Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Scaling IP, Web Applications and Server Farms with layer 4

advertisement 
Layer 4-7 Server
Load Balancing
Security, High-Availability
and Scalability of Web and
Application Servers
Foundry Overview
World
Headquarters
San Jose, California
• Mission:
Performance, High Availability, &
Feature Leadership for Multilayer Switching (L2,
L3, L4-7)
• Total Worldwide Customers:
6,000+
• Product & Corporate Awards:
50+
5th Consecutive Year of Net Profitability
2
March 02September 2003
©Foundry Networks, Inc.
Agenda
• Need for Load Balancing
• Load Balancing Technology
• Load Balancing Applications
• Benefits of Load Balancing
• Foundry Layer 4-7 Overview
3
March 02September 2003
©Foundry Networks, Inc.
Server Farm Challenge - #1
Poor Availability and Manageability
• Proliferation of IP applications complicates
manageability and decreases availability
• Exponential cost of downtime and redundancy
• Disruptive server failover and maintenance
Web server
FTP
Clients
IP
IP
Network
Network
Email
ERP
DNS
4
March 02September 2003
©Foundry Networks, Inc.
Server Farm Challenge - #2
Scalability Requires Bigger Servers
• Replace installed servers with larger and expensive ones
• Stranded capital in redundant servers
• Poor scalability with high cost and low ROI
• Compromise application and server security
Web server
• Super computer next?
Email
IP
IP
Network
Network
Clients
5
ERP
March 02September 2003
©Foundry Networks, Inc.
Consequences of Current Approaches
• High risk of network and application downtime
• Business growth limited by server size
• Wasted capital and resources on redundant capacity
• Poor application performance, availability and security
6
March 02September 2003
©Foundry Networks, Inc.
Agenda
• Need for Load Balancing
• Load Balancing Technology
• Load Balancing Applications
• Benefits of Load Balancing
• Foundry Layer 4-7 Overview
7
March 02September 2003
©Foundry Networks, Inc.
Load Balancing Solution
• Leverage multiple commodity servers
to create unlimited virtual capacity
• Scale server farms and applications
to serve millions of clients
Virtual Server
Farm
Web
servers
• Add network intelligence to improve
server farm security and efficiency
FTP
Email
Clients
IP
IP
Network
Network
ERP
DNS
Load
Balancer
8
March 02September 2003
©Foundry Networks, Inc.
Benefits of Load Balancing
• All servers utilized to maximum (ROI $$$)
• Ability to transparently add servers on-demand
• Full redundancy and transparency during failures
• Maximum application up time and massive scalability
• Superior service response time and performance
9
March 02September 2003
©Foundry Networks, Inc.
Load Balancing Overview
• Load Balancer receives all client requests
• Selects “best” server using real-time health
and performance information
• Utilizes all available servers simultaneously
• Intelligently distributes load among servers
Application
servers
Clients
10
IP
IP
Network
Network
Load
Balancer
March 02September 2003
©Foundry Networks, Inc.
Load Balancing Fundamentals
VIP = Virtual IP
NAT = Network Address Translation
After NAT
Source IP = Load Balancer VIP
Destination IP = 10.1.1.10
Client Message
Source IP = Client IP
Destination IP = Load Balancer VIP
Clients
10.1.1.10
VIP = 192.1.1.1
GW IP = 10.1.1.1
10.1.1.20
IP
IP
Network
Network
• Private and secure server IP
• Clients use load balancer VIP
• Load Balancer performs NAT
11
Load Balancer
10.1.1.30
Default Gateway =
Load Balancer IP
March 02September 2003
©Foundry Networks, Inc.
Stateful Load Balancing
• Load balancer identifies
session boundaries
• For duration of session,
each client connection is
Session Table
Src. IP
Dest. IP
Src. Port
Dst. Port
Server
188.1.1.100
192.1.1.1
100
80
RS1
188.1.1.100
192.1.1.1
101
80
RS2
188.1.1.101
192.1.1.1
200
80
RS1
¾ Assigned session entry in load
balancer session table
¾ Bound to same real server
¾ All packets on connection sent
to same real server
Client #1
Client #2
IP
IP
Network
Network
1
2
3
1
2
3
4
10.1.1.10
Load Balancer
VIP = 192.1.1.1
1
12
4
10.1.1.30
2
3
4
March 02September 2003
©Foundry Networks, Inc.
Application and Server Health Checking
• Periodic health check requests sent to server
• Servers and applications removed when checks fail
• Health checks customizable
¾ Layer 2/3 (ARP, Ping)
¾ Layer 4 (TCP connections and UDP messages)
¾ Layer 7 (HTTP, Application Specific, SSL, Scripted)
est
Requ
onse
Resp
Reque
Load
Balancer
13
st
HTTP
FTP
Server taken
out of service
HTTP
FTP
Application
taken out of
service
March 02September 2003
©Foundry Networks, Inc.
