Advanced SLB High Availability and Stateless SLB
Objectives Upon completion of this module, you will be able to: Describe Server Load Balancing (SLB) high availability Distinguish between different high availability options Describe Sym-Active SLB configuration Describe stateless and stateful SLB Perform the lab exercises 2
High Availability Options on the ADX Hot Standby SLB: One Brocade ServerIron ADX (ADX) is always active while the other ADX is always standby. Symmetric SLB (active-standby): Both ADXs can receive SLB traffic, but only the active VIP handles the L4-7 SLB traffic, while the standby VIP functions as a standby. Sym-Active SLB (active-active): Both ADXs can receive SLB traffic, and both are active for the same VIP. Configuring sym-active and sym-priority on the VIP enables a device to process traffic in active-active mode. 3
Hot Standby SLB One ADX is active while other constantly checks the active ADX 4
Symmetric SLB VIPs active on one ADX are backup on the other ADX; this is based on the sym-priority parameter 5
Sym-Active SLB (Active-Active) The same VIPs are active on both ADXs 6
High Availability Dual L2 Switches More resiliency in case of a failure 7
High Availability Full redundancy at all levels 8
High Availability Redundant DSR 9
High Availability Active-standby server network interfaces 10
High Availability (cont.) Sym-Active SLB ADXs with active-active dual-homed servers 11
Hot Standby Redundancy Boot Up Sequence On boot, the ADX checks for a private link (sync-link), if not present the ADX becomes the active ADX If a private link is present, the ADX listens for the presence of a primary ADX If the ADX detects a primary (active ADX) through its backup monitoring port, the ADX is placed in standby mode If the ADX does not detect a primary within one second then the ADX becomes the primary ADX 12
Hot Standby Failover Algorithm 1. Does the active ADX have more healthy router ports than the standby ADX? Yes: The active ADX remains active No: Go to Step 2 2. Do the active and standby ADXs have the same number of healthy router ports? Yes: Go to Step 3 No: SLB fails-over to the standby ADX since it has more healthy router ports 3. Does the active ADX have the same number or more of healthy server ports than the standby ADX? Yes: The active ADX remains active No: SLB fails-over to the standby ADX since it has more healthy server ports, even though both ADXs have the same number of healthy router ports 13
Sym-Active SLB 14
Configuring Symmetric SLB Priority This command assigns a high priority of 254 to VIP1 for load balancing on this ADX Syntax: [no] sym-priority <num> Example: ADX(config)# server virtual-name VIP1 1.2.3.4 ADX(config-vs-VIP1)# sym-priority 254 15
Displaying Symmetric SLB Information Use the show server symmetric command to display Symmetric SLB information Syntax: show server symmetric Example: ADX(config)# show server symmetric Server Symmetric port = 1 Group_id = 1 Candidate cnt = 0 Port No-rx 1 100824 16
Configuring Sym-Active SLB The sym-active command makes the high availability config into an active-active config Syntax: [no] sym-active Example: ADX(config)# server virtual-name VIP1 1.1.1.1 ADX(config-vs-VIP1)# port 80 ADX(config-vs-VIP1)# sym-priority 69 ADX(config-vs-VIP1)# sym-active 17
Enable Session Synchronization on an Application This allows session synchronization to happen for port 80 (HTTP) Syntax: server port <TCP/UDP-portnum> Syntax: [no] session-sync Example: ADX(config)# server port 80 ADX(config-port-80)# session-sync 18
Configure a VIP Group The VIP Group defines a collection of VIPs that fail over together to the backup if the active fails Syntax: [no] server vip-group <number> Example: ADX(config)# server vip-group 1 ADX(config-vip-group-[1])# vip 10.10.1.100 ADX(config-vip-group-[1])# exit 19
Bind VIP Group to a VRID This allows a VIP Group to be associated to a Virtual Router ID (VRID) Syntax:[no] ip vrrp vrid 1 Syntax:[no] vip-group 1 Example: ADX(config)# router vrrp (-extended) ADX(config)# interface e1/2 ADX(config-if-e100-1/2)# ip vrrp vrid 1 ADX(config-if-e100-12-vrid-1)# vip-group 1 20
