The Ins and Outs of Layer 4+ Switching Dr. Shirish Sathaye Vice President of Engineering.

Slides:



Advertisements
Similar presentations
CSE 413: Computer Networks
Advertisements

EdgeNet2006 Summit1 Virtual LAN as A Network Control Mechanism Tzi-cker Chiueh Computer Science Department Stony Brook University.
Justine Sherry*, Shaddi Hasan*, Colin Scott*, Arvind Krishnamurthy†,
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Scheduling in Web Server Clusters CS 260 LECTURE 3 From: IBM Technical Report.
RIP V1 W.lilakiatsakun.
IP over ATM Integrated Network Services Almerindo Graziano.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
1 Routing and Scheduling in Web Server Clusters. 2 Reference The State of the Art in Locally Distributed Web-server Systems Valeria Cardellini, Emiliano.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Module 8: Concepts of a Network Load Balancing Cluster
1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
CSE 190: Internet E-Commerce Lecture 16: Performance.
Wide Area Networks School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 11, Thursday 3/22/2007)
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
SERVER LOAD BALANCING Presented By : Priya Palanivelu.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
1 Web Proxies Dr. Rocky K. C. Chang 6 November 2005.
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
Tesseract A 4D Network Control Plane
Lesson 1: Configuring Network Load Balancing
COS 461: Computer Networks
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #12 LSNAT - Load Sharing NAT (RFC 2391)
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Content Distribution Networks. 2 Replication Issues Request distribution: how to transparently distribute requests for content among replication servers.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Barracuda Load Balancer Server Availability and Scalability.
Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.
Chapter 4: Managing LAN Traffic
Redirection and Load Balancing
Tiziana Ferrari Quality of Service Support in Packet Networks1 Quality of Service Support in Packet Networks Tiziana Ferrari Italian.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
1 Distributed Systems : Server Load Balancing Dr. Sunny Jeong. Mr. Colin Zhang With Thanks to Prof. G. Coulouris,
Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.
10/8/2015CST Computer Networks1 IP Routing CST 415.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 9 Basic Router Troubleshooting.
2: Application Layer1 Chapter 2 outline r 2.1 Principles of app layer protocols r 2.2 Web and HTTP r 2.3 FTP r 2.4 Electronic Mail r 2.5 DNS r 2.6 Socket.
CS1Q Computer Systems Lecture 17 Simon Gay. Lecture 17CS1Q Computer Systems - Simon Gay2 The Layered Model of Networks It is useful to think of networks.
Web Cache Redirection using a Layer-4 switch: Architecture, issues, tradeoffs, and trends Shirish Sathaye Vice-President of Engineering.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNP 1 v3.0 Module 1 Overview of Scalable Internetworks.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
STORE AND FORWARD & CUT THROUGH FORWARD Switches can use different forwarding techniques— two of these are store-and-forward switching and cut-through.
Setup and Management for the CacheRaQ. Confidential, Page 2 Cache Installation Outline – Setup & Wizard – Cache Configurations –ICP.
Security fundamentals Topic 10 Securing the network perimeter.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
1 12-Jan-16 OSI network layer CCNA Exploration Semester 1 Chapter 5.
CS 6401 Overlay Networks Outline Overlay networks overview Routing overlays Resilient Overlay Networks Content Distribution Networks.
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Network Processing Systems Design
Defining Network Infrastructure and Network Security Lesson 8.
Layer 3 Redundancy 1. Hot Standby Router Protocol (HSRP)
Content Distribution Networks
F5 BIGIP V 9 Training.
Network Load Balancing
VIRTUAL SERVERS Presented By: Ravi Joshi IV Year (IT)
Introduction to Networking
Virtual LANs.
Firewalls Routers, Switches, Hubs VPNs
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Ch 17 - Binding Protocol Addresses
Presentation transcript:

The Ins and Outs of Layer 4+ Switching Dr. Shirish Sathaye Vice President of Engineering

NANOG L4 Switching Presentation Is Layer 4 Switching Meaningful? You can’t switch at Layer 4 BUT you can use Layer 4 information to make switching decisions! The term “Layer 4 Switching” is too confusing. It usually means one of two things: –1. Layer 4 information is used to prioritize and queue traffic (routers have done this for years) –2. Layer 4 information is used to direct application sessions to different servers (next generation load balancing) Though the term may be meaningless the idea and value of L4 switching is valid

NANOG L4 Switching Presentation Packet-by-Packet Traffic Management Insufficient »L-2 Switches and Routers »Increasing Hardware Integration »High performance »Optimized for packet-by-packet forwarding under normal conditions »Expensive exception handling »Hop-by-Hop Traffic Management »Stateless protocols: RSVP, IGMP, 802.1z, 802.1p/Q,... »Requires every device along path to collaborate »No built-in end-system feedback »Only useful for WAN and LAN/WAN boundary

