Sunteți pe pagina 1din 32

MIGRATION PLAN DOCUMENT

MIGRATION PLAN DOCUMENT


OF
RADWARE Link Proof Link Load Balancer &
Internet WAN Switch
MCA- DC

INFOSYS
Version1.1

IBM

MCA- DATA CENTER


1

INFOSYS

MIGRATION PLAN DOCUMENT

ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS


MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED
WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED.
INTELLECTUAL PROPERTY RIGHTS:
THIS
DOCUMENT
CONTAINS
VALUABLE
AND
CONFIDENTIAL
INFORMATION ON MIGRATION OF DMZ SWITCHES IN THE DATA
CENTER OF MINISTRY OF CORPORATE AFFAIRS, (MCA) DELHI. AND
SHALL NOT BE DISCLOSED TO ANY PERSON, ORGANIZATION, OR
ENTITY UNLESS SUCH DISCLOSURE IS SUBJECT TO THE PROVISIONS
OF A NONDISCLOSURE AND PROPRIETARY RIGHTS AGREEMENT
APPROVED BY MINISTRY OF CORPORATE AFFAIRS (MCA).

IBM

MCA- DATA CENTER


2

INFOSYS

MIGRATION PLAN DOCUMENT

Document Information
AUTHOR
CHANGE AUTHORITY
CHANGE FORECAST
ORGANIZATION

: Chandra Bhanu Panigrahi


: INTEGRATED COMMUNICATION SERVICES
: MEDIUM
: IBM INDIA (P) LTD

Review
ORGANIZATION
INFOSYS
INFOSYS

NAME
ANIL KUMAR AKELLA
MANOJ KUMAR YADAV

TITLE

Modification History
REV.
1.0
1.1

IBM

DATE
12/07/2013
17/12/2013

ORIGINATOR
Chandra Bhanu
Chandra Bhanu

STATUS

MCA- DATA CENTER


3

COMMENT
Initial Version
Updated

INFOSYS

MIGRATION PLAN DOCUMENT


Document Acceptance Signoff
FOR IBM INDIA (P) LTD
NAME ..
TITLE
COMPANY .
SIGNATURE & STAMP ..
DATE .

FOR INFOSYS
NAME ..
TITLE
COMPANY .
SIGNATURE & STAMP ..
DATE .

Note: Acceptance can be in the form of written / or email

IBM

MCA- DATA CENTER


4

INFOSYS

MIGRATION PLAN DOCUMENT

TABLE OF CONTENTS
Chapter Description

Page
Number

3.1

Radware LinkProof Migration plan


VLAN & IP Address details
Radware LB Migration diagram &
configuration Details
Radware LB Configuration Details

3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11

Radware LB Farm Details


Radware LB Router Farm Details
Host network/classes Details
DNS Host/A record Details
Flow Management Details
Policy Details
Dynamic Nat TCIL Public IP address
Dynamic Nat TCIL Public IP address
Dynamic Nat Bharti Public IP address
Dynamic Nat Bharti Public IP address
Management IP address

1.0
2.0
3.0

4.0
5.0
5.1
5.2
6.0

IBM

Radware Configuration snapshoot


Radware Configuration snapshoot
Traffic Flow Analysis
Traffic flow in all working conditions

Traffic flow when a Primary Radware Fails


Test Cases

MCA- DATA CENTER


5

06
10
12-11
12
12
13
13
14
14
14
14
14
16
16
16
18
28
28
29
30

INFOSYS

MIGRATION PLAN DOCUMENT


1.0 Radware Link Proof migration plan for MCA DC Internet
Segment consists of following

1.1 Network Changes Required for Migrating Existing LBs.


Presently the subnet 10.64.21.0/24 provides connectivity between
Internet Router and LinkProof LBs.
As Secondary Internet Link will be terminated at Second Router,
Public LAN IP address provided by TCIL and Bharti will be
configured at each Internet Routers LAN interfaces.
So the connectivity between LBs and Internet router will be
through Public IP Addresses provided by both ISPs.

