[AIX HP-UX Linux Solaris Windows]

Restricting incoming traffic with ipchains and iptables

Built into the Linux kernel is a firewall facility called ipchains. When Load Balancer and ipchains run concurrently, Load Balancer sees packets first, followed by ipchains. This allows the use of ipchains to harden a Linux Load Balancer machine, which could be, for example, a Load Balancer machine that is used to load balance firewalls.

About this task

In general, an appropriate ipchains strategy for the Load Balancer machines is to disallow all traffic, except that which is to or from the back-end servers, the partner high availability Load Balancer, any reach targets, or any configuration hosts.

[Linux] It is not recommended to activate iptables when running Load Balancer on Linux kernel version 2.4.10.x. Activation on this Linux kernel version can result in performance degradation over time.

Procedure




Related information
Administering
tadm_startstop.html
Task topic Task topic    

Terms of Use | Feedback

Last updatedLast updated: Jun 20, 2011 4:04:37 PM EDT
File name: tadm_secureip.html