1、2019/5/15,TMX Technical Training,Server Load Balancing,2019/5/15,2,Objectives,To understand Server Load Balancing concepts. To understand Array Server Load Balancing configuration steps.,2019/5/15,3,Topics,Unit 1: Basic Server Load Balancing Concepts and Configuration Unit 2: Additional Server Load
2、Balancing Concepts and Configuration Appendix: Web Concepts,2019/5/15,4,Unit 1: Basic SLB Concepts,What is Server Load Balancing? SLB Terminology Array SLB Benefits SLB Modes Real Services Simple Group Methods Virtual Services Simple Policy Types,2019/5/15,5,What is Load Balancing? Its in everywhere
3、 actually!,Emergency,Clinic,Expert Clinic,Load Balancing,AFE,Connection Reuse,SLB: Policy,SLB: Method,2019/5/15,6,What is Server Load Balancing (SLB)?,SLB allows web sites to be scaled from a single service to a group of services (service farm) while distributing the load between the services based
4、on their load and health. SLB Benefits Greater scalability in the number of services for a site reduces load on individual services and improves response time to clients Improved resiliency through Health Checking of services, services, and web content Better control of service resource usage throug
5、h implementation of different load balancing algorithms Traffic management based on TCP/UDP port number, URL, HTTP Host Header, Cookie content, or SSL Session ID,2019/5/15,7,SLB Terminology,Real Service (“Real”) Represents a physical service which will handle client requests Real Service Group (“Gro
6、up”) Represents a group of real services which traffic will be distributed to Defines which load balancing algorithm to use Virtual Service (“Virtual”) Represents a virtual service that clients can connect to Policy Associates real service groups with virtual services,service 1,service 5,service 4,s
7、ervice 3,service 2,Real 1,Real 3,Real 4,Real 5,Real 2,Group 1,Group 2,Virtual 1,Virtual 2,Internet,2019/5/15,8,Server Load Balancing Example,Basic Server Load balancing,Internet,Service Group,Real services,Virtual IP 100.10.10.10,4,DNS,2019/5/15,9,SLB Modes,Server Load Balancing can be performed in
8、two modes: Reverse Proxy Mode Array TM proxies all client connections to real services. Transparent Mode Array TM transparently proxies all client connections to real services.,2019/5/15,10,Reverse Proxy Mode,Packet Flow Client connects to VIP on Array TM and sends request to Array TM. Array TM open
9、s a new connection to real service and sends request to service. service responds to Array TM. Array TM responds to Client.,Virtual,Internet,service1,service2,Inside Interface,Outside Interface,1,2,3,4,2019/5/15,11,Reverse Proxy Mode,Translations,Virtual,Internet,service1,service2,Inside Interface,O
10、utside Interface,1,2,3,4,2019/5/15,12,Reverse Proxy Mode,Benefits One-armed topology is possible. Responses automatically return to the Array TM. Enables connection pooling for increased performance. Limitations service logs do not show real clients IP address (connections proxied). Solution: Enabli
11、ng X-Forwarded-For header insertion allows clients original source IP address to be inserted into HTTP requests before sending to backend real service.,2019/5/15,13,Connection Pooling,Provides TCP acceleration for backend connections to real services. Array opens connection(s) to backend service as
12、needed and leaves it (them) open. Array sends multiple requests from different clients through the same backend service connection(s). This significantly reduces the number of client connections a service has to handle (typically by up to 90% with cache off). Improves service performance. service do
13、esnt spend as much time performing TCP setups/teardowns. service doesnt need to keep so many connections open. Only possible with Reverse Proxy Mode.,2019/5/15,14,Transparent Mode,Packet Flow Client sends request to VIP on Array TM. Array TM forwards request to real service, maintaining the clients
14、IP. Real service returns response via client IP (handled by Array TM). Array TM forwards response to Client.,Virtual IP,Internet,service1,service2,2,3,5,4,6,1,2019/5/15,15,Transparent Mode,Translations,Virtual IP,Internet,service1,service2,2,3,5,4,6,1,2019/5/15,16,Transparent Mode,Benefits service l
15、ogs will show actual client IP address. Limitations Real service responses must be routed through the Array TMX. Ensures that the Array TMX can see the responses. One-armed topology is not always possible. Cannot use connection pooling feature. Array TMX cannot reuse the same service connection for
16、multiple clients since each clients IP address is different. Reverse proxy mode is preferred for performance benefits.,2019/5/15,17,SLB Real Services,The following parameters are associated with a real service: Real service protocol (udp, tcp, ftp, http; tcps and https for SSL) Real service name Rea
17、l service IP address Real service port Health check method Health check up Health check down,2019/5/15,18,SLB Group Methods,A group allows requests to be sent to a set of similar services. Example: 3 web services containing the same content. A group method determines which services to send requests
