Download presentation
Presentation is loading. Please wait.
Published byLincoln Gaff Modified over 9 years ago
1
The Ins and Outs of Layer 4+ Switching Dr. Shirish Sathaye ssathae@alteon.com Vice President of Engineering
2
NANOG L4 Switching Presentation Is Layer 4 Switching Meaningful? You can’t switch at Layer 4 BUT you can use Layer 4 information to make switching decisions! The term “Layer 4 Switching” is too confusing. It usually means one of two things: –1. Layer 4 information is used to prioritize and queue traffic (routers have done this for years) –2. Layer 4 information is used to direct application sessions to different servers (next generation load balancing) Though the term may be meaningless the idea and value of L4 switching is valid
3
NANOG L4 Switching Presentation Packet-by-Packet Traffic Management Insufficient »L-2 Switches and Routers »Increasing Hardware Integration »High performance »Optimized for packet-by-packet forwarding under normal conditions »Expensive exception handling »Hop-by-Hop Traffic Management »Stateless protocols: RSVP, IGMP, 802.1z, 802.1p/Q,... »Requires every device along path to collaborate »No built-in end-system feedback »Only useful for WAN and LAN/WAN boundary
4
NANOG L4 Switching Presentation Session-Based Traffic Management Required »Session-Aware Devices »Firewalls, traffic directors, packet shapers »End-to-End Traffic Management »ATM, TCP, HTTP, FTP,... »Maintain session states »Built-in end-station feedback »Precise control over service quality, availability and performance »Per session handling is protocol and application specific »Requires session-specific software and massive processing power
5
NANOG L4 Switching Presentation How L4-Aware Systems Work By making intelligent switching decisions and to forward frames based on TCP/UDP port information and IP source/destination addresses L4 switching=Session Switching –examines client requests directed at the L4 switch –multiplexes client requests across any server available to handle those requests –passively measures application health and responsiveness to determine server availability –stateful processing By combining the benefits of L4 sofware on a high-speed L2 switching platform By using this information to establish policy controls for how traffic is to be managed
6
NANOG L4 Switching Presentation Why is L4-switching important?
7
NANOG L4 Switching Presentation QoS Mgr Emergence of L4-Aware Devices Session Management and Packet-Switched Devices Internal Server Farm External Server Farm Proxy Cache Load Balan- cer QoS Mgr Proxy Cache Firewall Load Balan- cer LAN Clients Packet Switching Session Management Intranet Internet Packet Switching Firewall
8
NANOG L4 Switching Presentation Integrating L4 Switching »Single-function devices subsumed by routers and server switches »L4 switch functions »Multi-speed server connectivity »Reduce network overhead on servers »Monitor individual server/ application »Application session management »Server load-balancing »Web cache redirection »High availability »Session-by-session QoS Intranet Internet L4 Cache Servers Backup Server NFS Server Web Servers Application Servers L4
9
NANOG L4 Switching Presentation Servers Needs intelligent distribution of traffic sessions to servers Milliseconds to seconds WAN Needs WAN bandwidth prioritization 56Kbps: 2-2.5 sec T1: 80-100 millisec Traffic Management Required for New Global Applications Example: Incremental delay experienced by a 64 byte packet queued behind 10 x 1,500 byte packets Bandwidth management debatable LAN Fast Ethernet: 1-2 millisec GbE: 100-200 microsec
10
NANOG L4 Switching Presentation Key Layer 4-based Applications 1. Local/Global Server load balancing 2. High availability applications 3. Web Cache Redirection 4. DNS redirection 5. Firewall Load Balancing 6. URL-based redirection, switching
11
NANOG L4 Switching Presentation Local Server Load Balancing Clients HTTPHTTP DNSDNS FTP HTTP Database Queries DNS FTPFTP Scalable application processing capacity –Add servers on-demand High availability –Server/application health monitoring –Backup and overflow servers –Hot-standby switch configurations Tiers-of-service by servers –Priority users/applications can be directed to premium servers Integrated switch and load balancer –Flexibility –Scalability –Economy of scale –Performance
12
NANOG L4 Switching Presentation Basic Configuration
13
NANOG L4 Switching Presentation Separate Real Server Groups
14
NANOG L4 Switching Presentation Multiple VIPs
15
NANOG L4 Switching Presentation Back-Up Servers Real Servers can be configured as Back-Up Servers for other Real Servers or specified Virtual Services. –When backing up a Real Server, the Back-Up Server will come into service if the Real Server fails. –When backing up a Virtual Service, the Back-Up Server will come into service if all Real Servers which are part of the Virtual Service group fail. Support for Back-Up Servers alone might be compelling reason for customers to invest in L4 Switching.
