Avaya P333R-LB Manuel D’Utilisation

Chapter 14

Load Balancing in the P333R-LB

Avaya 

P333R-LB User’s Guide

9

Demilitarized Zone (DMZ) Configuration Example

The following figure illustrates Transparent FWLB with DMZ configuration.

Note:  
1. When configuring routing firewalls as Real Servers, you must give an ID to each 
Real Server. This ID must match the ID given to the same firewall on the second 
load balancer.
2. The P333R-LB performs load balancing on traffic that arrives to its routing 
interfaces. Therefore, IP routes in the network must be configured to pass through 
the P333R-LB.

To configure your network as in Figure 14.2, the following should be done:
•

The LAN routers (or hosts) should be configured with 10.4.1.3 as the next hop 
toward the WAN (the default gateway in many cases). 

•

The access router should be configured with 193.170.1.1 as the next hop toward 
the LAN. 

•

The firewalls should be configured with 10.1.1.3 as the next hop towards the 
LAN, and 10.2.1.3 as the next hop toward the WAN (internet). 

•

The  firewalls  must  be  configured to allow ICMP Ping to pass between the two 
load balancers (10.1.1.3 and 10.2.1.3) for health-check purposes.

•

Each load balancer must be configured to two virtual firewall services. In 
Figure 14.2, P333R-LB1 should be assigned to the WAN and DMZ, P333R-LB2 
to the LAN and DMZ, and P333R-LB3 to the LAN and WAN.

Internet

Access Router

Firewall 1

Firewall 2

P333R-LB 2

P333R-LB 1

P333R-LB 3

10.1.1.3

10.2.1.3

10.1.1.1

10.3.1.3

10.3.1.1

10.3.1.2

10.1.1.2

10.2.1.2

10.2.1.1

193.170.1.1

193.170.1.2

193.170.2.3

RSG

fw- group

10.4.1.3

DMZ

LAN

Server

Server