IBM

MCA- DATA CENTER


6

INFOSYS

MIGRATION PLAN DOCUMENT


Presently Internet Router LAN, LBs interfaces and Checkpoint
Firewalls are all connected to DMZ switch. So two Cisco 2960-S
switches will be introduced to connect Internet Router LAN, LBs
and Checkpoint Firewall Outside Interface and Managements
interfaces of Internet segment devices except Checkpoint and
DMZ switches.
Internet Routers, Cisco 2960-S wan switches, LinkProofs
management interfaces will be connected at Cisco 2960-S
switches and specific LAN subnet will be routed for Management
access with 10.64.22.1 as next hop.The subnet 10.64.22.0/24 will
be used for this purpose.
Presently Linkproof1(LP1)s LAN interface is connected to DMZ
switch through IPS4240.This will be connected as it but the
connectivity will be moved from DMZ switch to WAN switch.
1.2 Prerequisites for Internet Link Loadbalancer(LB) Migration
Second link details like WAN and LAN Public IP Address.
Changes Required at Public DNS server at the time of activity.
DNS A record entry for VPN host name.

IBM

MCA- DATA CENTER


7

INFOSYS

MIGRATION PLAN DOCUMENT


1.3 Devices to be Installed/Replaced for this activity
Sl No.
1
2
3
4

Location/Type
MCA DC Delhi
MCA DC Delhi

Make / Model
Cisco 2960-S Switch
Cisco 2960-S Switch

Device Type / Role


FO Aggregation Switch 1
FO Aggregation Switch 2

Device Host Name


DELDCSWTAGRF01
DELDCSWTAGRF02

MCA DC Delhi
MCA DC Delhi

Radware Link Proof 208


Radware Link Proof 208

Internet Link Load Balancer 1


Internet Link Load Balancer 2

DELDCLLBACTF01
DELDCLLBSTBF02

1.4 Internet Link Loadbalancer (LB)

IBM

MCA- DATA CENTER


8

INFOSYS

MIGRATION PLAN DOCUMENT


Existing IPS connectivity will be kept till McAfee IPS is deployed
fully.
Replacement of existing two radware LBs with a pair of Radware
LinkProof 208 load balancer in Internet Segment.
Existing Configuration like Dynamic and static natting of Radware
LB would be migrated to new LBs. Radware would be deployed in
routed mode.
Configuration of Radware LBs would include following activities.
1. Configure networking (IP interfaces, routing).
2. Configure WAN link load balancing:

Add a router farm.

Add logical router servers.

Define health checks.

Define flows and flow policies.

3. Configure outbound NAT called Dynamic NAT in LinkProof to


define for each router (WAN link) the NAT addresses to be used
when forwarding.
4. For Configuring inbound traffic load balancing :
a. Configure Static NAT to define for each internal server
that must be available for access from the external
network the IP address that will represent it via each
router (WAN link).
b. Map the URLs for which LinkProof is authoritative
server to the internal server IP addresses.

Physical interface of LB would be connected to Cisco 2960-S WAN


Switch.

IBM

MCA- DATA CENTER


9

INFOSYS

MIGRATION PLAN DOCUMENT


New Layer3 VLAN vlan 101 and vlan 102 would be used for
connecting Internet Routers (Router-01 and Router-02) LAN
interface with LB outside interfaces through Cisco 2960-S WAN
Switch.
Chapter 2.0 IP Address & VLAN details
Physical Connectivity Details
WAN Switch01 VLAN

WAN
Switch01
Interface

VLAN 101

Gi1/0/1

VLAN 101

Connected
Device

Device
Interface

## Connected to Internet Router-01 LAN


Interface(Gi0/0) ##

Internet
Router-01

Gi0/0

Gi1/0/2

## Connected to LP-01 LAN Interface(G2) ##

LP-01

G2

VLAN 102

Gi1/0/3

LP-01

G3

VLAN 59

Gi1/0/4
Gi1/0/11

LP-01
Internet
Router-01

G1

VLAN 22

## Connected to LP-01 LAN Interface(G3) ##


## Connected to LP-01 LAN Interface(G1) through
DC-IPS4240 ##
## Connected to Internet Router-01 LAN
Interface(Gi0/3) - Management ##