18、to. Non-Persistent Group Methods Each new client connection may be distributed to a different real service within a group. Persistent Group Methods All new connections from a particular client are sent to the same real service within a group. Note: Real services that are down will not be used.,Real
19、b,Real c,Real a,Group,2019/5/15,19,SLB Group Methods,Non-Persistent Group Methods Round Robin (rr) Least Connections (lc) Fastest Response time (frt),Persistent Group Methods IP-Based Persistent IP (pi) Hash IP (hi) Consistent Hash IP (chi) Header/Request-Based Hash Header (hh) Persistent Hostname (
20、ph) Persistent URL (pu) SSL Session ID (sslsid) Cookie-Based Persistent Cookie (pc) Re-write Cookie (rc) Insert Cookie (ic) Hash Cookie (hc) Proximity,2019/5/15,20,Non-Persistent Group Methods,Round Robin (rr) Least Connections (lc) Fastest Response time (frt),2019/5/15,21,Round Robin (rr),Distribut
21、es new connections sequentially between available real services. Example: Connections are distributed to the real services in the following order: 1, 2, 3, 4, 5, 1, 2, 3 The “granularity” option may be configured so that each real service handles a specific number of new connections before the next
22、service is selected. Example: Granularity value of “3” illustrates the distribution: 1, 1, 1, 2, 2, 2, 3, 3, 3, etc.,Internet,2019/5/15,22,Round Robin,Clients,Router,TMX,Servers,Client requests are distributed evenly,1,2,3,4,5,6,7,8,Internet,Round Robin (rr),2019/5/15,23,Least Connections (lc),Distr
23、ibutes new connections to the real service that has the least number of current connections. Example: real service 5 has the fewest current connections, so the next connection will go to real service 5. The “granularity” option can be used to treat real services within the same connection count rang
24、e as the same; a new real service will not be chosen until this range is exceeded for the current one.,Internet,2019/5/15,24,Clients,Router,Servers,1,2,Internet,Distributes new connections to the real service that has the least number of current connections.,Least Connections (lc),2019/5/15,25,Real
25、Service Weighting (rr, lc),Weighting allows you to change the distribution between real services in the group. Example: You may set one service to handle twice as many connections as another service. Use weighting if you have a mix of backend services with different performance capabilities. Example
26、: If you add new services that have faster CPUs, you could weight them higher so they receive more connections.,Internet,2019/5/15,26,Clients,Router,Servers,Administrator sets ratio for distributing Client requests 3:1:1:1,1,2,3,4,7,8,9,10,Internet,5,6,11,12,Real Service Weighting (rr, lc),TMX,2019/
27、5/15,27,Clients,Router,Servers,1,2,Internet,Fastest Response time (frt),Distributes new connections to the real service that has the shortest response time.,2019/5/15,28,Proximity,This method is based on GSLB proximity info and used by redirect policy only. It select the real server which has lowest
28、 proximity distance with the request IP. slb group method prox rr|sr|lc threshold,2019/5/15,29,Persistent Concept,the next request from same client should be assigned to the same server.,1,2,3,1,2,3,2019/5/15,30,Persistent Group Methods,IP-Based Persistent IP (pi) Hash IP (hi) Consistent Hash IP (ch
29、i) Header/Request-Based Hash Header (hh) Persistent Hostname (ph) Persistent URL (pu) SSL Session ID (sslsid) Cookie-Based Persistent Cookie (pc) Re-write Cookie (rc) Insert Cookie (ic) Hash Cookie (hc),2019/5/15,31,Persistent IP (pi),Persistent IP sends all successive connections from a client IP a
30、ddress (destined to a particular virtual service) to the same real service. Client sends a request to the virtual service. Array hashes source IP address of request to select a real service. Array forwards all requests with the same IP address to the same real service. Note If a real service fails,
31、persistence will be maintained for existing clients on healthy services. The real service to use for a specific client IP is chosen when the first request from that client IP is received, so this may not result in the same real service being chosen across different Arrays on failover.,2019/5/15,32,P
32、ersistent IP (pi),Scenario 1 Client opens an HTTP connection to get an HTML page Client connection is sent to first real service HTML page has links to multiple images in it, so client opens additional HTTP connections to get the images Persistent IP will send the additional connections to the same
33、real service,2019/5/15,33,Persistent IP (pi),Scenario 2 Client opens HTTP (clear-text) connection to virtual service Client adds items to electronic shopping cart When ready to purchase items, client opens HTTPS (encrypted) connection to virtual service Persistent IP will send the HTTPS connection t
34、o the same real service as the HTTP connection (where clients shopping cart resides) Note: Not the best solution for maintaining shopping cart persistence. See Cookie Persistence (later).,2019/5/15,34,the same IP request should be assigned to the same server.,1,2,3,1,2,3,Persistent IP (pi),2019/5/15
