT will be used for other
services too.
SNAT and NAT will work, but real servers will
not have the client IP address, it will make
security, troubleshooting much harder.
LVS has good documentation too.
【在 a***n 的大作中提到】 : Just participated a design for F5 and exchange 2010. : exchange 2010 everything except public folder access : could be load balanced. Pulic folder still needs direct : communication between real servers and clients. : Unfortunately, F5 is administered by an application guy. : You can imagine how much network knowledge he has. Windows : people don't give a second thought to network design too. : They end of selecting a SNAT+NAT arhcitecture. Real servers : will have default gateway to router not F5. SNAT+NAT will be : used for non-public folder access while direct communication
|
a****8 发帖数: 2771 | 8
你可以inject X-Forwarded
【在 a***n 的大作中提到】 : I think the NAT design with forwarding virtual : server for public folder access will work too. : F5 will be in line and do the routing and nat. : public folder access will still go thru F5 but : just regular forwarding w/o NAT. Public folder : is only needed for outlook 2003 or older and is : rarely used anyway. NAT will be used for other : services too. : SNAT and NAT will work, but real servers will : not have the client IP address, it will make
|
a***n 发帖数: 262 | 9 That is only for limited services like http or smtp if I remember correctly.
【在 a****8 的大作中提到】 : : 你可以inject X-Forwarded
|
a****8 发帖数: 2771 | 10 exchange 2010 owa 不是http吗? 你一共有几个 protocol 从外面进到 exchange
server?
correctly.
【在 a***n 的大作中提到】 : That is only for limited services like http or smtp if I remember correctly.
|
a***n 发帖数: 262 | 11 This is outlook accessing public folder.
By default, RPC client will use tcp 135 and dynamic RPC range tcp 1024-65535
to access public folders. Or choose a port within 1024-65535 and configure
static RPC mapping.
【在 a****8 的大作中提到】 : exchange 2010 owa 不是http吗? 你一共有几个 protocol 从外面进到 exchange : server? : : correctly.
|
a****8 发帖数: 2771 | 12 不能用 rpc over https吗?
65535
configure
【在 a***n 的大作中提到】 : This is outlook accessing public folder. : By default, RPC client will use tcp 135 and dynamic RPC range tcp 1024-65535 : to access public folders. Or choose a port within 1024-65535 and configure : static RPC mapping.
|