TCP Splicing for URL-aware Redirection Objectives What is a layer-7 switch Why content-aware switching Difference between layer-4 and layer-7 routing TCP splicing Case studies Linux-based content aware switch IBM Layer 5
Layer-7 switch A layer-7 switch is also known as a URL-aware redirector or a content-smart switch They all refer to “a switch having the capability to redirect HTTP requests based on the URL specified in the client’s GET request” As we know that there are two types of HTTP request message: GET and POST
Layer-7 switch (Cont.) HTTP GET message format: ASCII (human-readable format) request line (GET, HEAD commands) GET /somedir/page.html HTTP/1.1 Host: www.someschool.edu User-agent: Mozilla/4.0 Connection: close Accept-language:fr header lines Carriage return, line feed indicates end of message
Content-aware Switch Front-end of a web cluster www.yahoo.com Internet Image Server IP TCP APP. DATA Application Server GET /cgi-bin/form HTTP/1.1 Host: www.yahoo.com… Switch HTML Server Front-end of a web cluster Route packets based on layer 5/7 (content) information
Why use Context-aware Switching Servers can be specialized for certain types of request Content segregation Exploit locality Affinity-based routing Increase the performance because of the improved hit rate Partial replication of server file set Partition the server’s file set over different nodes
Layer 4 vs. 7 Routing
Content-aware Switch Architecture Two way architecture Both request and response pass through switch One way architecture Only the request passes through switch Response goes directly to the client Servers and switch may share a virtual IP (VIP) Needs modification of ARP/ICMP
Content-aware Switch Architecture Two way architecture Server returns the response to the switch One way architecture response to the client client switch server
Layer-7 Two-way Architecture
Layer-7 Two-way Mechanisms TCP gateway An application level proxy running on the web switch mediates the communication between the client and the server TCP splicing reduce the overhead in TCP gateway. Packet forwarding occurs at network level between the network interface driver and the TCP/IP stack, is carried out directly by OS user kernel user kernel
URL Parsing is expensive!! Performing content-aware routing implies that some kind of string searching and matching algorithm is required Such a time-consuming function is expensive in a heavy traffic web site Experience showed that the system performance would be severely degraded if we implement some URL parsing functions in the distributor
TCP splicing Once the two TCP connections are established, they are spliced IP packets are forwarded at the network layer TCP splicing requires Connection binding Packet analyzer to rewrite packets Appropriate address translation Sequence number modifications to be performed on the packets Basically, we are deploying connection re-use
Operation of Content-aware Distributor
Functional Overview of Linux-based content aware switch
IBM Layer 5 Switch Architecture Switch core Port controller: Identify packets (layer 5) and send them to CPU Processing all other packets CPU: PowerPC 603e Parse http request URL based routing
Layer-7 one-way architecture
Layer-7 one-way mechanisms TCP handoff The switch hands off the TCP connection endpoint to the server TCP connection hop Software-based proprietary solution encapsulating the IP packet in an RPX packet and sending it to the server
Layer-7 one-way mechanisms Migrate the created TCP connection from the switch to the back-end sever Create a TCP connection at the back-end without going through the TCP three-way handshake Retrieve the state of an established connection and destroy the connection without going through the normal message handshake required to close a TCP connection Once the connection is handed off to the back-end server, the switch must forward packets from the client to the appropriate back-end server
TCP Splicing: Summary Why URL-aware switching Layer-4 versus layer-7 routing TCP splicing TCP gateway Case studies Linux-based content aware switch IBM Layer 5