35、,35,Hash IP (hi),Distributes new connections to a real service based on a hash of the source IP address. Client sends a request to the virtual service. Array hashes source IP address of request to select a real service. Array forwards all requests with same hash value to the same real service. Note
36、If a real service fails, persistence will not be maintained for existing clients on healthy services. Consistent mappings of client IP to real service across multiple Arrays during failover is not guaranteed.,2019/5/15,36,Consistent Hash IP (chi),Distributes new connections to a real service based o
37、n a hash of the source IP address. Client sends a request to the virtual service. Array hashes source IP address of request to select a real service. Array forwards all requests with same hash value to the same real service. Note If a real service fails, persistence will be maintained for existing c
38、lients on healthy services. Mappings of client IP to real service are consistent across all Arrays so that clients will continue to go to the same real service on failover.,2019/5/15,37,Hash Header (hh),Distributes new connections to a real service based on a hash of a non-standard HTTP Header Non-s
39、tandard header = headers not defined in RFC 2616 (HTTP/1.1) Example: X-MSISDN header generated by WAP gateways All wireless clients (mobile phones) proxied through a WAP gateway have the same source IP address. Problem for client-IP persistence methods! Options include cookie-persistence and Hash He
40、ader methods. WAP gateway can receive MSISDN (phone number) of user from Radius and insert it into proxied HTTP request as X-MSISDN header. Hash Header on this header provides good load distribution across the real services while maintaining client persistence.,2019/5/15,38,Persistent Hostname (ph),
41、Distributes new connections to a real service based on a hash of the hostname found in the HTTP requests Host header sent from the client. Client sends a request to the virtual service with a Host: header. Array examines Host: header value to select a real service. Array forwards all requests with s
42、ame Host: header value to the same real service.,2019/5/15,39,Persistent URL (pu),Distributes new connections to a real service based on a static match of a URL Tag and Value. Client sends a request to the virtual service with a Tag and Value included in the URL. Array hashes Value to select a real
43、service. Array forwards all requests with same Tag and Value to the same real service.,2019/5/15,40,SSL Session ID (sslsid),SSL Session ID (negotiated during SSL connection setup) is used to maintain a client-to-service binding. Client opens an HTTPS connection to the virtual service. Array selects
44、a real service and forwards request to it. Response from real service contains an SSL Session ID. Array tracks SSL SID and real service combination. Next request from client contains SSL SID. Array examines SSL SID and sends request to the same real service that was chosen earlier. May only be used
45、when load balancing SSL connections.,2019/5/15,41,Insert Cookie (ic),Array automatically inserts a Cookie in the service response Client sends a request to the virtual service. Array selects a real service and forwards request to it. Response from real service does not contain a cookie, but cookie p
46、ersistence is needed. Array creates a cookie based on the real service and inserts it in the response. Client receives cookie in response. Next request from client includes cookie. Array examines cookie, strips out cookie, and sends request to same real service as first request. Used in cases where
47、the web site does not have built-in cookie support.,2019/5/15,42,Client,Server,pick server,cookie specifies server,TMX,Insert Cookie (ic),2019/5/15,43,Rewrite Cookie (rc),Array rewrites (modifies) a named cookies value in the service response. Client sends a request to the virtual service. Array sel
48、ects a real service and forwards request to it. Response from real service contains a specific cookie with a generic value. Array rewrites cookie value based on the real service. Client receives cookie in response. Next request from client includes cookie. Array examines cookie and sends request to
49、indicated real service. Used to simplify cookie based persistence configuration. All backend services within a group must set the same name=value pair.,2019/5/15,44,Client,Server,pick server,cookie specifies server,TMX,Rewrite Cookie (rc),2019/5/15,45,Persistent Cookie (pc),Real service is selected
50、based on a static match of the cookie name/value pair. Client sends a request to the virtual service. Array selects a real service and forwards request to it. Response from real service contains a specific cookie with a value denoting that service. Client receives cookie in response. Next request from client includes cookie. Array examines cookie and sends request to proper real service. Each real service within a group must be configured with a unique cookie value.,
