Introduction to ServerIron ADX Application Switching and Load Balancing. Module 6: Content Switching (CSW) Revision 0310



Similar documents
Deploying the Brocade ServerIron ADX with Microsoft Exchange Server 2010

Advanced SLB High Availability and Stateless SLB

Chapter 16 Route Health Injection

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM

Deploying SAP NetWeaver Infrastructure with Foundry Networks ServerIron Deployment Guide

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 5: Server Load Balancing (SLB) Revision 0310

Exam Name: Foundry Networks Certified Layer4-7 Professional Exam Type: Foundry Exam Code: FN0-240 Total Questions: 267

Configuring Class Maps and Policy Maps

Managing Virtual Servers

Configuring Stickiness

Configuring Traffic Policies for Server Load Balancing

FortiOS Handbook - Load Balancing VERSION 5.2.2

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing

Configuring Network Address Translation

Understanding Slow Start

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers

Configuring SSL Termination

Table of Contents. Open-Xchange Authentication & Session Handling. 1.Introduction...3

FortiOS Handbook Load Balancing for FortiOS 5.0

Server Iron Hands-on Training

HTTP. Internet Engineering. Fall Bahador Bakhshi CE & IT Department, Amirkabir University of Technology

ServerIron TrafficWorks Server Load Balancing Guide

Chapter 1 Load Balancing 99

CS640: Introduction to Computer Networks. Applications FTP: The File Transfer Protocol

<Insert Picture Here> Oracle Web Cache 11g Overview

Citrix NetScaler 10 Essentials and Networking

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Firewall Load Balancing

How To Manage A Netscaler On A Pc Or Mac Or Mac With A Net Scaler On An Ipad Or Ipad With A Goslade On A Ggoslode On A Laptop Or Ipa On A Network With

Configuring Health Monitoring

Deploying the BIG-IP System with Oracle E-Business Suite 11i

BCLE in a Nutshell Study Guide for Exam Exam Preparation Materials

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 7: Global Server Load Balancing (GSLB) Revision 0310

Configuring DHCP Snooping

CloudOYE CDN USER MANUAL

BCLP in a Nutshell Study Guide for Exam Exam Preparation Materials

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

Network Technologies

CNS-205 Citrix NetScaler 10 Essentials and Networking

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Configuring Highly Available OracleAS Infrastructure with Brocade ServerIron Application Delivery Controllers

CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration

HAProxy. Ryan O'Hara Principal Software Engineer, Red Hat September 17, HAProxy

CS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015

Deploying Brocade ServerIron ADX to Increase Availability, Scalability, and Security of Microsoft Lync Server 2010 Infrastructure

ServerIron SSL Implementation and

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

ENQUIRY NO.NIE/PS/ DATE: 02/09/2014

Introducing the BIG-IP and SharePoint Portal Server 2003 configuration

Basic & Advanced Administration for Citrix NetScaler 9.2

Web applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh

Snapt Balancer Manual

ALOHA LOAD BALANCER MANAGING SSL ON THE BACKEND & FRONTEND

CheckPoint Software Technologies LTD. How to Configure Firewall-1 With Connect Control

Internet Technologies. World Wide Web (WWW) Proxy Server Network Address Translator (NAT)

Implementing Microsoft Office Communications Server 2007 With Coyote Point Systems Equalizer Load Balancing

Implementation of Web Application Firewall

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

By Bardia, Patit, and Rozheh

TROUBLESHOOTING RSA ACCESS MANAGER SINGLE SIGN-ON FOR WEB-BASED APPLICATIONS

Layer 7 Load Balancing and Content Customization

Migrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

Load Balancing Web Applications

reference: HTTP: The Definitive Guide by David Gourley and Brian Totty (O Reilly, 2002)

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.

Cookies Overview and HTTP Proxies

The HTTP Plug-in. Table of contents

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

No. Time Source Destination Protocol Info HTTP GET /ethereal-labs/http-ethereal-file1.html HTTP/1.

> Technical Configuration Guide for Microsoft Network Load Balancing. Ethernet Switch and Ethernet Routing Switch Engineering

Cisco AnyConnect Secure Mobility Solution Guide

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

Setting Up SSL / HTTPS for Local Primo Customers

CNS-208 Citrix NetScaler 10 Essentials for ACE Migration

THE PROXY SERVER 1 1 PURPOSE 3 2 USAGE EXAMPLES 4 3 STARTING THE PROXY SERVER 5 4 READING THE LOG 6

ATS Test Documentation

Configuring Load Balancing

Internet Technologies Internet Protocols and Services

Working With Virtual Hosts on Pramati Server

HAProxy. Free, Fast High Availability and Load Balancing. Adam Thornton 10 September 2014

