Latest version: 3.0.2-1
|
At a Glance |
|
|
Catalog |
System |
|
Category |
Gateways |
|
User volumes |
no |
|
Min. memory |
96 MB |
|
OS |
Linux |
|
Constraints |
no |
OUT is an output gateway that provides access to a network host located outside of an application. OUT accepts traffic from the application on its in terminal and forwards it through its external interface to the remote host.
OUT has a firewall that allows only outgoing traffic (connections and datagrams); it drops incoming traffic that is not for an already established connection or related to a datagram request.
OUT passes all traffic to the remote host specified by the remote_host property. The remote host can be specified either as a DNS host name (for example, www.CA.com) or as an IP address in dots notation (for example, 192.168.1.1). If the remote host is configured using a DNS name, the OUT gateway will verify that if the name-to-IP mapping changes, the gateway will redirect its traffic to the new IP address.
OUT is used to access services outside of the application, such as an external database, web service or document repository. OUT is the only appliance in an application that needs to be configured with the name or IP address of the remote host; the remaining application components can access that host simply by being connected to the OUT appliance input.
Resources
|
Resource |
Minimum |
Maximum |
Default |
|
CPU |
0.05 |
4 |
0.05 |
|
Memory |
96 MB |
2 GB |
96 MB |
|
Bandwidth |
1 Mbps |
2000 Mbps |
200 Mbps |
Terminals
|
Name |
Dir |
Protocol |
Description |
|
in |
in |
Any |
Accepts traffic to be sent out the remote host |
|
mon |
out |
CCE |
Sends performance and resource usage statistics |
The external interface is enabled. It is used for outgoing traffic. It is configured to send all traffic to the remote host.
The default interface is enabled. It is used for maintenance (incoming SSH connections). Properties
|
Property name |
Type |
Description |
|
remote_host |
String |
Defines the remote host to forward all traffic to. This can be the DNS name of the host or its IP address in dots notation. This property is mandatory. |
|
dns_poll |
Integer |
The poll interval, in seconds, that OUT will use when verifying the mapping of the DNS name of remote_host to IP address (used only if remote_host is specified as a DNS name). Set to 0 to disable polling and not try to detect changes. Default is 3600 seconds (1 hour). |
|
ip_addr |
ip_owned |
Defines the IP address of the external interface of the gateway. This property is mandatory. |
|
netmask |
IP address |
Defines the network mask of the external interface. This property is mandatory. |
|
gateway |
IP address |
Defines the default network gateway for the external interface. It can be left blank only if the remote host is on the same subnet; must be specified otherwise. Default is blank. |
|
dns1 |
IP address |
Defines the primary DNS server. It can be left blank if the remote host is specified by its IP address; must be specified otherwise. Default is blank. |
|
dns2 |
IP address |
Defines the secondary DNS server, which will be used if the primary DNS server does not respond. Default is blank (not used). |
Error Messages
The following messages may appear in either the appliance log file or the system log of the grid controller when the appliance fails to start:
Failed to set up rules (exit code <code>); using backup rule set
The following diagram shows a typical usage of OUT for a simple web server application that accesses external database while serving user requests:
Summary of Parts
in1 passes client web requests arriving from outside the application to the web1 server. web1 serves static content by itself; for dynamic content, scripts that run in web1 access an external database through the out1 gateway. The out1 gateway is configured with the host name of the server that provides the external database.
Note: The Apache appliance shown in the above example is not shipped with CA 3Tera AppLogic. However CA 3Tera AppLogic does provide a similar appliance named WEB5.
The following sections describe the configuration of OUT in several typical use cases.
OUT With a Remote Host by DNS Name
This mode is used when the remote host has a valid entry in the DNS server. In this mode, OUT can resolve the DNS name and monitors for changes to the DNS entry for the remote host.
OUT will resolve remote_host using the DNS servers configured as properties. In this mode, at least dns1 must be set.
Example:
|
Property name |
Value |
Description |
|
remote_host |
www.google.com |
DNS name or the IP address of the remote host to forward all traffic to. |
|
dns_poll |
3600 |
The poll interval for the DNS name, in seconds. |
|
ip_addr |
192.168.1.12 |
IP address for the gateway itself. |
|
netmask |
255.255.255.0 |
Netmask for the gateway. |
|
gateway |
192.168.1.1 |
IP address of a router used to reach remote networks. |
|
dns1 |
192.168.1.1 |
Address of a DNS server to use to resolve remote_host. |
|
dns2 |
192.168.1.2 |
Address of a backup DNS server (used if the first one is not available). |
OUT With a Remote Host by IP Address
This mode is used when the IP address of remote_host is fixed or has no DNS records. In this mode the dns_poll property is ignored.
Example:
|
Property name |
Value |
Description |
|
remote_host |
66.102.7.104 |
DNS name or the IP address of the remote host to forward all traffic to. |
|
ip_addr |
192.168.1.12 |
IP address for the gateway itself. |
|
netmask |
255.255.255.0 |
Netmask for the gateway. |
|
gateway |
192.168.1.1 |
IP address of a router used to reach remote networks. |
OUT is not used for accessing multiple hosts with different addresses. Applications that need to access multiple hosts through the same output, such as STMP servers, can use the NET gateway appliance.
OUT is not used for providing incoming requests to an application. Incoming request can be handled using the IN gateway appliance.
Open source and 3rd party software used inside of the appliance
OUT uses the following 3rd party open source packages in addition to the 3rd party open source packages used by its base class LUX5.
|
Software |
Version |
Modified |
License |
Notes |
|
iptables |
1.3.5-1.2.1 |
No |
GPLv2 |
homepage |
|
Copyright © 2011 CA.
All rights reserved.
|
|