VLAN 22

Gi1/0/12

## Connected to LP-01 LAN Interface(MNG1) ##

LP-01

MNG1

VLAN 22
Trunk (59,
101, 102)
Trunk (59,
101, 102)

Gi1/0/22

## Connected to DMZ SW-01 - Port 43 ##

Gi1/0/43

Gi1/0/23

## Connected to WAN Switch-02 - Gi1/0/23 ##

Gi1/0/24

## Connected to WAN Switch-02 - Gi1/0/24 ##

DMZSW
WAN
Switch-02
WAN
Switch-02

Connected
Device

Device
Interface

WAN Switch Interface Descriptions

Gi0/3

Gi1/0/23
Gi1/0/24

WAN Switch02 VLAN

WAN
Switch02
Interface

VLAN 102

Gi1/0/1

## Connected to Internet Router-02 LAN


Interface(Gi0/0) ##

Internet
Router-02

Gi0/0

VLAN 101

Gi1/0/2

## Connected to LP-02 LAN Interface(G2) ##

LP-02

G2

VLAN 102

Gi1/0/3

## Connected to LP-02 LAN Interface(G3) ##

LP-02

G3

VLAN 59

Gi1/0/4
Gi1/0/11

LP-02
Internet
Router-02

G1

VLAN 22

## Connected to LP-02 LAN Interface(G1) ##


## Connected to Internet Router-02 LAN
Interface(Gi0/3) - Management ##

VLAN 22

Gi1/0/12

## Connected to LP-01 LAN Interface(MNG1) ##

LP-02

MNG1

VLAN 22
Trunk (59,
101, 102)
Trunk (59,
101, 102)

Gi1/0/22

## Connected to DMZ SW-02 - Port 43 ##

Gi2/0/43

Gi1/0/23

## Connected to WAN Switch-02 - Gi1/0/23 ##

Gi1/0/24

## Connected to WAN Switch-02 - Gi1/0/24 ##

DMZSW
WAN
Switch-01
WAN
Switch-01

IBM

WAN Switch Interface Descriptions

MCA- DATA CENTER


10

Gi0/3

Gi1/0/23
Gi1/0/24

INFOSYS

MIGRATION PLAN DOCUMENT


Chart# IPADD-2.0
VLAN ID L2/L3
101
L3
102
L3
59
L3
22
L3

Radware Physical Port

G2
G3
G1
MNG1

Primary Radware LP
Radware
Physical Port

Radware Physical IP
Address

WAN Switch 1
Physical Port

G1
G2
G3
MNG1

59.165.200.11/24
14.140.191.13/25
202.56.229.130/28
10.64.22.25/24

Gi1/0/4
Gi1/0/2
Gi1/0/3
Gi1/0/12

Secondary Radware LP

Radware
Physical Port

Radware Physical IP
Address

WAN Switch 1
Physical Port

G1
G2
G3
MNG1

59.165.200.12/24
14.140.191.14/25
202.56.229.131/28
10.64.22.26/24

Gi1/0/4
Gi1/0/2
Gi1/0/3
Gi1/0/12

IBM

MCA- DATA CENTER


11

INFOSYS

MIGRATION PLAN DOCUMENT


3.0 Radware Migration diagram

IBM

MCA- DATA CENTER


12

INFOSYS

MIGRATION PLAN DOCUMENT


3.1 Radware LB Configuration Details
3.1.1 Farm Details

Sl. No.
1
2
3
4

FARMs
MCA-FARM1
MCA-FARM2
MCA-DEFAULT-FARM3
MCA-DEFAULT-FARM4

Dispatch Method
Cyclic
Cyclic
Cyclic
Cyclic

LB Load Balancing Algorithm


Dispatch method in Radware LB decides how to distribute traffic to real
servers/Internet Link. In this deployment scenario there is no use of
dispatch method as farms will forward to only one Link for outgoing or
in coming traffic in Primary / Redundant mode.
3.1.2 Router Farm Details
Sl. No.
1
2
3
4
5
6

