This guide walks you through the steps to load balance traffic across multiple instances of the Barracuda CloudGen WAF deployed in Amazon Web Services:
Step 1 - Deploy Multiple Barracuda CloudGen WAF Instances in Amazon Web Services
Follow the steps in Barracuda CloudGen WAF Deployment and Quick Start Guide for Amazon Web Services to deploy multiple Barracuda CloudGen WAF instances. To license and configure your virtual machine, continue with . In this example, consider two Barracuda CloudGen WAF instances where, Barracuda-WAF1 is the first unit and Barracuda-WAF2 is the second unit.
Step 2 - Set Up Load Balancing on the Barracuda CloudGen WAF Instances
- Log into the Amazon EC2 Management Console.
- From the EC2 dashboard, select Load Balancers under NETWORK & SECURITY.
- Click Create Load Balancer. The Create Load Balancer window appears.
- In the Define Load Balancer page:
- Load Balancer Name – Enter a name for the load balancer.
- Create LB Inside – Select the VPC ID under which the Barracuda CloudGen WAF instances are launched.
- Leave Create an internal load balancer and Enable advanced VPC configuration set to default value.
- Add the ports where Services are created requiring load balancing.
- Click Continue.
- In the Configure Health Check page:
- Ping Protocol – Keep the default value i.e. HTTP.
- Ping Port – Set to 8000. By default, the Barracuda CloudGen WAF listens on port 8000. If you are using a different port for the Barracuda CloudGen WAF, specify that port number.
- Ping Path – Enter /cgi-mod/index.cgi.
- In the Advanced Details section, specify required values and click Continue.
In the Assign Security Groups page, choose Select an existing security group to select and assign the security group(s) from an existing list, or choose Create a new security group to create a new group (refer to Creating a Security Group for more information). Click Continue.
- In the Add EC2 Instances page, select the instances to be added to this load balancer and click Continue.
- In the Review page, review your settings before creating the load balancer, and then click Create.
- The Load Balancers table displays the created load balancer details.
The services configured should be accessed using the DNS Name of the created load balancer. For example, in the above example the DNS Name of the Load Balancer is WAF-LB-678529183 and the HTTP service created on port 80 can be accessible via http://WAF-LB-678529183 / http://WAF-LB-678529183:80.
Step 3 - Set Up a High Availability Environment with the Barracuda CloudGen WAF
Follow these steps to cluster your Barracuda CloudGen WAF virtual machines in Amazon Web Services:
- Install each system and ensure that each Barracuda CloudGen WAF is running the same firmware version. Each Barracuda CloudGen WAF in a cluster must have the same model number and firmware version.
- Make a backup of each Barracuda CloudGen WAF configuration.
- No processes should be running on any virtual machine when you link them together. To be sure, go to the ADVANCED > Task Manager page of each Barracuda CloudGen WAF and verify that no processes are running.
- From the ADVANCED > High Availability page of Barracuda-WAF1, enter a Cluster Shared Secret password, and click Save Changes.
- From the ADVANCED > High Availability page of Barracuda-WAF2, do the following:
- Enter the same Cluster Shared Secret password, and click Save Changes. Both units in a cluster must have the same Cluster Shared Secret to communicate with each other.
In the Clustered Systems section, enter the WAN IP address of Barracuda-WAF1, and click Join Cluster. Never cancel the join cluster task when the join is in progress.
- On each Barracuda CloudGen WAF, refresh the ADVANCED > High Availability page, and verify the following:
- Each system's Hostname, serial number and WAN IP address appears in the Clustered Systems list.
- The identity of the system (Self or Peer) displays in the Type field.
- The Status is green for all virtual machines in the cluster.
- View the Cluster Status from the BASIC > Dashboard page, under Performance Statistics.
To add more units to the existing cluster, repeat step 1 to 5.a. and then do the following:
- From the ADVANCED > High Availability page of the Barracuda CloudGen WAF you are adding to the cluster, enter the WAN IP address of any system in the cluster in the Peer IP Address field and click Join Cluster. Verify the following:
- The configuration of the cluster automatically propagates to the newly added system.
- The new unit information propagates to all other units in the cluster.