NANOG L4 Switching Presentation Session-Based Traffic Management Required »Session-Aware Devices »Firewalls, traffic directors, packet shapers »End-to-End Traffic Management »ATM, TCP, HTTP, FTP,... »Maintain session states »Built-in end-station feedback »Precise control over service quality, availability and performance »Per session handling is protocol and application specific »Requires session-specific software and massive processing power

NANOG L4 Switching Presentation How L4-Aware Systems Work By making intelligent switching decisions and to forward frames based on TCP/UDP port information and IP source/destination addresses L4 switching=Session Switching –examines client requests directed at the L4 switch –multiplexes client requests across any server available to handle those requests –passively measures application health and responsiveness to determine server availability –stateful processing By combining the benefits of L4 sofware on a high-speed L2 switching platform By using this information to establish policy controls for how traffic is to be managed

NANOG L4 Switching Presentation Why is L4-switching important?

NANOG L4 Switching Presentation QoS Mgr Emergence of L4-Aware Devices Session Management and Packet-Switched Devices Internal Server Farm External Server Farm Proxy Cache Load Balan- cer QoS Mgr Proxy Cache Firewall Load Balan- cer LAN Clients Packet Switching Session Management Intranet Internet Packet Switching Firewall

NANOG L4 Switching Presentation Integrating L4 Switching »Single-function devices subsumed by routers and server switches »L4 switch functions »Multi-speed server connectivity »Reduce network overhead on servers »Monitor individual server/ application »Application session management »Server load-balancing »Web cache redirection »High availability »Session-by-session QoS Intranet Internet L4 Cache Servers Backup Server NFS Server Web Servers Application Servers L4

NANOG L4 Switching Presentation Servers Needs intelligent distribution of traffic sessions to servers Milliseconds to seconds WAN Needs WAN bandwidth prioritization 56Kbps: sec T1: millisec Traffic Management Required for New Global Applications Example: Incremental delay experienced by a 64 byte packet queued behind 10 x 1,500 byte packets Bandwidth management debatable LAN Fast Ethernet: 1-2 millisec GbE: microsec

NANOG L4 Switching Presentation Key Layer 4-based Applications 1. Local/Global Server load balancing 2. High availability applications 3. Web Cache Redirection 4. DNS redirection 5. Firewall Load Balancing 6. URL-based redirection, switching

NANOG L4 Switching Presentation Local Server Load Balancing Clients HTTPHTTP DNSDNS FTP HTTP Database Queries DNS FTPFTP Scalable application processing capacity –Add servers on-demand High availability –Server/application health monitoring –Backup and overflow servers –Hot-standby switch configurations Tiers-of-service by servers –Priority users/applications can be directed to premium servers Integrated switch and load balancer –Flexibility –Scalability –Economy of scale –Performance

NANOG L4 Switching Presentation Basic Configuration

NANOG L4 Switching Presentation Separate Real Server Groups

NANOG L4 Switching Presentation Multiple VIPs

NANOG L4 Switching Presentation Back-Up Servers Real Servers can be configured as Back-Up Servers for other Real Servers or specified Virtual Services. –When backing up a Real Server, the Back-Up Server will come into service if the Real Server fails. –When backing up a Virtual Service, the Back-Up Server will come into service if all Real Servers which are part of the Virtual Service group fail. Support for Back-Up Servers alone might be compelling reason for customers to invest in L4 Switching.

NANOG L4 Switching Presentation Load Balancing Algorithms Round Robin LeastConns Load Based Server Feedback Based

NANOG L4 Switching Presentation Session ID Substitution Client to Server

NANOG L4 Switching Presentation Session ID Substitution Server-to-Client

NANOG L4 Switching Presentation Global Server Load Balancing Issues Increase application availability in event of entire site failure or overload Scale application performance by load balancing traffic across multiple sites Need for more granularity and control in directing Web traffic More flexibility in building and managing Internet infrastructures

NANOG L4 Switching Presentation Distributed Content Sites Today www1.company.com www2.company.com www3.company.com Internet Mostly static content on Web (HTTP, FTP, NNTP..) servers Load and site distribution through Round Robin DNS No Site Health Awareness No Site Performance Awareness No Geographic Awareness Cached DNS requests for servers that are down produces “failure to connect” messages

