SERVERIRON
™
APPLICATION SWITCHES
Intelligent Layer 4-7 Application Switches
Features
t
t
t
t
t
t
t
t
t
t
t
t
Intelligent load balancing,Layer 7 content switching and
security for mission-critical applications
Integrated full-function Layer 2/3 switching and routing
combined with high-performance Layer 4-7 switching
Support for up to 15,000,000 concurrent sessions,and
56 Gbps of throughput
High-availability server load balancing with stateful fail-over
Industry’s most powerful content switching,including URL,
Cookie,XML,HTTP Header,and SSL Session ID
based switching
High performance Server,Cache,VPN/Firewall and ISP link
load balancing
Wire-speed Gigabit rate protection against Denial of Service
(DoS) attacks
Most scalable Global Server Load Balancing (GSLB) with
DNS Proxy and client proximity measurements
Ease of use and manageability with IronView Network
Manager (INM)
Always-on network monitoring with standards-based sFlow
Superior support for all major streaming media protocols
Industry’s #1 Layer 4-7 application switch
with Modular 10 Gigabit Ethernet Support
ServerIron™Intelligent Application
Switching and Security System with
Internet IronWare® Layer 2 through
7 Switching
Foundry Networks®’award-winning ServerIron Family of
switches provide high performance Layer 2 through 7 switching,
enabling network managers to control and manage today’s
exploding IP transactions, IP applications and e-commerce
traffic flows.Internet IronWare,Foundry’s unique software suite
of application traffic management capabilities—powers the
ServerIron switches to direct requests to the right server and
application based on the information that resides beyond the
traditional Layer 2 and 3 packet headers. ServerIron eases
escalating application traffic overload, dramatically increases
service availability, maximizes utilization, reduces the burden
of server farm management, and allows the entire server facility
to scale to meet current and future needs.
Built on Foundry’s proven IronCore™ and JetCore™
architectures, ServerIron enables application traffic switching
based on Layer 2 through Layer 7 definitions.ServerIron delivers
industry-leading performance for Internet traffic management
functions, including local and global server load balancing, ISP
link load balancing,firewall load balancing,and transparent cache
switching. ServerIron’s superior content-switching capabilities
1
include support for up to 256 rules based on URL, HTTP
header, XML, cookie and SSL session ID content. Furthermore,
ServerIron provides the foundation for high service availability,
disaster recovery,location and server transparency,backbone cost
control,and a consistent user experience.
ServerIron supports the following major traffic
management applications:
1. Efficient Server Load Balancing (SLB) — Distribute IPbased services and transparently balance traffic across multiple
servers while continuously monitoring server,application and
content health.This enhances overall reliability and availability
of the services while simultaneously ensuring peak server
farm utilization.
2. Robust Application Security — Shield server farms and
applications from wire-speed Gigabit rate DoS, DDoS, virus
and worm attacks while serving legitimate application traffic.
Improve security using IronShieldTM security suite with
support for features like advanced ACLs and sFlow network
monitoring.
6. ISP Link Load Balancing (LLB) — Significantly increase
Enterprise Internet link utilization and reduce the cost of ISP
service without the complexities and limitations of BGP
routing.Improve bandwidth scalability with optimal capacity
utilization based on intelligent traffic switching using key
metrics like service response time and bandwidth price.
Achieve load balancing, redundancy and resiliency on
business-critical Internet links with a single application.
Key Benefits
Server and Application Availability
ServerIron ensures service availability by offering switch, server,
link,and session level redundancy.
In the event of a server or application outage,ServerIron provides
detection and rapid fail-over to the next server in a logical group
that supports a like service. ServerIron detects application error
conditions such as HTTP “404 – Object not found” before the
client sees them and transparently redirects the requests to other
servers without any manual intervention.
3. Disaster Recovery and Global Server Load Balancing
(GSLB) — Distribute services transparently across multiple
sites and server farm locations and balance the traffic across
those sites/servers on a global basis while monitoring
site/server and application health. By directing the client to
the best site for the fastest content delivery, ServerIron
enhances overall application availability and reduces
bandwidth costs. Site level redundancy and rapid transparent
failover are supported for disaster recovery.
Internet
NetIron 400
OC-3, -12, -48
NetIron 400
FSRP
VRRP
100-FX
100-FX
1000-SX
1000-SX
4. Firewall Load Balancing (FWLB) — Increase the
network’s overall firewall performance by distributing
Internet traffic load across multiple firewalls. Overcome
firewall scalability limitations, increase firewall throughput
and performance, and improve firewall resiliency by
eliminating the firewall as a “single point of failure”.
1000-SX
ServerIronXL
ServerIronXL
BigIron
4K
t
5. Transparent Cache Switching (TCS) — Eliminate the
need to configure each client browser, improve Internet
response time, decrease WAN access costs, and increase
overall web caching solution resiliency by balancing web
traffic across multiple caches. ServerIron improves service
availability by implementing cache health checking and
redirects client requests to the next available cache server or
directly to the origin server in the event of a cache or server
farm failure.
Figure 1
To provide 100 percent availability, ServerIron includes an
active-standby or active-active redundancy capability that
protects against session loss. When enabled, this feature allows
network administrators to establish primary and secondary load
balancing switches to support identical configuration
parameters.In active-standby mode,one unit operates while the
other unit sits as a backup. In active-active mode, both units
operate symmetrically. In either situation, each switch
continuously monitors the health of the other. In the event that
2
one device fails, the other switch takes over without losing
sessions or connectivity. ServerIron also supports link-level
redundancy that ensures server connectivity by automatically
switching sessions from a failed link to a redundant link.