Delayed Binding Concept & Benefits
• Load balancer delays server-side connection
• Server selection based on “content” of client data packets
¾ URL, Session ID, Cookie
• Optimal server utilization and highest availability
1
TCP SYN
2
TCP SYN ACK
3
TCP ACK
4
HTTP Request
Select “best” server
using L7 content
1
Clients
14
IP
IP
Network
Network
2
3
4
Load
Balancer
Complete
Connection 5
Data
6
Exchange
March 02September 2003
©Foundry Networks, Inc.
Layer-7 Content Switching
• Avoid replicating content and applications on all servers
• Increase overall server utilization and response time
• Use URL and HTTP hdr content to select “best” servers
¾ URL full, prefix and suffix match
¾ Browser type, device type and language code
IP Hdr TCP Hdr
HTTP Hdr
Language
Code
Servers
for
English
HTTP Language
Code = English
English Clients
Japanese Clients
15
IP
IP
Network
Network
www.foo.com/*.gif
URL /home. foo.com/*.htm
Switch www.foo.com/*.bin
HTTP Language
Code = Japanese
Servers
for
Japanese
March 02September 2003
©Foundry Networks, Inc.
Layer-7 XML Tag Switching
• Load balance to “right” server cluster using XML tags
• Optimize application performance for partners, suppliers
and customers over extranet
• Extend load balancing to any XML-based application
<?xmlversion=“1.0”?>
<root node>
<node1 attr1=INV attr2=WIP>
</root node>
attr1=INV
Suppliers
IP
IP
Network
Network
attr1=TTKT
Customers
16
<?xmlversion=“1.0”?>
<root node>
<node1 attr1=TTKT attr2=WIP>
</root node>
Servers
for
Inventory
Servers
for
Trouble
Ticket
March 02September 2003
©Foundry Networks, Inc.
Session Persistence Concept & Benefits
• Transaction spans multiple TCP or UDP connections
• Requires same server to handle all connections
• Load balancing at the “transaction” boundaries
Clients
17
1
Connection to Browse Book 1
2
Connection to Add Book 1 to Cart
3
Connection to Browse Book 2
4
Connection to Add Book 2 to Cart
5
Connection to Checkout Cart
IP
IP
Network
Network
Transaction persistence maintained
1
2
3
4
5
Load
Balancer
March 02September 2003
©Foundry Networks, Inc.
Session Persistence Mechanisms
• Layer 4 TCP connection persistence
¾ Source IP & port, Destination IP & port
• UDP session persistence using Layer 3/4
¾ Source IP & port, Destination IP & port
¾ Inactivity timeout used to age sessions
• Layer 7 Cookie switching
¾ Cookie inserted in the HTTP message
¾ All requests with same cookie switched to the same server
¾ Load balancers can insert cookies when servers do not
• SSL Session ID switching
18
March 02September 2003
©Foundry Networks, Inc.
Direct Server Return (DSR) – One Arm
• Reply traffic from server bypasses load balancer
• Load balancer processes only inbound requests
• Ideal for throughput intensive applications
¾ Real-time streaming
¾ Bulk data
¾ FTP
Clients
IP
IP
Network
Network
3
2
10.1.1.10
Layer-2
Switch
10.1.1.20
1
Load Balancer
VIP = 192.1.1.1
19
Server Loopback IP =
Load Balancer VIP
10.1.1.30
March 02September 2003
©Foundry Networks, Inc.
Load Balancer High Availability
• Two modes of high availability
¾ Active-Standby (one load balancer as hot standby)
¾ Active-Active (load sharing between load balancers)
• Stateful session failover maintains active sessions after
failover and improves client performance
• Fully transparent to applications and clients
• GSLB offers site level protection
A
Clients
IP
IP
Network
Network
B
Load
Balancers
20
March 02September 2003
©Foundry Networks, Inc.
Agenda
• Need for Load Balancing
• Load Balancing Technology
• Load Balancing Applications
• Benefits of Load Balancing
• Foundry Layer 4-7 Overview
21
March 02September 2003
©Foundry Networks, Inc.
Global Server Load Balancing (GSLB)
• Return IP of best site in DNS responses to clients
• Gather site load information using GSLB protocol
• Deploy scalable GSLB within existing DNS infrastructure
GSLB Controller
ADNS
LDNS #1
1
2
2
3
3
LDNS #2
4
1
4
GSLB
Protocol
5
Clients
Real Servers
Site #1
22
5
Real Servers
Clients
Site #2
March 02September 2003
©Foundry Networks, Inc.
ISP Link Load Balancing (LLB)
Router #1
ISP1
Enterprise
Network
Router #2
ISP2
Load Balancer
Internet
Router #3
ISP3
• Utilize all available ISP links simultaneously
• Intelligently balance traffic to achieve optimal utilization
• Gain leverage against ISPs for price and service
• Aggregate low-capacity links to create “fat” virtual links
23
March 02September 2003
©Foundry Networks, Inc.
