Command Line Interface Reference Guide > The SLB Configuration Menu > /cfg/slb/group <real server group ID> Real Server Group SLB Configuration
/cfg/slb/group <real server group ID>
Real Server Group SLB Configuration
Use this menu to group together real servers into real server groups. Each real server group should consist of all the real servers which provide a specific service for load balancing. Each group must consist of at least one real server. Each real server can belong to more than one group. Use real server groups both for SLB and application redirection.
Note: When you set the ID while configuring objects such as real servers, virtual servers, or groups, ensure that you also specify at least one additional setting such as the description. Otherwise, Alteon does not treat such an object as created and removes it on apply.
 
[Real Server Group 1 Menu]
name - Set descriptive real server group name
type - Set real server group type
ipver - Set IP version
metric - Set metric used to select next server in group
rmetric - Set metric used to select next rport in server
health - Set group health check
content - Set basic health check content
slowstr - Set slow start time
backup - Set backup real server or group
secbkp - Set second backup group
realthr - Set real server failure threshold
minthrsh - Set minimum threshold limit for Minimum Server Bypass
maxthrsh - Set maximum threshold limit for Minimum Server Bypass
idsrprt - Set Intrusion Detection Port
advhlth - Set an advance group health check formula
mhash - Set minmisses hash parameter
wlm - Set Workload Manager number
secret - Set RADIUS secret
viphlth - Enable/disable VIP health checking in DSR mode
ids - Enable/disable Intrusion Detection
idsfld - Enable/disable Intrusion Detection Group Flood
idschain - Enable/disable IDS group participation in inspection chain
oper - Enable/disable the access to this group for operator
ena - Enable real server in this group
dis - Disable real server in this group
shut - ShutDown real server in this group
add - Add real server
rem - Remove real server
del - Delete real server group
maxconex – Enable/Disable Maximum connections exception
cur - Display current group configuration
 
Real Server Group Configuration Menu Options (/cfg/slb/group) 
Command Syntax and Usage
name <maximum 128 characters> |none
 
Defines an alias for each real server group. This lets the network administrator quickly identify the server group by a natural language keyword value.
Values: 1-128 characters
type
 
Sets the group server type.
Values: local, wanlink
ipver <v4 | v6 | mixed >
 
Sets the IP version of the real server group.
metric <leastconns|svcleast|roundrobin|minmisses|hash|response|bandwidth|phash>
 
Sets the load balancing metric used for determining which real server in the group is the target of the next client request.
For more information, see Server Load Balancing Metrics.
Default: leastconns
rmetric <roundrobin|hash|leastconns>
 
Sets the load balancing metric used for determining which real server port is the target of the next client request.
Values:
*roundrobin — When an available server is selected, Alteon ensures even distribution when choosing a real port to receive the incoming connection.
*hash — Alteon selects the real port based on a hash of the client IP address.
*leastconns — Alteon sends the incoming connections to the real port with the least number of connections.
Default: leastconns
health <health check object|inherit>
 
Sets a specific health check for this server, or uses the value defined within the health check itself.
Values:
*health check object — Sets the specified health check for the server.
*none — Takes the value from the group health check that checks the server.
*inherit — Takes the value from the health check that checks the server.
Default: tcp (when type is set to local), icmp (when type is set to wanlink)
content <filename |/ host / filename> |none
 
Defines the specific content which is examined during health checks (maximum 127 characters). The content depends on the type of health check specified in the health option (see in this table).
health arp, clusthcfr, clusthcme, dhcp, dns, dssp, ftp, h2, h2c, http, httphead, https, icmp, imap, ldap, ldaps, link, logexp, nntp, pop3, radius-aa, radius-acc, radius-auth, rtsp, script, sip, sipoptions, smtp, snmp, sslh, sslhtls, sslhv3, tcp, tcphalfopen, tftp, udp, udpdns, virtualwire, wsp, wtls, wtls-wsp, wtls-wtp, wtp, wts
 
Sets the type of health checking performed. For details on these types, see SLB Health Check Types.
Default: tcp
slowstr [0-600]
 
Specifies the slow start time, in seconds, for this server group.
The slow start time is the interval between the time at which the server is identified as up, and the time at which the server is considered part of the server group.
Default 0 (indicates immediately)
backup <real server ID (alphanumeric) | g <group ID (alphanumeric> | none
 
Sets the real server or real server group used as the backup or overflow server or server group for this real server group.
You can assign a backup real server or real server group to prevent loss of service if the entire real server group fails.
If the real server group becomes unavailable, Alteon activates the backup real server or real server group until one of the original real servers becomes available again.
The backup server or real server group is also used in overflow situations. If all the servers in the real server group reach their maximum connections limit, Alteon activates the backup server or real server group to provide additional processing power until resources become available on one of the original servers.
You can assign the same backup real server or real server group to more than one real server group at the same time.
Note: When a primary group becomes unavailable, the load balancing metric assigned to the primary group is automatically assigned to the backup group. If the backup group has a metric that is different than the primary group metric, the primary group metric replaces the backup group metric.
Default: none
secbkp
 
Configures the second backup group in addition to an existing backup group.
name <maximum 31 characters> |none
 
Defines an alias for each real server group. This lets the network administrator quickly identify the server group by a natural language keyword value.
Values: 1 – 31 characters
realthr <real servers (1-15, 0 for disabled)>
 
Specifies a minimum number of real servers available. If the number reaches this minimum limit, a syslog alert message is sent to the configured syslog servers stating that the real server threshold has been reached for the that server load balancing group.
Values: 0 – 15
Default: 0 (indicates the feature is disabled)
minthrsh (1-1023)
 
