Home | 简体中文 | 繁体中文 | 杂文 | 知乎专栏 | 51CTO学院 | CSDN程序员研修院 | Github | OSChina 博客 | 腾讯云社区 | 阿里云栖社区 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
知乎专栏多维度架构

32.11. example

		
#command timeout configuration
system command timeout 0

#admin aaa configuration
admin aaa off
admin aaa method RADIUS

#hostname configuration
hostname "AN"
config timeout 180

#switch configuration
switch weblink "http://10.90.90.90:80"

#system timezone configuration
system timezone "GMT"

#rts configuration
ip rts off
ip rts expire 600

#interface mtu
interface mtu port1 1500
interface mtu port2 1500
interface mtu port3 1500
interface mtu port4 1500
interface mtu port5 1500
interface mtu port6 1500

#interface configuration
interface name "port1" "port1"
interface name "port2" "port2"
interface name "port3" "port3"
interface name "port4" "port4"
interface name "port5" "port5"
interface name "port6" "port6"
interface speed "port1" auto
interface speed "port2" auto
interface speed "port3" auto
interface speed "port4" auto
interface speed "port5" auto
interface speed "port6" auto

#bond configuration
bond interface "bond1" "port1" 1
bond interface "bond1" "port2" 1
ip address "bond1" 172.16.0.9 255.255.255.0

#ip configuration

#ip host configuration

#support ip configuration

#ssh configuration
ssh on

#vlan configuration

#mnet configuration

#extended routing policies
ip ipflow off
ip ipflow priority 1000
ip ipflow expire 60


#route configuration
ip route default 172.16.0.254

#ip link configuration

#port redundancy configuration

#ip statistic configuration
ip statistic off

#link load balancing configuration

#link load balancing DNS configuration

#smart DNS configuration
sdns off
sdns interval heartbeat 2
sdns interval report 30
sdns dps interval send 120
sdns dps interval query 1200
sdns dps history 9000
sdns dps expire 1
sdns dps method rtt
sdns dps off
sdns dps master off
#NoCheck IP Address
sdns snmp interval 300
sdns snmp version "v2c"
sdns statistics off all
sdns statistics off localdns
sdns persistent timeout 3600
sdns recursion off

#access list and webwall configuration

#synconfig configuration

#synconfig sdns configuration

#cluster configuration
cluster virtual ffo off
cluster virtual ffo interface carrier loss timeout 1000
cluster virtual arp interval 60
cluster virtual discreet off

#nameserver configuration

#enable password
passwd enable "XXXXXXXXXsaFLGt/QKS6yw"

#user configuration
user "array"       "XXXXXXXXX9WfFLfH5KTFBg"

#webui configuration
webui port 8888
webui on

#webui language configuration
webui language en

#xmlrpc configuration
xmlrpc off
xmlrpc port 9999

#snmp configuration
snmp community "public"
snmp contact ""
snmp location ""
no snmp enable traps
snmp ipcontrol off
snmp off

#fastlog configuration
log facility "local0"
log level "info"
log off
log source port 514
log option levelinfo off
log option logid off
log http squid

#ntp configuration

#system mail configuration
system mail from "%h<alert@log.domain>"
system mail hostname "%l.alert_pseudo_domain"

#system mail relay configuration
system mail relay off

#tune configuration
system tune hwcksum on
system tune tcpidle 300
system tune tcp retransmit timeout 1000
system tune tcp retransmit dupacks 3
system tune tcp delack count 4
system tune tcp delack timeout 1000
system tune tcp slowstart on
system tune tcp retransmit policy newreno
system tune tcp syntimeout 60
system tune tcp zwdefend off
system tune tcp pktdropopt 2
system tune udp pktdropopt 0
system tune defraglimit 0
system tune ip randomid off

#dump flag when panic
system dump on

#system interactive configuration
system interactive off

#port forwarding configuration
fwd mode transparent

#sytem fast forwarding configuration
slb directfwd off
slb directfwd syncache off