ServerIron’s extensive service health check capability monitors
Layer 2,Layer 3,Layer 4,and Layer 7 connectivity and services and
determines the servers’ ability to respond to user requests.
This ensures fast detection of service problems and eliminates
service outage.
For enhanced security and performance, ServerIron’s FWLB
eliminates firewall bottlenecks and scales firewall
implementations by balancing and distributing load across
multiple firewalls. With load balancing support for synchronous,
non-synchronous,Network Address Translation (NAT),Layer 2,
and Layer 3 firewalls,network administrators can deploy firewalls
in the most flexible and reliable manner. ServerIron supports
active-standby as well as active-active FWLB configurations.
ServerIron’s FWLB supports environments built on static or
dynamic routing protocols including RIPV2 and OSPF.
Robust Security
With a rich set of advanced high-performance security features,
the ServerIron acts as the last line of defense for the servers and
applications from malicious clients. Using the superior
performance and advanced security algorithms, the ServerIron
can prevent unauthorized client requests from reaching the
server and therefore substantially improving server availability.
ServerIron offers the industry’s best and the most advanced
security intelligence as part of the high-performance
IronShieldTM security suite. ServerIron switches protect the
networks, server farms and applications against wire-speed
Gigabit DoS attacks. Only legitimate client traffic is allowed to
pass through to the real servers. With sophisticated and highperformance URL, cookie, HTTP header and XML content
filtering, ServerIron switches prevent viruses and worms
from spreading to the application infrastructure through
application messages.
Internet
NetIron 400
NetIron 400
ServerIron 400
ServerIron 400
t
Figure 2
Maximum Scalability
Easy to Set Up and Manage
ServerIron supports high port density on both the stackable and
chassis platforms, allowing for support of massive server farms
and network devices such as firewalls and caches.
TrafficWorks IronWare running on ServerIron simplifies
network design by enabling network managers to create a server
farm, represented by a single IP address known as a Virtual IP
(VIP) address. ServerIron appears as a virtual server with a VIP
address that controls, monitors, and directs client requests to the
most appropriate real server in a server farm. By supporting a
wide selection of intelligent load balancing methods, network
administrators can transparently and easily scale server capacity
regardless of the server platform. ServerIron delivers these
benefits without using expensive hardware add-ons or serverside agents.
ServerIron allows ISPs and enterprises to deploy GSLB to
transparently expand server capacity on a worldwide basis by
redirecting service requests across multiple data centers located
around the world and scale application capabilities to global
proportions.
ServerIron is simple to configure and manage using the Foundry
Command Line Interface (CLI) or built-in Web interface.The
CLI uses well known Cisco-like commands allowing network
administrative staff to easily configure all Foundry products.
In addition, ServerIron’s support for Simple Network
Management Protocol (SNMP) allows device management
using applications such as HP OpenView, available on major
server platforms including Sun Solaris,HP-UX,andWindows NT.
Foundry’s IronView NMS application can be used to monitor
and chart SLB and TCS data polled at regular intervals. Formats
include bar graph, line graph, and pie chart allowing network
managers to easily collect and display detailed information about
network traffic destined to server farms.Network administrators
can also gauge the amount of traffic between servers and clients,
as well as which application is dominating network traffic.
Extensive accounting and statistics allow network managers to
easily collect and display detailed information about network
3
traffic destined to server farms. Network administrators can also
gauge the amount of traffic between servers and clients,as well as
which application is dominating network traffic. In addition,
ServerIron tracks the number of active and open sessions per
server.These statistics can also be used to track traffic loads on
servers that support multiple applications.
ServerIron supports advanced configuration synchronization
features to minimize configuration errors, and consequently
network and application downtime. Using the command-bycommand and block-by-block synchronization modes,
administrators have the flexibility to replicate configuration on
the peer ServerIron in high availability designs at the granularity
they desire without manual repetition. Additionally, ServerIron
products are integrated with IronView Network Manager
(INM) to provide comprehensive centralized configuration
management. The INM supports configuration creation,
archival,comparison and tracking of configuration files for all the
ServerIrons deployed in a network. Administrators are able to
update configurations on multiple ServerIrons with a click of the
button.
IronClad Application Performance
ServerIron delivers unmatched Layer 2 through Layer 7
switching performance.Utilizing the same proven technology of
Foundry’s BigIron wire-speed switches, all ServerIron platforms
contain a unique distributed switching fabric and powerful
packet processing engines to deliver load-balancing capacity of
over 150,000 Layer 4 connections per second including data
transfer,or 600,000 connection setups per second with no session
loss.As well,ServerIron scales to maintain 15,000,000 concurrent
sessions.This ensures service availability during peak application
traffic load and during massive denial of service attacks.
t
t
t
t
t
t
t
Key Features
Exceptional Performance
and Capacity
t
t
Industry Leader in Concurrent Session Capacity — ServerIron
effectively handles over 15,000,000 concurrent connections to
accommodate more client traffic as the application infrastructure
experiences growing traffic demands.
Direct Server Return (Switch Back) — Inherently asymmetrical
nature of streaming media and bulk data applications requires highthroughput support.The client-to-server traffic flows through the load
balancing device but the return (server-to-client) traffic,which
t
t
typically consumes more bandwidth because it contains the
information that the client has asked for,switches directly to the client
on the return path.By avoiding the load-balancing device,Switch
Back provides wire-speed throughput servicing the clients.