Sym-Active SLB Using VRRP-E Must have Layer 2 connection between two ADXs Must exchange Layer 3 broadcast Must be in same subnet as VIPs Same VIP must balance all requests for a given VIP Must share the session table information 21
Dynamic Symmetric SLB Priority Symmetric SLB (SSLB) can automatically adjust a VIP application s SSLB priority to a lower value if a given application fails a health check By default, the priority determines which ADX becomes the active one for the VIP and application Starts off with a predefined priority When VIP application fails, Symmetric SLB priority is decremented All VIP bound applications must fail for priority to decrement Priority of 0 (zero) turns off Symmetric SLB 22
Configure Dynamic Sym Priority Factor This allows the priority to be decremented by the value of the factor for VIP failure Syntax: [no] dyn-sym-pri-factor <num> The <num> parameter can be a value from 1 255 and specifies the amount by which you want the ADX to decrement a VIPs priority when an application on the VIP fails a health check Example: ADX_B(config-vs-VIP1)# sym-priority 30 ADX_B(config-vs-VIP1)# dyn-sym-pri-factor 9 23
The show server virtual Command This command shows the status, VIP, and ports on the virtual side; Enabled is a good state Server Name: VIP1 IP : 2.3.4.5 : 1 Status: enabled Predictor: least-conn TotConn: 0 Dynamic: No HTTP redirect: disabled Intercept: No ACL: id = 0 Sym: group = 1 state = 5 priority = 30 keep = 0 dyn priority/factor = 21/ 9 Activates = 1, Inactive= 0 Best-standby-mac = 0000.0000.0000 Port State Sticky Concur Proxy CurConn TotConn PeakConn ftp enabled NO NO NO 0 0 http enabled NO NO NO 0 0 0 default enabled NO NO NO 0 0 0 24
Configuring Failover Based on Active VIP Count This allows you to configure ADX to failover based on number of active VIPs and not router ports Syntax: [no] server backup-vip-count Example: ADX(config)# server backup-vip-cnt 25
Configuring Failover Based on the Number of Active Virtual Ports Allows failover to happen based on number of active virtual ports Syntax: [no] server backup-vport-count Example: ADX(config)# server backup-vport-cnt 26
Configuring Delayed Failover This allows the failover to be delayed for a specified time before going into effect Syntax: [no] server backup-delay-seconds <backupwait-seconds> Example: ADX(config)# server backup-delay-seconds 20 27
Active-Active in Routing Mode Lab 11
Active-Active in Routing Mode Lab Exercise 29
Stateless Server Load Balancing
Stateful and Stateless Server Load Balancing Stateful load balancing: Uses session table entries to track connections between the client and server, and requires the server responses to pass back through the ADX Stateless load balancing: Does not create session table entries and does not require the server response to pass back through the ADX Typically used by applications that are not context sensitive 31
Stateless Server Load Balancing Stateless port No session in session table Hash algorithm to select real server Uses request s source IP/UDP port and IP address Can be disabled for UDP Uses Round Robin 32
Disabling Hashing for UDP DNS Traffic Turn off hashing for stateless DNS traffic Syntax: [no] port <udp-portnum> stateless no-hash Example: ADX(config)# server virtual VIP1 192.168.4.69 ADX(config-vs-VIP1)# port dns stateless no-hash 33
Stateless Server Load Balancing for HTTP Traffic Makes HTTP traffic stateless under the VIP configuration Syntax: [no] port http stateless Example: ADX(config)# server virtual StatelessHTTP 192.168.4.69 ADX(config-vs-StatelessHTTP)# port http stateless ADX(config-vs-StatelessHTTP)# bind http R1 http ADX(config-vs-StatelessHTTP)# bind http R2 http 34
Summary ADX provides robust HA solutions The three main HA options are, Hot standby, active standby and Sym-Active (also called active-active) Sym-priority and Sym-Active are two configuration parameters that control the sym active HA mode ADX supports both stateful and stateless applications. By default, applications are stateful VRRP and VIP Groups are used to control the operation of the HA modes 35
Advanced SLB High Availability and Stateless SLB