Specifies the number of active real servers at which the group status changes to down.
For example, suppose a group has 10 real servers. The minthrsh value is 3, and the maxthrsh value is 5. As long as there are more than three real servers active, the group status is up. If any of the group’s real servers fail and the number of active servers reaches three, the group’s status changes to down. If the group is down, if the number of active real servers only goes up to four, the status remains down. When the number of active real servers is five or more, the group status changes to up.
Default: 0
Note: When determining the threshold, secondary backups and buddy servers are not counted as active real servers.
maxthrsh (1-1024)
 
Specifies the number of active real servers at which the group status changes to up.
Default: 1
Note: When determining the threshold, secondary backups and buddy servers are not counted as active real servers.
idsrprt <real server port (2-65534)> |any
 
Sets real server port for the Intrusion Detection Server (IDS).
advhlth (1&2|3..), 128 |none
 
Defines an advanced health check formula expression for the real servers. This lets you create a boolean expression to health check the real server group based on the state of the virtual services.
This command supports two boolean operators, AND and OR, used to manipulate TRUE and FALSE values. Using parentheses with the boolean operators, you can create a boolean expression to state the health of the server group.
This command also supports a string expression which is up to 128 characters long. You can also set the formula expression as none.
mhash 24|32 <number of sip bits used for minmisses hash>
 
Defines the minmisses hash parameter for this real server.
Values:
*24 — The minmiss algorithm uses the upper 24 bits of the source IP address to calculate the real server that the traffic should be sent to when the minmiss metric is selected.
*32 — Select all 32 bits of the source IP address to hash to the real server.
Default: 24 bits
wlm <1 - 16> | none
 
Sets the Workload Manager number.
secret <1 - 32> | none
 
Alteon encrypts a password during the execution of the RSA Message Digest Algorithm (MD5), and the RADIUS server decrypts a password during verification.
This value must be the same as the secret value of the RADIUS server of the group. Alteon uses this RADIUS secret value while performing heath checks for this group of RADIUS servers. If the secret value is not configured for the real server group, Alteon uses the global secret value which is configured with the /cfg/slb/advhc/secret command (see /cfg/slb/advhc Advanced Health Check Menu) during health checks for that group of RADIUS servers.
Values: 1 – 32 alphanumeric characters
viphlth disable|enable
 
Enables or disables VIP health checking in a service.
Values:
*Enable — VIP health checking only works when the service has the DSR (Direct Server Return) feature enabled.
*Disable — Alteon uses RIP to perform all health checks, whether DSR is enabled or disabled.
Default: enable
ids disable|enable
 
Specifies whether to enable Intrusion Detection Server (IDS) load balancing for the designated real server group.
This parameter is relevant when used in a filter of type redirect, and when all the real servers in the group are of type IDS (no MAC servers that are directly connected to the Alteon physical ports).
This feature can only be configured on real server groups between 1 and 63.
Default: disable
idsfld disable|enable
 
Specifies whether to enable intrusion detection group flood.
When enabled, traffic is flooded to all the IDS real servers in the group in parallel.
Values:
*enable — Packets are copied to all IDS servers in the IDS group.
*disable — Packets are only copied to the load balanced IDS server within the IDS group.
Default: disable
idschain disabled|enabled
 
Specifies whether this IDS group is part of a chain of IDS server groups that must receive (in copy mode) the same traffic. This parameter should also be enabled if this group is part of an SSL Inspection chain, even if it is the only group of type IDS in the chain.
Note: When this parameter is enabled, the idsfld command parameter must be disabled.
Default: disabled
*When the IDS server is connected via a tagged port (idsport), Alteon tags the injected traffic with the VLAN device at the real server idsvlan.
*When the IDS server is connected via a tagged port (idsport), but at the real server idsvlan is not defined, Alteon tags the injected traffic with the VLAN with pvid tagging.
*When the IDS server is connected via an untagged port (idsport) but at the real server idsvlan is defined, Alteon does not tag the injected traffic.
*When the IDS server is connected via an LACP trunk port (idsport is part of a trunk), Alteon load balances the injected traffic between the active trunk ports.
oper disable|enable
 
Enables or disables access to the real server group for operators.
ena <real server ID (alphanumeric)>
 
Enables a real server in this group gracefully or on a per group basis. For example, if a real server is a member of more than one group, you can configure this real server to accept requests from all the groups or any number of groups of which that this real server is a member.
dis <real server ID (alphanumeric)>
 
Disables a real server in this group gracefully or on a per group basis.
shut connection|psession
 
Specifies how to shut down a real server in the server group.
Note: When a real server belongs to more than one group, shutting down the real server affects only this group. The real server remains active in the other groups to which it belongs.
Values:
*connection — Continues sending traffic to the server belonging to active connections but denies any new connections.
*psession — Continues sending traffic to the server belonging to active connections and accepts new connections if they belong to persistent session entry. The same persistent sessions as in oper are preserved (SSLID, cookie, filter Layer 7 lookup).
add <real server ID (alphanumeric)>
 
Adds a real server to this real server group. You are prompted to enter the number of the real server to add to this group.
rem <real server ID (alphanumeric)>
 
Removes a real server from this real server group. You are prompted for the ID number for the real server to remove from this group.
del
 
Deletes this real server group from the Layer 4 software configuration. This removes the group from operation under all virtual servers to which it is assigned.
Note: Use this command with caution. If you remove the only group that is assigned to a virtual server, the virtual server will become inoperative.
maxconex disabled|enabled
 
Specifies whether to override the maximum connections limit for a server, under certain conditions.
When enabled, new connections are allocated to a server for which the maximum connections limit has been reached, if the new connections belong to existing persistent sessions on that server (with pbind set to clientip, sslid, or cookie).
Default: disabled
cur
 
Displays the current configuration parameters for this real server group.