Throughput — The various ServerIron platforms provide
differentiated system performance and throughput levels from 2 Gbps
with ServerIronXL,right up to 56 Gbps with ServerIron 800/850
depending on policies enabled on the ServerIron.
Session Processing — Foundry leads the industry with realworld session processing capabilities of over 600,000 connection
setups per second.
Symmetric Load Balancing — Multiple switches can be deployed
to increase load-balancing capabilities in parallel and multiply the
total connection capacity and overall performance.Also known as an
active-active configuration,IronWare’s symmetric load balancing
provides cross-platform fault tolerance,picking up the full load where
the failed switch left off without losing any state information.
Switching Capacity — Built on Foundry’s custom ASIC designs,
ServerIronXL,ServerIron 100 Series,ServerIron 400 and
ServerIron 800 respectively deliver 4.2 Gbps,20 Gbps,128 Gbps
and 256 Gbps of total switching capacity.ServerIron 450 and 850
deliver 128 and 256 Gbps of total switching capacity.
Trunking for Performance — Trunk groups can be configured
between ServerIron switches,between ServerIron and other
standards-compliant switches,or between the ServerIron switch and
the server to increase overall server farm bandwidth,throughput,
performance,and redundancy. ServerIronXL supports up to five
trunk groups containing from two to four 10/100Base TX ports,
and ServerIron 800 and 850 support up to 22 trunk groups.
IP Filters — Network managers can define up to 1024 IP filters to
selectively control SLB and TCS traffic. These dynamic filters,which
take effect immediately without requiring a reboot,match on source
and destination IP address,network mask,and TCP/UDP port
information.
Overflow Protection — In the event that the local servers exceed
their maximum capacity,Foundry’s Internet traffic management
systems can load balance the subsequent requests to remote
server farms.
Massive Server Farms — ServerIronXL supports up to 24
10/100 ports and 2 Gigabit ports,ServerIron 100 Series offers 3
models with Gigabit or Fast Ethernet copper or fiber ports,
ServerIron 800 supports up to 168 10/100BaseTX ports or 56
Gigabit ports, ServerIron 850 supports up to 112 Gigabit ports in
a single chassis.With support for unlimited Virtual IP addresses,and
up to 2048 real servers,ServerIron switches provide the highest
connectivity to server farms.
High Performance Web Hosting — ServerIron’s many-to-one
load-balancing features enable network managers to define multiple
VIPs and track service usage by VIP. With this capability,a single
server and port number can load balance multiple web sites across a
shared set of real servers.
4
t
t
t
t
t
Slow Start — To protect the server from a surging flow of traffic at
startup,ServerIron implements a unique slow-start service that allows
real servers to gradually accept connections when the server comes up.
This is especially useful for SLB implementations using least
connections as the load balancing method.Since most servers today
cannot handle more than 2000 new connections per second,this
feature helps ensure stability when bringing new servers online.
Cookie Insertion/Deletion — This feature enables transparent
application support by allowing the ServerIron to insert cookies into
HTTP requests and responses. This allows client/server persistence
even when the application itself does not support cookies.
Server Connection Offload — The ServerIron increases server
performance,availability,response time and security by offloading
connection management from the servers.Using persistent HTTP
1.0 and 1.1 connections to the server,the ServerIron sequentially
streams large number of client-side connections to a few server-side
connections.Connection offload allows the servers to focus on missioncritical high-performance application service delivery.In addition to
the performance gain,the servers also get protection against DoS,
virus and worm attacks from hackers because the servers never directly
interact with the clients for connection management.
Maximum Connections— Used to protect servers from bogging
down due to high amounts of Internet traffic,this feature allows
administrators to limit the number of concurrent connections handled
by a particular server and ensures that the traffic does not outpace the
performance of the server.
Enterprise Application Support — ServerIron can be deployed in
many Enterprise environments where IP-based applications are used,
including the popular applications like Oracle,BEA WebLogic,IBM
WebSphere,PeopleSoft and Siebel. ServerIron supports custom
features for load balancing and persistence for these applications.
Additionally,the ServerIron support includes VoIP,where load
balancing and fault tolerance can be provided for IP PBXs,as well as
database environments,CRM systems,and popular financial and
production management systems.
Server and Application Health
Checks
t
t
t
Layer 3 — Upon configuration,ServerIron immediately and
automatically health checks the server via ARP and ping to
determine whether the server is ready for operation.If problems
arise,ServerIron can automatically take corrective action.
Layer 4 — When the network manager binds an application
(TCP/UDP port) on a real server to an application on a virtual
server, ServerIron performs a Layer 4 health check,which the server
must pass. This guarantees that clients do not hit “dead”servers.
Layer 7 — With health checking enabled for a service (TCP /UDP
port),ServerIron can perform a Layer 7 application-specific health
check immediately after successful completion of the Layer 4 health
check.These include the following:HTTP,DNS,SMTP,
POP3,LDAP,NNTP,IMAP4,FTP,Telnet,RADIUS,
and others.
t
t
Scripted — Using scripted health checks,the ServerIron provides a
flexible mechanism to check the health of applications using nonstandard ports.The switch inspects the health check response messages
from the server for user-configured ASCII text that indicates
application health.
