Application Delivery Partitions (ADPs) and Next-Gen WAF

kokosoekokosoe Member
in ADC - Application Delivery

May I ask some questions?

1. Application Delivery Partitions (ADPs)
The customer asked me. They create L3V partitions on the ADC. They found all physical network interface use for the L3V partitions.
For example: One creates an L3V partition for Company A. Next one, creates an L3V partition for Company B. 
Company A L3V partitions all access to the physical network interface and also Company B. 
They create network port mapping Ethernet 1 for Company A L3V partitions. 
Company A can't use other physical network interface ports (for example, Ethernet 2 to 12). Can we define it?

Also, Company B L3V partitions use Ethernet 2. They can't use other physical network interface ports. Can we define it?

2. Resource Template
The customer uses L3V partitions for ADC. The customer has three web servers. 
The customer wants to know the best resource template for application resources, network resources, and system resources.

Could you please advise on the best resource template for application resources, network resources, and system resources?

3. The customer wants to know how many L3V partitions are in the ADC. 

For example, the following model can get how many L3V partitions.

1. Thunder 1060S ADC 
2. Thunder 3350-E ADC 
3. Thunder 3350 ADC 
4. Thunder 3350S ADC 
5. Thunder 4440 ADC 
6. Thunder 5440 ADC

4. The customer wants to know if they use the next-gen WAF for L3V partitions (ADP).

They need to buy a next-gen WAF license for all L3V partitions.

Could you please help and explain? 

Comments

  • mdunnmdunn Member, A10ers ✭✭✭

    Hello - this is an interesting set of questions. Let's dive in:

    1. If an interface is "pristine" and has no configuration (vlans, ip address, etc), then a L3V partition may claim the interface by defining "interface ethernet 1" in the configuration. This will prevent access to the interface from other partitions. Alternatively, a physical interface can be shared amongst L3V partitions with unique tagged VLANs.
    2. Resource templates are optional and are dependent on the needs of the deployment. These can be used to prevent a L3V from exhausting system resources from the global pool. With small deployments, such as 3 web servers, it is unlikely that a resource template is needed. Application, network, and system resources offer these configurations:

      Application Resources
      Contains configuration parameters for application resources such as the number of health monitors, real servers, service groups, virtual servers, as well as a number of GSLB parameters, such as GSLB devices, GSLB sites, and GSLB zones. GSLB parameters are configurable on a per-partition basis (and thus non-configurable at the system level).
      Network Resources
      Contains configuration parameters for available network resources such as static ARPs, static IPv4 routes, static IPv6 routes, MAC addresses, and static neighbors.
      System Resources
      Contains configuration parameters for system resources such as limits for bandwidth, concurrent sessions, Layer 4 Connections Per Second (CPS), Layer 4 Session Limits, Layer 7 CPS, NAT CPS, SSL throughput, SSL CPS, and FW CPS.
    3. L3V Partition count varies based on the A10 hardware platform and ranges from 32 - 255
      https://documentation.a10networks.com/ACOS/604x/ACOS_6.0.4/html/relnotes_Responsive_HTML5/Default.htm#rel_original/Supported_Number_of_Part.htm

      Thunder 1060S ADC 127
      Thunder 3350-E ADC 64
      Thunder 3350 ADC 127
      Thunder 3350S ADC 255
      Thunder 4440 ADC 127
      Thunder 5440 ADC 255
    4. NGWAF is supported up to (8) L3V partitions. Only a single NGWAF license is required, and that licenses the device and the partitions.

Sign In or Register to comment.

© Copyright 2024 - A10 Networks Community - All Rights Reserved. | Legal