Firewall Load Balancing (FWLB)
• Load balance among firewalls to scale and improve
performance
• Transparently failover during firewall failure
• Protect network and servers during firewall outage
Firewall
Firewall
Internet
1
2
Link
3
3
Load Balancer
Firewall
3
3
5
5
6
7
8
6
7
5
7
10
11
12
13
BigIron 4000
Console
8
8
Link
Activity
6
Link
7
Activity
9
Link
Activity
6
Link
Activity
4
Link
Activity
4
Link
Activity
4
Link
Activity
2
Link
Activity
2
5
Activity
2
Link
Activity
1
4
Link
Activity
1
1
Load Balancer
24
Internal
Network
Router
8
Link
Activity
14
15
16
17
18
19
20
21
22
23
24
Secure, Protected Network
March 02September 2003
©Foundry Networks, Inc.
Server Farm Security from DoS Attack
• Protect against TCP SYN attacks on server farm
• Conserve resources for complete and valid connections
• Avoid using resources for pending connections
• Deny service to select user-configured source IPs
1
2
1
2
1
Hacker
Clients
25
2
TCP SYN
TCP SYN ACK
TCP SYN
TCP SYN ACK
TCP SYN
TCP SYN ACK
Load
Balancer
IP
IP
Network
Network
March 02September 2003
©Foundry Networks, Inc.
Agenda
• Need for Load Balancing
• Load Balancing Technology
• Load Balancing Applications
• Benefits of Load Balancing
• Foundry Layer 4-7 Overview
26
March 02September 2003
©Foundry Networks, Inc.
Improve Return on Server Investment
• Use servers of varying capacity and performance
• Distribute load based on server “weight”
• Leverage not replace installed servers
• Optimize cost by using diverse vendors
IP
IP
Network
Network
Normal Clients
27
Load
Balancer
March 02September 2003
©Foundry Networks, Inc.
Dynamically Adjust Server Capacity
• Scale server capacity on demand
• Add and remove servers transparently
• Use slow-start to avoid overwhelming
new server
Remove for
Maintenance
• Perform server maintenance without
impacting application performance
• Remove server after active connections
serviced
IP
IP
Network
Network
Clients
28
Load
Balancer
New
Server
March 02September 2003
©Foundry Networks, Inc.
Maximize Server Utilization with
Multiple Applications
• Deploy multiple applications on each
server for maximum utilization
• Select “best” server based on
performance of each application
• Customize performance and scalability
per application
Transparently
Add Applications
HTTP
FTP
HTTP
HTTP Clients
FTP Clients
29
IP
IP
Network
Network
FTP
Load
Balancer
HTTP
FTP
March 02September 2003
©Foundry Networks, Inc.
Always-On Applications
Customizable Application Level Health Checks, High Availability and Security
• Server or application failure simply
results in lower capacity
• Health checks for individual applications
• Select servers with best health and
performance for each application
• Individual applications - not servers out of service upon failed health checks
Transparently
Remove Applications
HTTP
Wire-speed
Gigabit DoS
Protection
FTP
HTTP
FTP
HTTP Clients
IP
IP
Network
Network
Load
Balancer
HTTP
FTP
FTP Clients
30
March 02September 2003
©Foundry Networks, Inc.
Differentiated Client Services
• Segment clients and offer differentiated service
• Customize performance and response time to
meet different customers’ needs
• Differentiate clients using
¾ Cookies and other layer 7 content
¾ Source IP based access lists
Premium
Servers
Premium Clients
Normal Clients
31
IP
IP
Network
Network
Normal
Servers
March 02September 2003
©Foundry Networks, Inc.
Agenda
• Need for Load Balancing
• Load Balancing Technology
• Load Balancing Applications
• Benefits of Load Balancing
• Foundry Layer 4-7 Overview
32
March 02September 2003
©Foundry Networks, Inc.
Layer 4-7 Product Approaches
• Purpose-built Layer 4-7 devices
¾ Pro: Performance, Functionality and Simplicity
¾ Con: A new product to install
Foundry
Approach
• Plug-in Layer 4-7 blade for Layer 2-3 switches
¾ Pro: Leverage an existing system
¾ Con: Complex to understand flows, bottleneck in
performance, and lag in functionality
33
March 02September 2003
©Foundry Networks, Inc.
Meeting a Range of Customer Needs
Relative Performance
12X
Entry Level
Mid Level
Single-purpose
device supporting
one application in a
given deployment
Fixed configuration
supporting multiple
applications on a
single device
without high cost
High Performance
High-density highperformance
applications with
high scalability
ServerIron 800
6X
ServerIron 400
2X
ServerIron 100
1X
ServerIron XL
Relative Price
34
March 02September 2003
©Foundry Networks, Inc.
Full Suite of Layer 4-7 Applications
• Server Load Balancing
• Global Server Load Balancing
• Firewall Load Balancing
• ISP Link Load Balancing
• Transparent Cache Switching
• IronShieldTM Server and Application Security
35
March 02September 2003
©Foundry Networks, Inc.
Thank You
Related documents
(16)Blank Project Measurement Table
(16)Blank Project Measurement Table
Material Sciences | Accelerator Application
Material Sciences | Accelerator Application
balancing - 2July
balancing - 2July
THE INNER WORLD OF ZERO B
THE INNER WORLD OF ZERO B
Load balancing - Princeton University
Load balancing - Princeton University
Download
advertisement