Boolean — Boolean health checks offer immense flexibility by
allowing to decouple health checking from the ports bound to the
Virtual IP. Multiple Boolean health checks may be combined and
tied to the health of any port on any VIP.
Load Balancing Method
t
t
t
t
t
t
t
t
Round Robin — Assigns connections sequentially among servers in
a logical community.Round robin treats all servers as equal regardless
of the number of connections or response time.
Least Connections — Assigns a connection to the server with the
least number of open connections.This option works well in server farms
which have groups of servers with dissimilar performance capabilities.
Least connections ensures adequate distribution and avoids
server overload.
Weighted Percentage — Allows managers to assign a performance
weight to each server.Use weighted percentage to ensure that those
servers capable of processing connections faster receive the largest
number of connections.
Response Time — Directs requests to the server providing the best
response time.Response time measurements include the network
latency and the response time for the application-level health checks.
Combined Response Time and Least Connections — Directs
requests to a server based on the server and application response time,
and the number of active connections on the server.
Bandwidth and Weighted Bandwidth — Load balances between
servers based on the amount of bandwidth processed by each real
server in a given duration of time.Sampling interval and duration
for bandwidth measurements are user configurable.Using weighted
bandwidth assigns greater weight to most recent samples,or to
more potent servers to deliver the highest server performance
and scalability.
Cookie Switching — This feature directs HTTP requests to a
server group based on information embedded in a cookie in the
HTTP header.The next time the client requests information from
the server,the cookie specifies which server group should handle the
request.Cookie switching ensures that a particular server group
always handles requests from a particular client,even across sessions,
thereby guaranteeing client persistence and a more satisfying
end-user experience.
URL Switching — ServerIron directs HTTP requests to a server
or group of servers,using information contained inside the text of
a URL string.URL switching grants the network administrator
greater control over the web site deployment to place different web
content on different servers,thereby eliminating the constraint of
duplicating all content across all load-balanced real servers.
5
t
t
t
t
t
t
URL Hashing — Using this feature enables ServerIron to examine
information in the HTTP request (either the Cookie header or the
URL string) and internally map this information to one of the real
servers bound to the virtual server.This HTTP request and all future
HTTP requests that contain this information then always go to the
same real server.
URL Parsing — Selects a real server or a group of servers by
looking at the prefix or suffix of the URL or by applying a patternmatching expression to the entire URL.ServerIron supports up to
256 URL rules and imposes no limit on the URL length examined.
SSL Session ID Switching — SSL (Secure Socket Layer) is a
protocol for secure World Wide Web connections used to protect
confidential information with server authentication,data encryption
and message integrity.In order for SSL to work,all the SSL
connections between a client and server must reach the same host.
ServerIron ensures that all the traffic for an SSL transaction with a
given SSL ID always goes to the same server.It is a “must have”
feature for commerce,financial,and shopping-cart based web sites.
HTTP Header Switching — Directs client requests to the
appropriate group of servers by reading deep into the contents of the
HTTP header.For example,using the language code embedded in
the header,the ServerIron sends the client request to the group of
servers providing content for a specific language.The HTTP protocol
header has fields that carry valuable information that can assist in
further optimizing server utilization and increasing server scalability.
XML Switching — XML has emerged as a dominant standard for
exchanging information between applications in the Internet.The
ServerIron provides intelligent Layer 7 switching based on XML
tags and attributes embedded in XML documents encapsulated in
SOAP and HTTP messages.Load balancing,persistence and
content filtering are supported with XML switching rules.
Advanced Rules Engine —The ServerIron supports the industry’s
most comprehensive rules engine that gives maximum flexibility to
the customers in defining and applying Layer 4-7 switching rules to
a rich set of application content.Switching rules are not limited to
one type of content or protocol,and can be combined for maximum
flexibility and scalability.
t
t
t
t
t
Session Persistence for
Web Application Transactions
t
t
IronShield™ Security
t
t
Intelligent TCP and UDP Connection Rate Limiting —
ServerIron further protects server farms,firewalls and cache servers by
controlling the rate of TCP and UDP connections on an application
port basis.Controlling the rate of new connections that each device
receives ensures availability despite increased levels of activity due to
DDoS attacks or surges in user access.
Network Address Translation (NAT) — Using ServerIron’s
bi-directional NAT,network administrators can assign real servers
internal non-routable private addresses to enhance security and
conserve address space.ServerIron also supports NAT functionality
for environments where the real servers reside in different subnets.
This translates to complete network design flexibility when laying
out server farms.
Enhanced NAT — Unique to Foundry Networks,ServerIron’s
generic NAT supports generic UDP,TCP,and ICMP applications
as well as active and passive FTP,Windows™ Media,RealAudio,
Real Video,RealMedia,and QuickTime protocols
Transaction Rate Limiting™ — ServerIron protects real servers
against malicious attacks from high-bandwidth users by allowing
administrators to configure a threshold for the rate of incoming
connections per user.
SYN-Guard ™ — ServerIron protects server farms against multiple
forms of Denial of Service (DoS) attacks,such as TCP SYN attacks,
by monitoring and tracking session flows.Only valid connection
requests are sent to the server.This capability combined with the
ability to support over 15 million concurrent connections protects
against the hijacking of server resources by malicious users and
ensures connectivity for genuine clients.Using the SYN-Cookie
feature,the ServerIron forwards only completed client connections
to the servers.
