WebMux – Configuring Multiple ISP Uplinks and Multiple VLANS

Product Tech Tips Index

Requirements

Beginning with firmware version 8.5, WebMux supports Multiple ISP uplinks through multiple tag-based VLANs. Switches used with the WebMux must support trunk ports and tag-based VLANs. If your ISP router does not support tag-based VLANs, your switch must also allow you to untag the port that belongs to VLAN connecting to this router.

Let’s consider a fictitious company, abcxyz.com. It has two ISP uplinks, 12.12.12.0/24 and 66.66.66.0/24 networks. Each ISP uses the .1 address as its router address. We select the 66.66.66.0/24 network as the primary ISP, for which WebMux will direct all outgoing traffic initiated behind WebMux through that ISP. We chose the 66.66.66.0/24 network for the primary network because its link has a bigger pipe. If this ISP link fails, the WebMux automatically switches the gateway to the 12.12.12.1 network. Replies to incoming traffic will be sent to the ISP from which it came.

Company abcxyz.com also needs two different department subnets, 192.168.1.0/24 and 192.168.2.0/24. We will use VLAN IDs 200 and 210 for the two ISP uplinks and VLAN IDs 300 and 310 for the servers in the private subnets.

WebMux Configuration

From the LCD/keypad, we set the WebMux’s router LAN IP address to 66.66.66.2, net mask 255.255.255.0, default gateway 66.66.66.1 (router’s IP address). We assign VLAN ID 200 to this 66.66.66.0/24 network. This will be the default gateway for outgoing traffic originating from the servers. We configure its server LAN to 192.168.1.253 and its server LAN gateway at 192.168.1.1, using VLAN ID 300. We set the WebMux not to run solo (i.e. have a backup). We reboot the WebMux to save the configuration.

After WebMux boots, ssh into the superuser’s command line shell from the diagnostic TCP port (port 77, unless changed). For Linux machines, the correct ssh command will be:

ssh -l super user -p 77 192.168.1.253

Log in with user “superuser.” The default password, unless changed, is also “superuser.” After logging in, type at the command prompt:

nwconfig -A ISP12 -i 12.12.12.2 -g 12.12.12.1 -v 210

nwconfig -A server2 -i 192.168.2.253 -v 310

“nwconfig -A ISP12 -i 12.12.12.2 -g 12.12.12.1 -v 210” places the new network with VLAN ID 210 on the router LAN side of the WebMux. “nwconfig -A server2 -i 192.168.2.253 -v 310” (without -g option) creates a VLAN on the server LAN side of the WebMux. The “ISP12” and “server2” are the network labels. The IP address 192.168.2.253 is the server 2 LAN gateway address. This address must be used as its default gateway for any load balanced server in that VLAN. At this point, you have two ISP uplinks configured, and two VLAN based server LANs configured. Using the “New Farm” screen, add a farm on the 12.12.12.0/24 network, then use the MAP feature “add address/port” to add a second ISP address port to the same farm.

If you have more ISP uplinks and more server VLANs, you can repeat the above steps. Please note the network label for the ISP links will determine their fail-over sequence, based on the alphanumeric sequence.

Switch Configuration and Other Considerations

Once you have configured the switch with the VLAN ID, please make sure that WebMux uses the switch port assigned to this VLAN tag. If the ISP router does not support tag based VLAN, then set its switch port to join the VLAN ID, but untagged. Since the switch port WebMux uses will have more than one VLAN ID, make sure that the port is configured to join all necessary VLANs, or make the port a trunk port.

Do not mix tag based VLAN configuration with non-VLAN configuration. The non-VLAN configuration will mix traffic from different VLANs. This configuration can be used with NAT and Transparent mode. With OOP mode, WebMux automatically binds (LACP) the Router LAN interface and Server LAN interface together.

The VLAN configuration from the primary WebMux does not automatically configure the back-up WebMux. The administrator must manually configure the VLANs on both. The farm and server configuration will be automatically synced between the primary and backup WebMux units.