NANOG L4 Switching Presentation How L4 GSLB Works 1. Client’s DNS request for sent to local DNS 2. Local DNS queries upstream DNS 3. Switch at site C receives DNS request and determines that sites B and C are closest to user. Acting as Authoritative Name Server, switch selects the best site (B) and returns site B’s IP to client’s local DNS 4. Local DNS server responds to client with site B’s VIP 5. Client opens application session to (site B ) Site health, response time and throughput exchanged between switches on a periodic or event-driven basis using encoded DSSP A B C DSSP Updates Rank Site %Traffic 1B70 2C20 3A10 RankSiteTraffic 1B80 2C20 3A10 RankSiteTraffic 1B75 2C15 3A5 DNS

NANOG L4 Switching Presentation Distributed Site State Protocol Lightweight, encoded protocol runs over HTTP Used to exchange health, load, throughput information Periodic Updates –Peer site performance behavior (one site’s view of all other sites) –Local site status information (server health, current connections, etc) –Periodic Updates result in each switch building an Ordered Handoff Table Triggered Updates –If a site observes that another site is unresponsive, it will Trigger all other sites to check the questionable site –If a site experiences a connection spike (reaching MaxConns) it will trigger an update to all other sites to stop Site Handoff

NANOG L4 Switching Presentation Dynamic, Global Site Performance Knowledge Sites ranked based on statistical site performance data –Test each remote site’s (VIP) health, throughput, response, load and available capacity –Build Site Table based on time-averaged test results Sites ranked based on global view of top sites –Periodically exchange Site Table with all peer sites –Computes Weighted Handoff Table based on how frequently each site is ranked top performing by peers Dynamic site ranking with triggered updates –If a site finds a peer site unresponsive, it will trigger all other sites to check questionable site –If a site experiences a connection spike (reaching MaxConns) it will trigger an update to all other sites Site A 5 health checks; 25MB/1200ms; 1200 active sessions; 600 available sessions A B C D Site C 5 health checks; 25MB/1800ms; 2000 active sessions; 400 available sessions Site D 5 health checks; 25MB/900ms; 1000 active sessions; 1000 available sessions

NANOG L4 Switching Presentation Global Server Load Balancing Advantages A B C #1 Site B 60% #2 Site A 30% #3 Site C 10% #1 Site B 80% #2 Site A 20% #3 Site C 0% No connection delay –Client geographic awareness based on DNS request origination –Distributed site performance awareness Fair site selection –Statistical site performance measurements minimize impact of traffic spikes –Best performing sites get fair proportion of traffic but are not overwhelmed Protection against “best” site failure –HTTP Redirect or IP Proxy as last resort Straight-forward configuration All IP protocols supported

NANOG L4 Switching Presentation Global Server Load Balancing Site Performance Awareness Each site performs health and performance tests on all peer sites –Server switch views a peer VIP in a remote site as a “remote server” –Switch performs periodic health/performance checks on all remote servers –Switch builds ordered site handoff sequence per remote server Dynamic site ranking based on global, statistical site performance data –Switch periodically exchanges site handoff sequence with all other peer sites –Switch recomputes site handoff sequence based on each peer site’s ranking by all other peer sites Peer Site #1 VIP-1 for Remote Server to Site #2 Peer Site #2 VIP-2 for Remote Server to Site #1 Internet

NANOG L4 Switching Presentation Web Cache Deployment Options Proxy caching –Browser sends requests for web pages to cache instead of origin server Transparent proxy caching –Browser sends requests for web pages to origin server –Cache sits in data path, examines all packets bound for the Internet, intercepts web traffic and processes web requests Transparent proxy caching with web cache redirection –Browser sends requests for web pages to origin server –LAN switch sits in data path, examines all packets bound for the Internet, and redirects web traffic to cache(s) –Cache(s) attached to web cache redirector processes web requests

NANOG L4 Switching Presentation Transparent Proxy Caching with Web Cache Redirection Pro: Limited impact on non-Web traffic Pro: No browser or cache administration required Pro: Each client hits multiple caches –Takes advantage of data stored in all local caches, raising hit rate –Higher hit rates mean less user delay and less unnecessary WAN traffic –If any cache is down, traffic directed to other caches Con: Must purchase and deploy web cache redirection hardware/software Host B Host C Host A HTTP To A HTTP To B HTTP To C HTTP To B Cache Servers L4

NANOG L4 Switching Presentation High Availability Hot Stand By Set-Up

NANOG L4 Switching Presentation Link Failure Detection and Failover Single Link FailureCombined Network/Server Failure

NANOG L4 Switching Presentation DNS Redirection

NANOG L4 Switching Presentation Firewall Load Balancing

NANOG L4 Switching Presentation Beyond Layer 4

NANOG L4 Switching Presentation Conclusion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.