High Performance Access Control Lists (ACLs) and Extended
ACLs — By using ACLs,network administrators can restrict access
to specific applications from a given address or subnet. Filters can be
easily set to deny access to servers by any particular port or VIP
address.For example,a network administrator can deny FTP traffic
to a particular address.Conversely,filters can be set to allow access by
a subset of users or subnets.
Cisco-syntax ACLs — ServerIron supports Cisco-syntax ACLs,
which network administrators can easily cut/copy/ paste from their
existing Cisco products to drop them right into the ServerIron
configuration for the ultimate in portability and security.
t
Internet IronWare maintains up to seven different methods of
persistence to ensure that shopping-cart type applications and longrunning transactions proceed accurately.When combined with the
ability to handle over 15 million concurrent sessions,ServerIron
provides the industry’s best persistence methods to build highperformance networks for e-commerce.
Port Tracking — Some web applications define a lead port and
follower ports.ServerIron ensures that all connections to the follower
ports arrive at the same server as the lead port connection.For
example,if SSL traffic follows HTTP traffic,the network
administrator often defines the SSL port as the follower port
to the HTTP port.This ensures that both types of traffic arrive
at the same server for a given customer.
Sticky Ports — ServerIron supports a wide variety of “sticky”
connections,including those where applications require that the client
request for additional TCP/UDP ports always go to the same real
server,to the server using arbitrary port numbers,or to the server using
sequential TCP/UDP ports.
6
t
t
t
Additional Persistence Methodologies — ServerIron supports
many other types of persistence based on a large range of user
programmable options,including Source IP/VIP/Port,Source
IP/VIP,and SSL Session ID.
Mega Proxy Server Persistence — Network managers can
configure ServerIron to treat a range of source IP addresses as a single
source to solve the persistence problem caused by certain mega proxy
sites in the Internet.
Comprehensive Session Persistence — ServerIron expands
upon simple cookie-based switching by including support for Source
IP based persistence.When configured for cookie-based persistence,
ServerIron uses Source IP-based session persistence if there is no
cookie present.This provides a superior level of session persistence
over other vendor implementations.
t
t
Graceful Shutdown — ServerIron allows you to gracefully remove
a server from the load balancing rotation without disrupting any
existing session.This increases site stability when upgrading or
repairing servers.
SNMP Reporting — ServerIron reports SNMP traps and events
to the specified trap receiver and can send those management
messages to up to six different Syslog servers.
www.foundrynet.com
New York
ServerIron
B
San Jose
7
Round Trip Time
Proximity
and Load
Conditions
Authoritative DNS
1. San Jose
2. New York
High Availability Services
www.foundrynet.com
t
t
t
t
t
t
Remote Backup Servers — If no local servers or applications are
available,ServerIron sends client requests to remote servers.The
remote server can be another server farm managed by another
ServerIron or just another group of real servers.By defining multiple
remote servers,ServerIron will load balance the traffic among them
using the selected load balancing method.
HTTP Redirect — ServerIron can also use HTTP redirect to send
traffic to remote servers if the requested application is not available on
the local server farm.
Active/Standby — When deployed in active-standby mode,the
standby ServerIron will assume control and preserve the state of
existing sessions in the event the primary load-balancing device fails.
Configuration common to the two ServerIron switches can be
automatically synchronized to avoid manual replication.
Active/Active — When deployed in active-active mode,both
ServerIron switches work simultaneously and provide a backup for
each other while supporting stateful fail-over.Configuration common
to the two ServerIron switches can be automatically synchronized to
avoid manual replication.
Quality of Service — Network administrators can prioritize traffic
based on ports,MAC,VLAN,and 802.1p attributes,as well as
by service port and application type;for example,ServerIron can
grant priority to HTTP traffic over FTP.
Redundant Power Supplies — ServerIronXL supports an
optional built-in redundant power supply and ServerIron
800/850 support multiple (up to three additional) hot-swappable
power supply options.ServerIron 100,400 and 450 support dual
hot-swappable power supplies.
Ease Server Farm Management
t
Mix and Match Servers — ServerIron increases network design
flexibility and investment protection for existing resources by
allowing for application distribution on different servers based on
performance requirements,with dynamic adjustment and without
interruption of service.
Local
DNS
6
ServerIron
A
3
5
2
1
DNS
Request/
Response
Client
4
1. New York
2. San Jose
Denver
t
Figure 3
Disaster Recovery and Global
Server Load Balancing
ServerIron redirects client traffic globally by site availability, site
load, and site response time. ServerIron also measures client/
server proximity as defined by round trip delay and geographic
location. All these features can work in conjunction with the
network’s existing DNS servers and results in minimizing
network disruption when implementing GSLB. ServerIron
continually monitors the sites to detect any changes in servers or
services due to varying health and traffic conditions.
Configurable site load thresholds enable network administrators
to fine tune the health checking parameters to best suit the site’s
server and service capabilities.[See Figure 3]
FlashBack™, a unique Foundry Internet traffic management
feature, measures response time between the authoritative DNS
site and each data center.ServerIron actually computes proximity
based on the round trip time between the different global sites
and uses these measurements as a benchmark to determine site
responsiveness and the site’s range to the client.
In addition,ServerIron uses geographic site selection to keep the
requests within continental domains. ServerIron constantly
monitors application traffic to create a knowledge base that
enables a more intelligent GSLB methodology, powering
smarter site selection criteria. ServerIron handles server farm
outages or overloads even after the DNS lookup by automatically
triggering HTTP redirection or implementing remote server
load balancing.ServerIron GSLB provides the following:
7
t
t
t
t
t
t
t
t
Acts as a DNS proxy to transparently intercept and modify the
DNS responses,thereby directing customers to the best site.