Routers
MCA-FM1-RTR-TCIL
MCA-FM1-RTR-BHARTI
MCA-FM2-RTR-TCIL
MCA-FM2-RTR-BHARTI
MCA-DEFAULT-FM3-RTR-TCIL
MCA-DEFAULT-FM4-RTR-BHARTI

Router IP Address
14.140.191.1
202.56.229.129
14.140.191.1
202.56.229.129
14.140.191.1
202.56.229.129

3.1.3 Host network/classes Details

Sl.
No.
1
2
3
4
5
6

IBM

Networks
mca.gov.in
mca21.gov.in
servicedesk.mca
www.mca.gov.in/XBRL
dcdeldns2.mca.gov.in
vpn.mca.gov.in

IP Address
59.165.200.120
59.165.200.120
59.165.200.103
59.165.200.113
59.165.200.3
59.165.200.59

MCA- DATA CENTER


13

INFOSYS

MIGRATION PLAN DOCUMENT


3.1.4 DNS Host/A record Details

Sl.
No.
1
2
3
4
5
6

DNS
www.mca.gov.in
www.mca21.gov.in
servicedesk.mca.gov.in
www.mca.gov.in/XBRL
dcdeldns2.mca.gov.in
www.vpn.mca.gov.in

Host IP Address
59.165.200.120
59.165.200.120
59.165.200.103
59.165.200.113
59.165.200.3
59.165.200.59

3.1.5 Flow Management Details

Sl. No.
1
2
3

Flow Management
ALL-HTTP-IN
NON-HTTP-IN
ALL-OUT

3.1.6 Policy Details


Sl. No.
1
2
3

Flow Policy
ALL-HTTP-IN-Policy
NON-HTTP-IN-Policy
ALL-OUT-Policy

3.1.7 Dynamic Nat for TCIL ISP Link

Dynamic NAT Table


From Local Server
Sl No
IP
1
59.165.200.35
2
59.165.200.55

To Local Server IP

Router IP

59.165.200.35
59.165.200.55

14.140.191.1
14.140.191.1

Dynamic NAT
IP
14.140.191.35
14.140.191.55

Redundancy
Mode
Regular
Regular

3.1.8 Static Nat for TCIL ISP Link


Static NAT Table
From Local
Sl No
Server IP
1
59.165.200.3
2
59.165.200.4

IBM

To Local
Server IP
59.165.200.3
59.165.200.4

Router IP
14.140.191.1
14.140.191.1

From Static
NAT IP
14.140.191.3
14.140.191.4

MCA- DATA CENTER


14

To Static NAT IP
14.140.191.3
14.140.191.4

INFOSYS

MIGRATION PLAN DOCUMENT


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

IBM

59.165.200.10
59.165.200.15
59.165.200.16
59.165.200.21
59.165.200.22
59.165.200.23
59.165.200.24
59.165.200.25
59.165.200.26
59.165.200.27
59.165.200.28
59.165.200.29
59.165.200.32
59.165.200.33
59.165.200.34
59.165.200.37
59.165.200.38
59.165.200.39
59.165.200.40
59.165.200.42
59.165.200.43
59.165.200.57
59.165.200.90
59.165.200.103
59.165.200.105
59.165.200.106
59.165.200.107
59.165.200.108
59.165.200.109
59.165.200.110
59.165.200.111
59.165.200.112
59.165.200.113
59.165.200.114
59.165.200.115
59.165.200.116
59.165.200.117
59.165.200.118
59.165.200.120
59.165.200.121
59.165.200.122
59.165.200.126

