1. DL manuals
  2. A10
  3. Switch
  4. AX Series
  5. Deployment Manual

A10 AX Series Deployment Manual

Other manuals for AX Series: Deployment Manual
Manual is about: for SharePoint 2010

Summary of AX Series

  • Page 1

    Deployment guide ax series for sharepoint 2010 dg_acc_062011.1.

  • Page 2

    Ax series for sharepoint 2010 deployment guide 2 table of contents 1 introduction ............................................................................................................................................ 5 2 deployment guide overview ..................................................

  • Page 3

    Ax series for sharepoint 2010 deployment guide 3 9.1.3 on the virtual server, change the service type of the virtual port from “tcp” to “https” and apply the new client and server ssl template .................................................................................... 27 9.2 ssl offload ......

  • Page 4

    Ax series for sharepoint 2010 deployment guide 4 9.7.3 apply aflex script to vip ...................................................................................................... 45 9.7.4 validate aflex service .......................................................................................

  • Page 5

    Ax series for sharepoint 2010 deployment guide 5 1 introduction microsoft sharepoint 2010 is the latest web application platform developed by microsoft for small to large businesses. Microsoft sharepoint 2010 is designed as a centralized collaboration, content, and file management application softwa...

  • Page 6

    Ax series for sharepoint 2010 deployment guide 6 3 deployment guide pre requisites ax series requirements the a10 networks ax series adc must be running version 2.4.X microsoft sharepoint requirements the microsoft sharepoint 2010 application was tested and deployed for internal and external users t...

  • Page 7

    Ax series for sharepoint 2010 deployment guide 7 4 ax deployment for sh arepoint 2010 server roles figure 1: provides server description for the test environment: figure 1: sharepoint server role matrix 5 accessing the ax series load balancer this section describes how to access the ax series device...

  • Page 8

    Ax series for sharepoint 2010 deployment guide 8 secure protocol – hypertext transfer protocol over secure socket layer (https) note: http requests are redirected to https by default on the ax device. Access information: default username: “admin” default password is “a10”. Default ip address of the ...

  • Page 9

    Ax series for sharepoint 2010 deployment guide 9 7 architecture overview figure 2: sharepoint 2010 deployment topology.

  • Page 10

    Ax series for sharepoint 2010 deployment guide 10 8 basic ax configuration for sharepoint this chapter explains how the ax series is configured with microsoft sharepoint 2010 server implementation. This chapter provides instructions for installing the real servers, service group, virtual services, a...

  • Page 11

    Ax series for sharepoint 2010 deployment guide 11 8.1 server configuration this section demonstrates how to configure the sharepoint webservers in the ax series. 1. Navigate to config mode > slb > server . 2. Click add to add a new server. 3. Within the server section, enter the following required i...

  • Page 12

    Ax series for sharepoint 2010 deployment guide 12 figure 5: real server port configuration 7. Click ok and then click save to store your configuration changes. 8.2 health monitor configuration the ax series automatically initiate the health status checks of real servers (icmp) and service ports (tcp...

  • Page 13

    Ax series for sharepoint 2010 deployment guide 13 figure 6: health monitor configuration 8.3 service group configuration this section demonstrates how to configure the sharepoint webservers in a service group. A service group contains a set of real servers from which the ax device can select to serv...

  • Page 14

    Ax series for sharepoint 2010 deployment guide 14 figure 7: service group configuration 4. Navigate to config mode > service > slb > service group . 5. In the server section of the window, add one or more servers from the server drop-down list: server: select “ws1” from the drop-down menu. P ort: en...

  • Page 15

    Ax series for sharepoint 2010 deployment guide 15 8.4 virtual server configuration this section demonstrates how to configure the vip with the ax series. Adding the virtual server ports within the ax series will generate a virtual service list based on the protocol type selected. 1. Navigate to conf...

  • Page 16

    Ax series for sharepoint 2010 deployment guide 16 figure 10: virtual server port configuration figure 11: virtual port lists figure 12: virtual services overview 6. Click ok and then click save to store your configuration changes..

  • Page 17

    Ax series for sharepoint 2010 deployment guide 17 8.5 source ip persistence the ax series can support different modes of persistence; such as cookie persistence, destination ip persistence, source ip persistence, and ssl session id persistence. The purpose of persistence is to direct traffic from th...

  • Page 18

    Ax series for sharepoint 2010 deployment guide 18 figure 14: source ip persistence overview 6. Click ok and then click save to store your configuration changes. 8.5.2 apply ip persistence to the vip to assign the template to the vip: 1. Navigate to config mode > service > slb > virtual server port ....