Handles server farm outage or overload after the DNS lookup by
HTTP redirect or remote server load balancing.
Leverages the existing DNS server and minimizes disruption to
the existing DNS environment.
Provides continuous site monitoring to detect changes in site
health conditions.
Allows the network administrator to tune individual site load
thresholds through configurable settings.
Monitors and selects sites based on FlashBack speed,which
measures performance using site,server and application
responsiveness.
Adds an evolutionary knowledge based in the global server load
balancer that enables smarter site selection as more clients access
the site.
Grants the network administrator the ability to tune ServerIron
settings and ensure that minimal differences in various site metrics
do not affect site selection.
Foundry offers another unique Internet application
management feature called “Global IP”. Working alongside
Foundry Layer 3 switches (BigIron® and NetIron®) and powered
by unique VIP health checking algorithms, Global IP injects
routes to client application services based on regional data center
server-farm health and provides GSLB capability without
relying on the DNS protocol.This enables ISPs and enterprises
to instantaneously build networking infrastructures on a global
basis and offer ready-to-go differentiated services to customers
for multi-site deployments.
Web Server Farm
Dynamic
Content
Static
Content
Cache
Web Server Farm
t
Figure 4
ServerIron switches provide the industry’s most powerful
content-aware cache switching features to build intelligent
content networks that route traffic based on content rather than
just IP addresses.The ServerIron TCS application includes the
following content-switching features:
t Intelligent load balancing of caches to eliminate content duplication,
increase cache-hit ratio,and improve the Internet response time.
t Accelerate delivery of dynamic content and optimize the cache
utilization by bypassing the caches automatically for dynamic content.
t Specify content-based rules to determine what content should
be cached.
t Organize caches into logical groups that serve different content to
provide differentiated service offerings to content providers.
Transparent Cache Switching
ServerIron switches improve Internet response time and
decrease WAN access costs by redirecting web traffic destined
for remote Internet hosts to local cache servers. Foundry’s
Transparent Cache Switching (TCS) can be used with any cache
server that supports transparent redirection, including those
from leading vendors such as Blue Coat, Cobalt, Compaq, Dell,
Inktomi (aYahoo company),Network Appliance,and Novell.
Foundry’s TCS offers network managers a resilient web caching
solution that significantly simplifies administration. Unlike
proxy server solutions that require manual configuration of each
client’s browser,ServerIron transparently intercepts and switches
HTTP client requests to an available cache server without
reconfiguring the client’s browser. Network administrators can
configure the device to switch traffic based on source and
destination IP address.[See Figure 4]
8
Technical and Physical Specifications
Load Balancing
Methods
Protocol
Support
Standards
Compliance
Least connections
Response time
Response time + least connections
Round robin
Weighted distribution
Bandwidth and Weighted Bandwidth
TCP
UDP
SSL
FTP
Telnet
SMTP
HTTP
IMAP4
LDAP
NNTP
POP3
DNS
BootP
TFTP
SNMP
VRRP/VRRPe
IPSec
RADIUS
VoIP
802.3,10BaseT
802.3u 100BaseTX,
100BaseFX
802.3z 1000BaseSX
802.3z 1000BaseLX
802.3x Flow Control
802.1qVLAN Tagging
802.1d Bridging
802.3 Ethernet Like MIB
Repeater MIB
Ethernet Interface MIB
SNMPV1
SNMP MIB II
Layer 2 Switching
Capabilities
32,000 MAC addresses
802.1d Spanning Tree Protocol
802.1p prioritization
Policy-basedVLANs
Port-basedVLANs
Layer 3 protocolVLANs
Layer 3 protocol and subnetVLANs
802.1qVLAN tagging
ServerIronXL
Concurrent sessions
Throughput
Switching capacity
Packet forwarding rate
Number of Virtual IP addresses
Number of real servers
Number of 10/100 ports
Number of Gigabit ports
Total number of ports
Layer 3 switching capabilities
Physical dimensions
Weight
Power requirements
1,000,000
2 Gbps
4.4 Gbps
3,000,000 pps
Unlimited
1,024
24
2
26
Supports servers
on different subnets
from that of Virtual
IP address
2.75" h x 17.5"
w x 16.75" d
(6.7 cm x 44.5
cm x 42.2 cm)
18–22 lbs
(8–10 kg)
110v/220v
auto-sensing
Network
Management
Web-based GUI
Telnet
SNMP
RMON
IronView Network Manager
(INM)
HP OpenView
Warranty
1 year hardware
90 days software
Upgrades to higher
levels available
Mounting Options
19" Universal EIA
(telco) Rack
Tabletop
Integrated Command Line
Interface
SSH
ServerIron 100
Series
5,000,000
10 Gbps
20 Gbps
48,000,000 pps
Unlimited
2,048
24
10
24
OSPF, RIPv2, Supports
servers on different
subnets from that of
Virtual IP address
8.75" h x 17.5"
w x15" d
(22.2 cm x 44.5
cm x 38.1 cm)
Not to exceed 60 lbs
(29.9 kg)
Single (1) Power Supply:
Input Voltage and Current