16
NANOG L4 Switching Presentation Load Balancing Algorithms Round Robin LeastConns Load Based Server Feedback Based
17
NANOG L4 Switching Presentation Session ID Substitution Client to Server
18
NANOG L4 Switching Presentation Session ID Substitution Server-to-Client
19
NANOG L4 Switching Presentation Global Server Load Balancing Issues Increase application availability in event of entire site failure or overload Scale application performance by load balancing traffic across multiple sites Need for more granularity and control in directing Web traffic More flexibility in building and managing Internet infrastructures
20
NANOG L4 Switching Presentation Distributed Content Sites Today www1.company.com www2.company.com www3.company.com Internet Mostly static content on Web (HTTP, FTP, NNTP..) servers Load and site distribution through Round Robin DNS No Site Health Awareness No Site Performance Awareness No Geographic Awareness Cached DNS requests for servers that are down produces “failure to connect” messages
21
NANOG L4 Switching Presentation How L4 GSLB Works 1. Client’s DNS request for www.foo.com sent to local DNS 2. Local DNS queries upstream DNS 3. Switch at site C receives DNS request and determines that sites B and C are closest to user. Acting as Authoritative Name Server, switch selects the best site (B) and returns site B’s IP to client’s local DNS 4. Local DNS server responds to client with site B’s VIP 5. Client opens application session to 205.178.2.2 (site B ) www.foo.com 205.178.2.2 www.foo.com 172.168.13.10 www.foo.com 162.113.25.20 Site health, response time and throughput exchanged between switches on a periodic or event-driven basis using encoded DSSP A B C DSSP Updates 14 2 3 5 Rank Site %Traffic 1B70 2C20 3A10 RankSiteTraffic 1B80 2C20 3A10 RankSiteTraffic 1B75 2C15 3A5 DNS
22
NANOG L4 Switching Presentation Distributed Site State Protocol Lightweight, encoded protocol runs over HTTP Used to exchange health, load, throughput information Periodic Updates –Peer site performance behavior (one site’s view of all other sites) –Local site status information (server health, current connections, etc) –Periodic Updates result in each switch building an Ordered Handoff Table Triggered Updates –If a site observes that another site is unresponsive, it will Trigger all other sites to check the questionable site –If a site experiences a connection spike (reaching MaxConns) it will trigger an update to all other sites to stop Site Handoff
23
NANOG L4 Switching Presentation Dynamic, Global Site Performance Knowledge Sites ranked based on statistical site performance data –Test each remote site’s (VIP) health, throughput, response, load and available capacity –Build Site Table based on time-averaged test results Sites ranked based on global view of top sites –Periodically exchange Site Table with all peer sites –Computes Weighted Handoff Table based on how frequently each site is ranked top performing by peers Dynamic site ranking with triggered updates –If a site finds a peer site unresponsive, it will trigger all other sites to check questionable site –If a site experiences a connection spike (reaching MaxConns) it will trigger an update to all other sites Site A 5 health checks; 25MB/1200ms; 1200 active sessions; 600 available sessions A B C D Site C 5 health checks; 25MB/1800ms; 2000 active sessions; 400 available sessions Site D 5 health checks; 25MB/900ms; 1000 active sessions; 1000 available sessions
24
NANOG L4 Switching Presentation Global Server Load Balancing Advantages A B C #1 Site B 60% #2 Site A 30% #3 Site C 10% #1 Site B 80% #2 Site A 20% #3 Site C 0% No connection delay –Client geographic awareness based on DNS request origination –Distributed site performance awareness Fair site selection –Statistical site performance measurements minimize impact of traffic spikes –Best performing sites get fair proportion of traffic but are not overwhelmed Protection against “best” site failure –HTTP Redirect or IP Proxy as last resort Straight-forward configuration All IP protocols supported
25
NANOG L4 Switching Presentation Global Server Load Balancing Site Performance Awareness Each site performs health and performance tests on all peer sites –Server switch views a peer VIP in a remote site as a “remote server” –Switch performs periodic health/performance checks on all remote servers –Switch builds ordered site handoff sequence per remote server Dynamic site ranking based on global, statistical site performance data –Switch periodically exchanges site handoff sequence with all other peer sites –Switch recomputes site handoff sequence based on each peer site’s ranking by all other peer sites Peer Site #1 VIP-1 for www.company.com Remote Server to Site #2 Peer Site #2 VIP-2 for www.company.com Remote Server to Site #1 Internet
26
NANOG L4 Switching Presentation Web Cache Deployment Options Proxy caching –Browser sends requests for web pages to cache instead of origin server Transparent proxy caching –Browser sends requests for web pages to origin server –Cache sits in data path, examines all packets bound for the Internet, intercepts web traffic and processes web requests Transparent proxy caching with web cache redirection –Browser sends requests for web pages to origin server –LAN switch sits in data path, examines all packets bound for the Internet, and redirects web traffic to cache(s) –Cache(s) attached to web cache redirector processes web requests
27
NANOG L4 Switching Presentation Transparent Proxy Caching with Web Cache Redirection Pro: Limited impact on non-Web traffic Pro: No browser or cache administration required Pro: Each client hits multiple caches –Takes advantage of data stored in all local caches, raising hit rate –Higher hit rates mean less user delay and less unnecessary WAN traffic –If any cache is down, traffic directed to other caches Con: Must purchase and deploy web cache redirection hardware/software Host B Host C Host A HTTP To A HTTP To B HTTP To C HTTP To B Cache Servers L4
28
NANOG L4 Switching Presentation High Availability Hot Stand By Set-Up
29
NANOG L4 Switching Presentation Link Failure Detection and Failover Single Link FailureCombined Network/Server Failure
30
NANOG L4 Switching Presentation DNS Redirection
31
NANOG L4 Switching Presentation Firewall Load Balancing
32
NANOG L4 Switching Presentation Beyond Layer 4
33
NANOG L4 Switching Presentation Conclusion
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.