It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Clustering

  • Last updated on

If you want to cluster two or more Barracuda Web Application Firewalls, the following three API’s should be executed.

  1. Add Shared Secret to the First Unit/Node
  2. Retrieve Cluster Details from the First Unit/Node
  3. Add the Second Unit/Node to the First Unit/Node

To Add Shared Secret to the First Node

URL:  /v1/system
Method: POST
Description: Adds shared secret to the first node.
Parameter NameData TypeMandatoryDescription
Input Parameters:   
cluster_shared_secretAlphanumericYesPasscode to prevent unauthorized systems from accessing cluster information. All Barracuda Web Application Firewalls in a cluster must have the same shared secret.
Example:

Request:

curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzNzk0OTUxOTgiLCJwYXNzd29yZCI6ImZiODljYjIyOWE5MzcyNTBiNTRkZDNmOTg3\nYmIwMzBkIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d '{"cluster_shared_secret":"12345"}'

 

Response:

{"msg":"Configuration Updated","token":"eyJldCI6IjEzODAyMzA4NzciLCJwYXNzd29yZCI6IjJhM2QxZGI5MzcyNjFjNTQzNDEwNGEyMGJl\nNTRlZTY2IiwidXNlciI6ImFkbWluIn0=\n"}

To Retrieve Cluster Shared Secret

URL:  /v1/system
Method: GET
Description: Retrieves the passcode of the given unit.
Parameter NameData TypeMandatoryDescription
Input Parameters:   
parametersAlphanumericYesThe parameter name (cluster_shared_secret) that needs to be retrieved. 
Example:

Request:

curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MTQiLCJwYXNzd29yZCI6ImMzZTkxZjU5YTRiNDgxMTUxZTFlZGJmODBj\nYzY1Zjc2IiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=cluster_shared_secret

 

Response:

{"token":"eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n","cluster_shared_secret":"123456"}

To Retrieve Cluster Details from the First Node

URL:  /v1/system
Method: GET
Description: Retrieves cluster information such as System IP, Shared Secret and Serial Number from the first node.
Example 1:

Request:

curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n:' -X GET

 

Response:

{"token":"eyJldCI6IjEzODY0MzA5NDkiLCJwYXNzd29yZCI6IjFmZThmNWQ4NWNiYmQ1ZDU2ZGM3NzU3NzNk\nOGFlY2U2IiwidXNlciI6ImFkbWluIn0=\n","system_serial":"477393","cluster_shared_secret":"123456","system_ip":"192.168.0.1"}

Example 2:

Request:

curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=system_ip

 

Response:

{"token":"eyJldCI6IjEzODY0MzEwNjkiLCJwYXNzd29yZCI6IjAyM2FkMmVlNmUyZmY1NGI1NDA4M2M2ZTAz\nMjM2NmNlIiwidXNlciI6ImFkbWluIn0=\n","system_ip":"192.168.0.1"}

To Add a Second Node to the First Node

This REST API should be executed only when the Barracuda Web Application Firewall Vx is deployed on Microsoft Windows Azure.

URL:  /v1/system/configuration_cluster
Method: POST
Description: Adds second node to the first node.
Parameter NameData TypeMandatoryDescription
Input Parameters:   
remote_cluster_shared_secretAlphanumericYesThe passcode specified in cluster_shared_secret of the first node.
remote_system_serialAlphanumericYesThe serial number of the first node.
remote_system_ipNumericYesThe WAN (system) IP address of the first node.
Example:

Request:

curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzNzk0OTUxOTgiLCJwYXNzd29yZCI6ImZiODljYjIyOWE5MzcyNTBiNTRkZDNmOTg3\nYmIwMzBkIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d '{"remote_cluster_shared_secret":"abcdef","remote_system_serial":"123456","remote_system_ip":"10.11.11.11"}'

 

Response:

{"msg":"Configuration Updated","token":"eyJldCI6IjEzODAyMzE2NjYiLCJwYXNzd29yZCI6ImY1YmNlYjkxY2ZmMTdmYzBiZTZlMDExMWY3\nMDE3M2IwIiwidXNlciI6ImFkbWluIn0=\n"}

To add more nodes, perform ONLY step 2 and 3.

To Retrieve Details of Clustered Nodes

URL:  /v1/system/configuration_cluster
Method: GET
Description: Lists all nodes that are in cluster with this unit.
Example 1:

Request:

curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzODY0MzE5OTUiLCJwYXNzd29yZCI6ImVhYTA1ZmFlMjkyN2FhNjk2NThiMDUxNDZk\nNGM4NWNlIiwidXNlciI6ImFkbWluIn0=\n:' -X GET

 

Response:

{"parameters":null,"object":"ConfigurationCluster","data":[{"system_mode":"Active","id":"192.168.0.1","system_serial":"477393","system_ip":"192.168.0.1"},{"system_mode":"Active","id":"10.11.25.190","system_serial":"477395","system_ip":"10.11.25.190"}],"limit":null,"token":"eyJldCI6IjEzODY0MzIwMjciLCJwYXNzd29yZCI6IjA1MDJjM2QzMWQ4ODc1MjFiN2Y5NWI1MzBi\nMWM4MmE0IiwidXNlciI6ImFkbWluIn0=\n","offset":null}

Example 2:

Request:

curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzODY0MzE5OTUiLCJwYXNzd29yZCI6ImVhYTA1ZmFlMjkyN2FhNjk2NThiMDUxNDZk\nNGM4NWNlIiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=system_ip

 

Response:

parameters":["system_ip"],"object":"ConfigurationCluster","data":[{"system_ip":"192.168.0.1"},{"system_ip":"10.11.25.190"}],"limit":null,"token":"eyJldCI6IjEzODY0MzI0NjMiLCJwYXNzd29yZCI6IjM2NDE0M2M4NzM3MDhlZmFiOWZkZjRlNjky\nOGNiOTU4IiwidXNlciI6ImFkbWluIn0=\n","offset":null}

To Delete a Node from the Cluster

URL:  /v1/system/configuration_cluster/{remote_serial}
Method: DELETE
Description: Deletes the node of the given serial number from the cluster.
Example:

Request:

curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster/354425 -u 'eyJldCI6IjEzODQ1NDE4ODUiLCJwYXNzd29yZCI6IjEwZDgzMGI5ZmQ5OTExYmYwYTIxNWIzYzJm\nZDZiZDdjIiwidXNlciI6ImFkbWluIn0=\n:' -X DELETE

 

Response:

{"msg":"Configuration Updated","token":"eyJldCI6IjEzODQ1NDE4OTEiLCJwYXNzd29yZCI6ImZkZDEyMjc5Nzg3MzlhNzE4YWE1NDhkZjYw\nZTQ1NGRiIiwidXNlciI6ImFkbWluIn0=\n"}