Power Supply Rating—
70 to -40 VDC: 17A 100
to 120 VAC (auto-ranging):
8A 200 to 240 VAC
(auto-ranging): 4A AC
line frequency: 47–63 Hz
ServerIron 400/450
ServerIron 800/850
15,000,000
56 Gbps
128 Gbps
48,000,000 pps
Unlimited
2,048
72
48
72
OSPF, RIPv2, Supports
servers on different
subnets from that of
Virtual IP address
8.75" h x 17.5"
w x 15" d
(22.2 cm x 44.5
cm x 38.1 cm)
60 lbs fully loaded
(29.9 kg)
4-slot Chassis with Single
(1) Power Supply:
InputVoltage and Current
Power Supply Rating -70
to -40 VDC: 17A 100
to 120 VAC (auto-ranging):
8A 200 to 240 VAC
(auto-ranging): 4A AC
line frequency: 47–63 Hz
15,000,000
56 Gbps
256 Gbps
84,000,000 pps
Unlimited
2,048
168
112
168
OSPF, RIPv2, Supports
servers on different
subnets from that of
Virtual IP address
20.75" h x 17.5"
w x15.25" d
(52.7 cm x 44.5
cm x 38.7 cm)
117 lbs fully loaded
(43.7 kg)
8-slot Chassis with Single
(1) Power Supply:
InputVoltage and Current
Power Supply Rating -70
to -40 VDC: 17A 100
to 120 VAC (autoranging): 8A 200 to 240
VAC (auto-ranging): 4A
AC line frequency:47–63 Hz
9
Ordering Information
Part Number
SI450
SI450-DC
SI850
SI850-DC
S450
S450-DC
S450-S
S850
S850-DC
S850-S
J-B48E
J-BxG
J-B16GC
J-B16Gx
WSM6
TRFWRKS-PREM
LHA
LHB
E1MG-SX
E1MTG-SX
E1MG-LX
E1MG-LHA
E1MG-LHB
E1MG-TX
SI400
SI400-DC
SI800
SI800-DC
S400
S400-DC
S400-S
S800
S800-DC
S800-S
BxG-A
B2G-A
B4G-A
B8G-A
B8GC
B24E-A
B24FX
WSM4
TRFWRKS-PREM
LHA
LHB
Description
ServerIron 450 and 850 Base Platforms
4-slot chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to three
additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
4-slot –48V DC chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to
three additional JetCore based line interface modules installed in the chassis for high-performance Layer 4-7 switching applications
8-slot chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to seven
additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
8-slot –48V DC chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to
seven additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
4-slot ServerIron 450 chassis with single AC power supply
4-slot ServerIron 450 chassis with single –48V DC power supply
4-slot ServerIron 450 SPARE chassis, NO Power supply
8-slot ServerIron 850 chassis with single AC power supply
8-slot ServerIron 850 chassis with single –48V DC power supply
8-slot ServerIron 850 SPARE chassis, NO Power supply
ServerIron 450 and 850 Module Options
48-port 10/100Base-TX (RJ45) double-wide JetCore line Module
8-port 1000Base-X (mini-GBIC) JetCore line Module
16-port 100/1000Base-T (RJ45) JetCore line Module
16-port 1000Base-X (mini-GBIC) JetCore line Module
ServerIron 450 and 850 System Options
Web Switch Management Module (WSMM) II. Use this to order replacement or for inventory of a backup WSMM.
Premium Layer 2 Switching, Layer 3 Routing, & Layer 4-7 Traffic management software
ServerIron 450 and 850 Gigabit Optic Upgrades
1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities
1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.
ServerIron 450 and 850 Mini GBIC Options
1000Base-SX mini-GBIC optic, MMF, LC connector
1000Base-SX mini-GBIC optic, MMF, MTRJ connector
1000Base-LX mini-GBIC optic, SMF, LC connector
1000Base-LHA mini-GBIC optic, SMF, LC connector
1000Base-LHB mini-GBIC optic, SMF, LC connector, 150km Maximum reach
1000BASE-TX Mini-GBIC Copper, RJ-45 Connector
ServerIron 400 and 800 Base Platforms
4-slot chassis equipped with WSMM—high-performance application switching module
4-slot chassis equipped with WSMM—high-performance application switching module and –48V DC power
8-slot chassis equipped with WSMM—high-performance application switching module
8-slot chassis equipped with WSMM—high-performance application switching module and –48V DC power
4-slot ServerIron chassis with single AC power supply
4-slot ServerIron chassis with single–48V DC power supply
4-slot ServerIron SPARE chassis with NO power supply
8-slot ServerIron chassis with single AC power supply
8-slot ServerIron chassis with single –48V DC power supply
8-slot ServerIron SPARE chassis with NO power supply
ServerIron 400 and 800 Module Options
8-port 1000Base-X (mini-GBIC) ServerIron IronCore module
2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore module
4-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore module
8-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore module
8-port 1000Base-T (RJ45) ServerIron IronCore module
24-port 10/100Base-TX (RJ45) ServerIron IronCore module
24-port 100Base-FX (MTRJ) for 50 or 62.5µm MMF ServerIron IronCore module
ServerIron 400 and 800 System Options
ServerIron 400/800 Web Switch Management Module. Use this to order replacement or for inventory of a backup Web Switch
Management module.
Premium Layer 2 Switching, Layer 3 Routing, & Layer 4-7 Traffic management software
ServerIron 400 and 800 Gigabit Optic Upgrades
1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities
1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.