59.165.200.10
59.165.200.15
59.165.200.16
59.165.200.21
59.165.200.22
59.165.200.23
59.165.200.24
59.165.200.25
59.165.200.26
59.165.200.27
59.165.200.28
59.165.200.29
59.165.200.32
59.165.200.33
59.165.200.34
59.165.200.37
59.165.200.38
59.165.200.39
59.165.200.40
59.165.200.42
59.165.200.43
59.165.200.57
59.165.200.90
59.165.200.103
59.165.200.105
59.165.200.106
59.165.200.107
59.165.200.108
59.165.200.109
59.165.200.110
59.165.200.111
59.165.200.112
59.165.200.113
59.165.200.114
59.165.200.115
59.165.200.116
59.165.200.117
59.165.200.118
59.165.200.120
59.165.200.121
59.165.200.122
59.165.200.126

14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1
14.140.191.1

14.140.191.10
14.140.191.15
14.140.191.16
14.140.191.21
14.140.191.22
14.140.191.23
14.140.191.24
14.140.191.25
14.140.191.26
14.140.191.27
14.140.191.28
14.140.191.29
14.140.191.32
14.140.191.33
14.140.191.34
14.140.191.37
14.140.191.38
14.140.191.39
14.140.191.40
14.140.191.42
14.140.191.43
14.140.191.57
14.140.191.90
14.140.191.103
14.140.191.105
14.140.191.106
14.140.191.107
14.140.191.108
14.140.191.109
14.140.191.110
14.140.191.111
14.140.191.112
14.140.191.113
14.140.191.114
14.140.191.115
14.140.191.116
14.140.191.117
14.140.191.118
14.140.191.120
14.140.191.121
14.140.191.122
14.140.191.126

MCA- DATA CENTER


15

14.140.191.10
14.140.191.15
14.140.191.16
14.140.191.21
14.140.191.22
14.140.191.23
14.140.191.24
14.140.191.25
14.140.191.26
14.140.191.27
14.140.191.28
14.140.191.29
14.140.191.32
14.140.191.33
14.140.191.34
14.140.191.37
14.140.191.38
14.140.191.39
14.140.191.40
14.140.191.42
14.140.191.43
14.140.191.57
14.140.191.90
14.140.191.103
14.140.191.105
14.140.191.106
14.140.191.107
14.140.191.108
14.140.191.109
14.140.191.110
14.140.191.111
14.140.191.112
14.140.191.113
14.140.191.114
14.140.191.115
14.140.191.116
14.140.191.117
14.140.191.118
14.140.191.120
14.140.191.121
14.140.191.122
14.140.191.126

INFOSYS

MIGRATION PLAN DOCUMENT


3.1.9 Dynamic Nat for Bharti ISP Link

Dynamic NAT Table


From Local Server
Sl No
IP
1
59.165.200.35
2
59.165.200.55

To Local Server IP

Router IP

59.165.200.35
59.165.200.55

202.56.229.129
202.56.229.129

Dynamic NAT
IP
202.56.229.141
202.56.229.142

Redundancy
Mode
Regular
Regular

3.1.10 Static Nat for Bharti ISP Link


Static NAT Table
From Local
Sl No
Server IP
1
59.165.200.3
2
59.165.200.59
3
59.165.200.103
4
59.165.200.113
5
59.165.200.120

To Local
Server IP
59.165.200.3
59.165.200.59
59.165.200.103
59.165.200.113
59.165.200.120

Router IP
202.56.229.129
202.56.229.129
202.56.229.129
202.56.229.129
202.56.229.129

From Static
NAT IP
202.56.229.140
202.56.229.139
202.56.229.138
202.56.229.137
202.56.229.136

To Static NAT IP
202.56.229.140
202.56.229.139
202.56.229.138
202.56.229.137
202.56.229.136

3.1.11 Management IP address


Management IP address - Internet Leg (Checkpoint - OUTSIDE)
Sl
No
Device
Host Name
FO Internet Router-01 (Cisco 3945)
1
DELDCRTRPRIF01

2
3
4
5
6

FO Internet Router-02 (Cisco 3945)


FO Aggregation Switch-01 (Cisco 2960-S)
FO Aggregation Switch-02 (Cisco 2960-S)
Radware Link Proof-01
Radware Link Proof-02

DELDCRTRSECF02
DELDCSWTAGRF01
DELDCSWTAGRF02
DELDCLLBACTF01
DELDCLLBSTBF02

Management IP address - Internet Leg (Checkpoint - INSIDE)