DEPLOYMENT GUIDE DEPLOYING F5 WITH SAP NETWEAVER AND ENTERPRISE SOA

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

CNS-208 CITRIX NETSCALER 10.5 ESSENTIALS FOR ACE MIGRATION

Enabling Remote Access to the ACE

Configuring Citrix NetScaler for IBM WebSphere Application Services

TESTING & INTEGRATION GROUP SOLUTION GUIDE

CNS-200-1I Basic Administration for Citrix NetScaler 9.0

Configuring Health Monitoring

Outline Definition of Webserver HTTP Static is no fun Software SSL. Webserver. in a nutshell. Sebastian Hollizeck. June, the 4 th 2013

Basic Administration for Citrix NetScaler 9.0

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Chapter 7 Configuring Trunk Groups and Dynamic Link Aggregation

Integrating the F5 BigIP with Blackboard

NETASQ ACTIVE DIRECTORY INTEGRATION

IOS Server Load Balancing

Transcription:

Introduction to ServerIron ADX Application Switching and Load Balancing Module 6: Content Switching (CSW) Revision 0310

Objectives Upon completion of this module the student will be able to: Define layer 7 switching / Content Switching (CSW) Describe Cookie Switching Describe Cookie Hashing Define the difference between Cookie Hashing and Cookie Switching Describe URL Switching Implement Cookie Switching and URL Switching using CLI 2

Session Persistence The ability to persist all the sessions for a given user to the same server for the duration of an application transaction. Identify the user Recognize when an application transaction begins or ends Types of Session Persistence: Source IP, Virtual IP, Port Port Tracking Concurrent Sticky Cookie Based Persistence Switching Hashing 3

What is L7 Content Switching? Load balancing based on rules and actions defined by users Load balancing based on any specified HTTP header Load balancing based on XML content Load-balancing decisions based on multiple HTTP headers or XML tags Redirecting requests to alternate URLs or domains, persisting requests to servers, and simple forwarding actions. Content rewrite, insertion and deletion functions 4

Common Layer 7 CSW Features Cookie Switching / Insertion Client-IP Header Insertion URL Switching URL Rewrite URL Redirect (HTTP Redirect) HTTP to HTTPS Rewrite Insert Custom Response Header 5

Layer 7 Switching Methods Cookie Switching Uses cookie to direct to specific server or server group Cookie Hashing Hashes on a cookie to direct client's request to a specific server URL Switching Uses a user specified piece of the URL to direct to specific server or server group URL Hashing Hashes the URL string to direct to a specific server or server group 6

Cookie Switching Overview Provides a standards based way for the server to communicate with the load balancer Cookie name is user-configurable Ensures persistence to the same server 7

Cookie Switching Configuration Step 1: Configure the Server to set a cookie: SetCookie( ServerID, 1024 ) Step 2: Configure the real server: Server or Server Group ID ServerIron ADX (config)# server real-name rs100 192.168.1.100 ServerIron ADX (config-rs-rs100)# port http server-id 1024 ServerIron ADX (config-rs-rs100)# exit 8

Cookie Hashing Overview Ensures that a given set of cookie names and value will always be sent to the same server 9

ServerIron ADX Hashing to Direct Requests to a Real Server 1. ServerIron ADX examines the Cookie header in an HTTP request. 2. ServerIron ADX logically reduces the Cookie header to a number between 0-255. 3. The number corresponds to one of 256 internal hashing buckets on the ServerIron ADX 4. Using its load balancing metric, the ServerIron ADX allocates a real server to the hashing bucket. 5. The ServerIron ADX sends the HTTP request to the real server allocated to the cookie s hashing bucket. 10

URL Switching Overview Specify URL rules based on prefix, suffix or a pattern Up to 256 URL rules Benefits of URL switching without losing source IP information Support for URL hashing: Select a server by hashing the whole URL or a specific segment 11

Layer 7: Using a Cookie The cookie can be used to distinguish individuals The cookie can maintain session persistence between client and server Direct HTTP request to server or server groups based on information in the cookie 12

Cookie Switching Value of cookie defines real server s ID Cookie: ServerID=2 (go to server 2) Persistence cannot be guaranteed One cookie can have multiple IDs Cookie:ServerID=2; ServerID=1;address=San Jose; 13

Cookie Hashing The calculation of the checksum or hash key can be based on one of the following strings: Value of certain cookie the check sum can be based on the value of ServerID which is 1; Value of the whole cookie header the checksum of :ServerID=1; comment= This is a long string. Checksum based on the whole string will be time consuming.:; will be calculated. 14

Cookie Hashing (Cont.) Hash on cookie Assigns hash value to a server Resolution to same hash value get same server Hash value can be based on: Value of portion of cookie Value of compound (entire) cookie 15

Cookie Insertion 1. ServerIron ADX inserts cookie in response from server 2. Next client request is directed to server or server group based on information in cookie 3. ServerIron ADX can also delete a cookie 16