10
E1MG-SX
E1MTG-SX
E1MG-LX
E1MG-LHA
E1MG-LHB
E1MG-TX
SI-100-2402
SI-100-2402-DC
SI-100-8GC02F
SI-100-8GC02F-DC
SI-100-8G
SI-100-8G-DC
WSM4-100
SI-100-TW-PREM
LHA
LHB
E1MG-SX
E1MTG-SX
E1MG-LX
E1MG-LHA
E1MG-LHB
E1MG-TX
FCSLB16
FCSLB24
FCSLB16-I
FCSLB24-I
FCSLB16DC
FCSLB24AC
U1GC
U2GC
RPS
RPS-I
RPSDC-FC
F2100F
F1GE
F2GE
FLX1GE
FLX2GE
FLXSXGE
FLHA1G
FLHA2G
FLHB1G
FLHB2G
LHA
LHB
ServerIron 400 and 800 Mini GBIC Options
1000Base-SX mini-GBIC optic, MMF, LC connector
1000Base-SX mini-GBIC optic, MMF, MTRJ connector
1000Base-LX mini-GBIC optic, SMF, LC connector
1000Base-LHA mini-GBIC optic, SMF, LC connector
1000Base-LHB mini-GBIC optic, SMF, LC connector, 150km Maximum reach
1000BASE-TX Mini-GBIC Copper, RJ-45 Connector
ServerIron 100 Base Platforms
24-port 10/100Base-TX (RJ45) ServerIron IronCore module and 2 port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron
IronCore module (DC Power)
24-port 10/100Base-TX (RJ45) ServerIron IronCore module and 2 port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron
IronCore module (DC Power)
8-port 1000Base-T (RJ45) ServerIron IronCore module and 2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore module
8-port 1000Base-T (RJ45) ServerIron IronCore module and 2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore
module (DC Power)
8-port 1000Base-X (mini-GBIC) ServerIron IronCore module. GBICs required
8-port 1000Base-X (mini-GBIC) ServerIron IronCore module. GBICs required (DC Power)
ServerIron 100 System Options
ServerIron 100 Web Switch Management Module. Use this to order replacement for the management module in SI-100 configurations.
Enhanced version of Trafficworks IronWare for the SI 100 series that includes Global Server Load Balancing (GSLB)
ServerIron 100 Gigabit Optic Upgrades
1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities
1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.
ServerIron 100 Mini GBIC Options
1000Base-SX mini-GBIC optic, MMF, LC connector
1000Base-SX mini-GBIC optic, MMF, MTRJ connector
1000Base-LX mini-GBIC optic, SMF, LC connector
1000Base-LHA mini-GBIC optic, SMF, LC connector
1000Base-LHB mini-GBIC optic, SMF, LC connector, 150km Maximum reach
1000BASE-TX Mini-GBIC Copper, RJ-45 Connector
ServerIronXL Base Platforms
16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot
24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot
(International Orders Only) 16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot
(International Orders Only) 24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot
16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot and –48VDC power supply
24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot and –48VDC power supply
ServerIronXL System Options
1-port 1000Base-T (RJ45) copper Gigabit uplink
2-port 1000Base-T (RJ45) copper Gigabit uplink
Redundant auto-switching 90-240v AC power supply for ServerIron XL 16/24 port only
(International Orders Only) Redundant auto-switching 90-240v AC power supply for ServerIron XL 16/24 port only
-48VDC power supply for ServerIron XL 16/24 only and is a factory configuration only
2-port 100Base-FX MMF (SC) uplink
1-port 1000Base-SX (SC) Gigabit uplink for 50 or 62.5 um MMF
2-port 1000Base-SX (SC) Gigabit uplink for 50 or 62.5 um MMF
1-port 1000Base-LX (SC) Gigabit uplink for 9 or 10 um SMF
2-port 1000Base-LX (SC) Gigabit uplink for 9 or 10 um SMF
2-port Gigabit uplink with 1-port 1000Base-SX (SC) and 1-port 1000Base-LX (SC) for 50 or 62.5 um MMF and 9 or 10 um SMF
1-port 1000Base-LogHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10 db attenuation
2-port 1000Base-LogHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation
1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation
2-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10 dB attenuation
ServerIronXL GBIC Options
1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation—
specify SX or LHx upgrade quantities
1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation—
specify SX or LHx upgrade quantities
Specifications subject to change without notice.
11
Foundry Networks, Inc.
Corporate Headquarters
2100 Gold Street
P.O.Box 649100
San Jose,CA 95164-9100
U.S.and Canada Toll-free:
1-888-TURBOLAN (887-2652)
Tel:+1 408.586.1700
Fax:+1 408.586.1900
info@foundrynet.com
www.foundrynetworks.com
Although Foundry has attempted to provide accurate information in these materials, Foundry assumes no legal responsibility for the accuracy or
completeness of the information.More specific information is available on request from Foundry.Please note that Foundry’s product information does
not constitute or contain any guarantee,warranty or legal binding representation,unless expressly identified as such in duly signed writing.
© 2004 Foundry Networks, Inc.All Rights Reserved. Foundry Networks, BigIron, FastIron, NetIron, ServerIron, IronPoint,
Terathon, JetCore, EdgeIron, IronView, JetScope, IronShield, MetroLink, IronWare,TrafficWorks, Power of Performance and
the ‘Iron’ family of marks are trademarks or registered trademarks of Foundry Networks, Inc. in the United States and other
DS-004/Rev.5/06-04
countries.All others are trademarks of their respective owners.
12