Sl
No
Device
Host Name

1
2
3
4
5
6

DMZ Switch
DMZ Switch

McAfee NSM

IBM

Interface / Port

Gig 0/3
Gig 0/3

DELDCFWLPRIF01
DELDCFWLSECF02
DELDCIPSACTBO1
DELDCIPSSTBBO1

CheckPoint2 - inside Mgmt-smartnet


McAfee M3050-01
McAfee M3050-02

MCA- DATA CENTER


16

10.64.22.22

Gi1/0/5

10.64.22.23

Gi1/0/5

10.64.22.24

MNG1
MNG1

10.64.22.25

Interface / Port
Gi1/0/43

Mgmt IP address

Gi2/0/43

CheckPoint1 - inside Mgmt-smartnet

Mgmt IP address
10.64.22.21

10.64.22.26

10.64.22.1

Port-8
Port-8
Management
Management

10.64.22.2

Eth0

10.64.22.10

10.64.22.3
10.64.22.4
10.64.22.5

INFOSYS

MIGRATION PLAN DOCUMENT


Management Connectivity Diagram

IBM

MCA- DATA CENTER


17

INFOSYS

MIGRATION PLAN DOCUMENT


4.0 Radware Configuration snapshoot
LoadBalance Configuration Summary

Router > IP Router > Interface Parameters > Peer Address

IBM

MCA- DATA CENTER


18

INFOSYS

MIGRATION PLAN DOCUMENT

Redindancy Configuration

IBM

MCA- DATA CENTER


19

INFOSYS

MIGRATION PLAN DOCUMENT

Configure NHR Tracking Table


1. Select Services > Tuning > Device.
2. In the NHR Tracking Table text box, type the limit on the number of entries in the
NHR Table. Default: 100,000.
3. Click Set.
4. Select LinkProof > Global Configuration > General.
5. Configure the following parameters: NHR Tracking Table Status & NHR Tracking
Table Aging
6. Click Set.
LinkProof > Global Configuration > General

IBM

MCA- DATA CENTER


20

INFOSYS

MIGRATION PLAN DOCUMENT

Static NAT Configuration

IBM

MCA- DATA CENTER


21

INFOSYS

MIGRATION PLAN DOCUMENT


Dynamic NAT Configuration

For Inbound web traffic.


Existing TCIL Internet Link will be used for inbound web traffic.
Second internet Link will be used for Inbound SSL VPN traffic.
Outgoing Internet, patch management etc will use Second Internet Link.

LinkProof > Farms > Farm Table

IBM

MCA- DATA CENTER


22

INFOSYS

MIGRATION PLAN DOCUMENT

LinkProof > Servers > Logical Routers Table

Classes > Modify > Networks

IBM

MCA- DATA CENTER


23

INFOSYS

MIGRATION PLAN DOCUMENT

IBM

MCA- DATA CENTER


24

INFOSYS

MIGRATION PLAN DOCUMENT

LinkProof > DNS Configuration > Name to Local IP

LinkProof > Flow Management > Farms Flow Table (To Configure Flow Management)

IBM

MCA- DATA CENTER


25

INFOSYS

MIGRATION PLAN DOCUMENT

LinkProof > Flow Management > Modify policies (To Configure Flow Policies)

LinkProof > Smart NAT > Static NAT Table (To Configure Static NAT)

IBM

MCA- DATA CENTER


26

INFOSYS

MIGRATION PLAN DOCUMENT

DNS Changes

IBM

MCA- DATA CENTER


27

INFOSYS

MIGRATION PLAN DOCUMENT


5.0: Traffic flow Through Link Loadbalancer
5.1: Traffic flow diagram in all working conditions: In all working
condition primary Radware LB will process all traffic.
Traffic flow classification in case of stable scenarios:
In coming Traffic for MCA web application will use TCIL ISP link
only.
In coming Traffic for SSL VPN access will use Bharti ISP link only.
All outgoing traffic linke patchmanagement or internet
requirement for DC ,Bharti ISP link will be used as primary and
TCIL as Backup.
Note : In case of any ISP link not available , all traffic (incoming &
outgoing ) will be through other available ISP link.