  • Page 19

    Ax series for sharepoint 2010 deployment guide 19 figure 16: ip source nat and traffic flow overview 8.6.1 create ip source nat template 1. Navigate to config mode >service> ip source nat . 2. Click add . 3. Enter ip source nat name : “ snat ”. 4. Enter start ip address : 172.16.1.250 (example) 5. E...

  • Page 20

    Ax series for sharepoint 2010 deployment guide 20 figure 17: ip source nat configuration 7. Click ok and then click save to store your configuration changes. Note: apply the snat template to the virtual server port. If the sharepoint environment will consist of many concurrent users, it is advisable...

  • Page 21

    Ax series for sharepoint 2010 deployment guide 21 8.7 validate service to validate that the basic configuration is functioning correctly, do the following: 1. Navigate to monitor mode> service >slb> virtual server . 2. Check that the status states is green: figure 19: virtual server status 3. Launch...

  • Page 22

    Ax series for sharepoint 2010 deployment guide 22 9 advanced ax features for sh arepoint this section describes advanced traffic optimization features you can add to your basic sharepoint configuration. These features provide web application acceleration, optimize sharepoint web server performance, ...

  • Page 23

    Ax series for sharepoint 2010 deployment guide 23 9.1.1.1 option 1: generate a self-signed ca from the ax 1. Navigate to config mode > ssl management > certificate . 2. Click create to add a new ssl certificate. 3. Enter the file name of the certif icate: “ ws ”. 4. From the issuer drop-down menu, s...

  • Page 24

    Ax series for sharepoint 2010 deployment guide 24 figure 21: client ssl certificate creation.

  • Page 25

    Ax series for sharepoint 2010 deployment guide 25 9.1.1.2 option 2: import ssl certificate and key before beginning this procedure, export your certificate and key from your iis server on your pc. 1. Navigate to config mode > ssl management > certificate . 2. Click import to add a new ssl certificat...

  • Page 26

    Ax series for sharepoint 2010 deployment guide 26 9.1.2 create one client and one server ssl template 9.1.2.1 create client ssl template this section describes how to configure a client ssl template and apply it to the vip. 1. Navigate to config mode > service > template > ssl > client ssl . 2. Clic...

  • Page 27

    Ax series for sharepoint 2010 deployment guide 27 9.1.2.2 create server ssl template this section describes how to configure a server ssl template and apply it to the vip. 1. Navigate to config mode > service > template > ssl > server ssl . 2. Click add . 3. Enter the name : “server - ssl-ws ”. Figu...

  • Page 28

    Ax series for sharepoint 2010 deployment guide 28 figure 25: update virtual service type 5. Click ok and then click save to store your configuration changes. 9.1.3.2 apply the new client and server ssl template once the client and server ssl template is completed, you must bind the client and server...

  • Page 29

    Ax series for sharepoint 2010 deployment guide 29 6. Click ok and then click save to store your configuration changes. 9.2 ssl offload ssl offload acts as an acceleration feature by removing the burden of processing ssl traffic from the sharepoint web servers. Instead of having the sharepoint server...

  • Page 30

    Ax series for sharepoint 2010 deployment guide 30 9.2.1 change the port numbers in the service group 1. Navigate to config mode > service > slb > service group . 2. Click the name of the service group created during basic configuration. 3. In the server section: a. Select the checkbox next to a serv...

  • Page 31

    Ax series for sharepoint 2010 deployment guide 31 figure 30: client only ssl binding 5. Click ok and then click save to store your configuration changes. 9.2.3 validate the deployment to validate that ssl offload is working, navigate to monitor mode > service > application > ssl . Note: browse to th...

  • Page 32

    Ax series for sharepoint 2010 deployment guide 32 9.3 compression compression is a bandwidth optimization feature that condenses the http objects that are requested from a web server. The purpose of compression is to transmit the requested data more efficiently(less data transmitted) and faster resp...

  • Page 33

    Ax series for sharepoint 2010 deployment guide 33 note: the ax device offers various compression levels, ranging from levels 1 to 9. Level 1 is the recommended compression setting. Figure 34: compression configuration column 5. Click ok and then click save to store your configuration changes..

  • Page 34

    Ax series for sharepoint 2010 deployment guide 34 9.3.2 apply http compression template to vip to apply the compression template within the virtual server port, 1. Navigate to config mode > slb > virtual server . 2. Click on the virtual server name. 3. Select “ 443 ” and click edit . 4. Locate the h...

  • Page 35

    Ax series for sharepoint 2010 deployment guide 35 9.3.3 validate the deployment you can validate that the ax series device is compressing the data by navigating to monitor mode > service > application > http . Figure 36: compression statistics (before and after) 9.4 cookie persistence cookie persist...