#slb configuration
slb mode ircookie plainname
slb mode icookie always
slb real http "http-nginx-0" 10.0.0.68 80 100000 http 3 3
slb real http "http-nginx-1" 10.0.0.69 80 100000 http 3 3
slb real http "http-user-1" 10.0.0.24 80 100000 http 3 3
slb real http "http-user-2" 10.0.0.25 80 100000 http 3 3
slb real http "http-user-3" 10.0.0.26 80 100000 http 3 3
slb real http "http0" 172.16.0.5 80 100000 http 3 3
slb real http "http1" 172.16.0.6 80 100000 http 3 3
slb group method "gn-nginx-0" rr
slb group method "gn-user-0" rr
slb group method "gn0" rr
slb group member "gn-nginx-0" "http-nginx-0" 1 0
slb group member "gn-nginx-0" "http-nginx-1" 1 0
slb group member "gn-user-0" "http-user-1" 1 0
slb group member "gn-user-0" "http-user-2" 1 0
slb group member "gn-user-0" "http-user-3" 1 0
slb group member "gn0" "http0" 1 0
slb group member "gn0" "http1" 1 0
slb virtual http "test-http" 172.16.0.10 80 arp 0
slb virtual http "vs-nginx-http" 172.16.0.63 80 arp 0
slb virtual http "vs-user-http" 172.16.0.61 80 arp 0
slb virtual health off
#default policy order:
#                 qos-clientport 1
#                 qos-network 2
#                 pu 3
#                 rc 4
#                 ic 5
#                 pc 6
#                 qos-cookie 7
#                 qos-hostname 8
#                 qos-url 9
#                 regex 10
#                 header 11
#                 hu 12
slb policy default "test-http" "gn0"
slb policy default "vs-nginx-http" "gn-nginx-0"
slb policy default "vs-user-http" "gn-user-0"

#proxy cache configuration
cache off
cache on test-http
cache on vs-nginx-http
cache on vs-user-http
cache settings expire "82800"
cache settings objectsize 5120

#cache channel statistic configuration

#http modifyheader configuration
http modifyheader http10 off

#filter configuration
filter vip "global"
filter mode active "global"
filter length url 1024 "global"
filter length queryvariable 128 "global"
filter length querydata 512 "global"
filter length query 1024 "global"
filter length request 10000 "global"
filter length header 1024 "global"
filter url keyword default permit "global"
#filter request controlchar configuration
#It works only when filter vip setting is configured.
filter request controlchar on

#http error page configuration

#http compression configuration
http compression on
http compression on "test-http"
http compression on "vs-nginx-http"
http compression on "vs-user-http"

#http configuration
http xforwardedfor off
http xforwardedfor on "test-http" header "X-Forwarded-For"
http xforwardedfor on "vs-nginx-http" header "X-Forwarded-For"
http xforwardedfor on "vs-user-http" header "X-Forwarded-For"
http owa off
http xclientcert header "X-Client-Cert: "
http serverpersist on
http serverconnreuse on
http buffer nomsglen on
http mask server off
http mask via off
http rewrite response cookie secure on
http rewrite response cookie secure icookie on
http shuntreset off
system mode reverse

#SIP configuration

#sip multiregistration configuration
sip multireg off

#nat configuration

#health check configuration
health interval 5 5
health server "http0" 0 0
health server "http1" 0 0
health on
health failover disable
health failover retries 3
health relation http0 and
health relation http1 and
health relation http-nginx-0 and
health relation http-nginx-1 and
health relation http-user-1 and
health relation http-user-2 and
health relation http-user-3 and

#ssl configuration

#ssl configuration

#RIP routing configuration

#Bypass configuration

#graph configuration

#slb dns cache configuration
dns cache off
dns cache expire 60 3600

#cache filter configuration
cache filter off

#Qos configuration

#statmon configuration
statmon off

#rip configuration
rip off

#ospf configuration
ospf off

#debug monitor configuration
debug monitor on

#no default user configuration
#