IBM

MCA- DATA CENTER


28

INFOSYS

MIGRATION PLAN DOCUMENT


5.2 Traffic flow when a Primary Radware LB Fails.
When Primary Radware LB fail or any one interface of primary LB
fails ,secondary Radware box becomes active

IBM

MCA- DATA CENTER


29

INFOSYS

MIGRATION PLAN DOCUMENT


6.0 Test cases: Test cases are based upon the ping,
http,nslookup,telnet and trace route of Radware vip/physical ip address
and natted servers.
Table 6.1- When Both Radware LP are up and running
Test case

Ping/traceroute/telnet/HTTP

response

When Both
Radware LB are up
and working.
(before migration)

1. Nslookup the web application sites


like www.mca.gov.in ,
www.mca21.gov.in
(14.140.191.120),
servicedesk.mca.gov.in(14.140.191.
103)
2. Ping corresponding public ip address
static natted with with real
servers.Public ip address to ping are
to be captured.
Telnet public vip ip address on port 80
and 53
14.140.191.120 port 80
14.140.191.113- port 80
14.140.191.3 -port 53

Ping Response will


confirm reach
ability of Natted IP
address from the
internet

When Both
Radware LB are up
and working.
(before migration)

Ping both Radware physical interface ip


address.

Ping Response will


confirm reach
ability of Radware
physical interface
and connectivity.

When Both
Radware LB are up
and working.
(before migration)

http://www.mca.gov.in &
http://www.mca21.gov.in

Some Ping
response and
nslookup to Web
site should have
14.140.191.120 as
ip address due to
GSLB setup. Other
ip would be of DR
Chennai ie
115.114.108.120

When Both
Radware LB are up
and working.
(before migration)

IBM

MCA- DATA CENTER


30

Successful telnet
session
establishment will
confirm the
accessibility of
application through
Radware LP.

INFOSYS

MIGRATION PLAN DOCUMENT


Perform all test cases in table 6.1 when primary Radware is down . No
deviation in test result is expected while accessing all application using
secondary LB
Table 6.2 - When Primary Radware Appliance is down
Test case

Ping/traceroute/telnet/HTTP

response

When Primary
Radware LB
Appliance is down
Secondary
Radware LP is
passing traffic.
(before migration)

1. Nslookup the web application sites


like www.mca.gov.in ,
www.mca21.gov.in
(14.140.191.120),
servicedesk.mca.gov.in(14.140.191.
103)
2. Ping corresponding public ip address
static natted with with real
servers.Public ip address to ping are
to be captured.
Telnet public vip ip address on port 80
and 53
14.140.191.120 port 80
14.140.191.113- port 80
14.140.191.3 -port 53

Ping Response will


confirm reach
ability of Natted IP
address from the
internet

Ping both Radware physical interface ip


address.

Ping Response will


confirm reach
ability of Radware
physical interface
and connectivity.

http://www.mca.gov.in &
http://www.mca21.gov.in

Some Ping
response and
nslookup to Web
site should have
14.140.191.120 as
ip address due to
GSLB setup. Other
ip would be of DR
Chennai ie
115.114.108.120

When Primary
Radware LB
Appliance is down
Secondary
Radware LP is
passing traffic.
(before migration)
When Primary
Radware LB
Appliance is down
Secondary
Radware LP is
passing traffic.
(before migration)
When Primary
Radware LB
Appliance is down
Secondary
Radware LP is
passing traffic.
(before migration)

IBM

MCA- DATA CENTER


31

Successful telnet
session
establishment will
confirm the
accessibility of
application through
Radware LP.

INFOSYS

MIGRATION PLAN DOCUMENT


Post Migration Test Cases
Table 6.1 & 6.2 test cases will be performed post migration of new
Radware devices in Internet Segment.

IBM

MCA- DATA CENTER


32

INFOSYS