  • Page 36

    Ax series for sharepoint 2010 deployment guide 36 figure 37: cookie persistence template 4. Click ok and then click save to store your configuration changes. Once you have finished configuring the template, the template appears in cookie persistence template list. 9.4.2 apply cookie persist ence tem...

  • Page 37

    Ax series for sharepoint 2010 deployment guide 37 9.4.3 validating the deployment to validate that the cookie persistence is installed, navigate to monitor mode >service > application > persistent . Figure 39: cookie persistent monitor 9.5 connection reuse (tcp offload) the ax series connection reus...

  • Page 38

    Ax series for sharepoint 2010 deployment guide 38 figure 41: connection reuse setup 9.5.1 create connection reuse template 1. Navigate to config mode> template > connection reuse . 2. Click add . 3. Enter the name : “ sharepoint connection ”. 4. Click ok and then click save to store your configurati...

  • Page 39

    Ax series for sharepoint 2010 deployment guide 39 9.5.3 apply connection reu se and snat to vip to apply connection reuse within the vip: 1. Navigate to config mode > slb > virtual server . 2. Click on the virtual server name. 3. Select “ 443 ” and click edit . 4. Locate the connection reuse templat...

  • Page 40

    Ax series for sharepoint 2010 deployment guide 40 9.5.4 validate the deployment to validate that connection reuse is working, navigate to monitor mode >service > slb > virtual server figure 45: connection reuse monitor note: to see the benefits of the connection reuse feature, you must have multiple...

  • Page 41

    Ax series for sharepoint 2010 deployment guide 41 9.6.1 create ram caching t emplate 1. Navigate to config mode> service> template > application > ram caching . 2. Click add . 3. Enter the name : “ sharepoint ram caching ”. 4. Leave the age set to 3600 seconds. 5. Enter the following values: max cac...

  • Page 42

    Ax series for sharepoint 2010 deployment guide 42 9.6.2 apply ram caching template on vip to apply the ram caching template within the virtual server port: 1. Navigate to config mode > slb > virtual server . 2. Click on the virtual server name. 3. Select “ 443 ” and click edit . 4. Locate the ram ca...

  • Page 43

    Ax series for sharepoint 2010 deployment guide 43 9.7 securing sharepoint via aflex this section of the deployment guide explains how to redirect sharepoint traffic that comes from http to https using the ax aflex scripts. Aflex is based on a standard scripting language, tcl, and it enables the load...

  • Page 44

    Ax series for sharepoint 2010 deployment guide 44 figure 51: aflex redirect configuration redirect script copy and paste: when http_request { http::redirect https://[http::host][http::uri] } the aflex script must be bound to virtual server port 80..

  • Page 45

    Ax series for sharepoint 2010 deployment guide 45 9.7.2 configure vip w ith http/port 80 1. Navigate to config mode > service > slb > virtual server. 2. “select” vip name and click “edit”. 3. In the port section, click “ add ” 4. Select type: “ http ” 5. Port: “ 80 ” figure 52: vip configuration 6. ...

  • Page 46

    Ax series for sharepoint 2010 deployment guide 46 9.7.4 validate aflex service to verify that the aflex script is working, open a web browser and navigate to “http://example.Com”. The browser will accept the url request and client url address will change from “http://example.Com” to “https:example.C...

  • Page 47

    Ax series for sharepoint 2010 deployment guide 47 10 summary and conclusion the configuration steps described above show how to set up the ax for microsoft sharepoint 2010 server. By using the ax device to load balance sharepoint web front end (wfe) servers, the following key advantages are achieved...

  • Page 48

    Ax series for sharepoint 2010 deployment guide 48 11 appendix 11.1 ax series cli sample configurations: sharepoint basic configuration in “one-arm mode”: basicconfig-ax1#show run interfaces management enable hostname basicconfig-ax1 clock timezone europe/dublin interface management ip address 192.16...

  • Page 49

    Ax series for sharepoint 2010 deployment guide 49 name _172.16.1.200_tcp_443 source-nat pool snat service-group "sharepoint servers" template persist source-ip "ip persistence" end sharepoint configuration with all advanced options in “one-arm mode” advconfig-ax2#show run interfaces management enabl...

  • Page 50

    Ax series for sharepoint 2010 deployment guide 50 slb template connection-reuse "sharepoint connection" slb template cache "sharepoint ram caching" max-content-size 4194303 min-content-size 10 slb template http http compression compression enable compression minimum-content-length 120 slb template c...