Cookie Insertion (Cont.) The ServerIron ADX will insert a cookie when: There is no cookie header The cookie header exists but it does not contain the cookie name specified by the port http cookie-name command. The cookie name is found, but the cookie value is out of range. The cookie value must be between 1 2047. The cookie name is found, but the real server or server group indicated by the cookie value is not available. 17

Layer 7 Content Switching (CSW) Introduction

Layer 7 CSW : 3-Step Configuration Content Switching requires a 3 step configuration process in order to define the content switching rules and policies. 1. Define a CSW Rule 2. Create a policy Policies match rules and take action 3. Bind and enable policy to a Virtual Server 19

Step 1: Define a CSW Rule Specifies content to match in HTTP traffic 1.Header Example: (config)# csw-rule rule4 header host exists (also: header prefix/suffix/pattern/equals/search) 2.URL Example: (config)# csw-rule rule3 url exists (also: url prefix/suffix/pattern/equals/search) 3.Method Example: (config)# csw-rule rule1 method eq PUT (also: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, or CONNECT) 4.Version Example: (config)# csw-rule rule2 version eq 1.1 20

Step 2: Create a policy Specifies action to take when rule is matched 1. Create a policy (config)# csw-policy p1 (config-csw-p1)# 2. Match rule/take action in one statement a) Forward (config-csw-p1)# match rule1 forward 1029 b) Redirect (config-csw-p1)# match rule1 redirect "*" "*" ssl c) Rewrite (config-csw-p1)# match rule1 rewrite request-insert client-ip 21

Step 3: Bind policy and Enable CSW Bind policy & turn on csw to a particular VIP (config)# server virtual cswvip 192.168.10.100 (config-vs-cswvip)# port http (config-vs-cswvip)# port http csw-policy p1 (config-vs-cswvip)# port http csw (config-vs-cswvip)# bind http rs1 http (*) (*) must bind at least 1 real server to http and it must be Active 22

Examples: CSW Rules and Policies Global Policy Example: create a policy called Policy1 SLB(config)# csw-policy "Policy1" Rules url pattern- matches a string in the url header header - matches a string in the header Example: Redirect the client to SSL, default goes SSL. SLB(config-csw-Policy1)# default redirect "*" "*" ssl first "*" is match all domains; second "*" is match all urls 23

CSW Primary and Secondary Commands Primary Commands Persist - sends requests with similar content to the same server Reset-client - sends a reset to the client to terminate the connection Reply-error - replies a 403 error back to the client Redirect - redirects client traffic Forward - forwards traffic to a specified server or server group Example: default is to forward traffic to server group 10 SLB(config-csw-Policy1)# default forward 10 Secondary Commands (*) Log - logs to external log server when a rule is matched Rewrite - modifies the HTTP header, insert or deletes content Example: modifies HTTP header, inserting client IP address SLB(config-csw-p1)# default rewrite request-insert client-ip (*) A primary command must exist, before a secondary can be used 24

Cookie Session Persistence The server can have cookies inserted based on the server being in: A server group Servers are in a group and session persistence is done on the servers in the group An individual server There servers are stand alone and each server has it s own server ID. 25

Configure Server Group ID ServerIron ADX (config)# server real-name rs1 10.10.10.201 ServerIron ADX (config-rs-rs1)# port http group-id 10 10 ServerIron ADX (config-rs-rs1)# exit ServerIron ADX (config)# server real-name rs2 10.10.10.202 ServerIron ADX (config-rs-rs2)# port http group-id 10 10 ServerIron ADX (config-rs-rs2)# exit Syntax: [no] port http group-id <server-group-id-range> 26

Configure Server ID ServerIron ADX (config)# server real-name rs1 10.10.10.201 ServerIron ADX (config-rs-rs100)# port http server-id 1024 ServerIron ADX (config-rs-rs100)# exit ServerIron ADX (config)# server real-name rs2 10.10.10.202 ServerIron ADX (config-rs-rs100)# port http server-id 1025 ServerIron ADX (config-rs-rs100)# exit Syntax: [no] port http server-id <server-id> 27

Enable Cookie Switching Policy (config)# server virtual cookievip 206.65.10.20 (config-vs-cookievip)# port http (config-vs-cookievip)# port http cookie-name ServerID (config-vs-cookievip)# port http csw-policy mycookie (config-vs-cookievip)# port http csw (config-vs-cookievip)# bind http rs1 http rs2 http 28

Define CSW Rule for Cookie Switching Specifies content to match in HTTP traffic Example of Header Rule: (config)# csw-rule r1 header cookie search ServerID (also: header prefix/suffix/pattern/equals/search) 29

Create a Policy for Cookie Switching Specifies action to take when rule is matched 1. Create a policy (config)# csw-policy mycookie (config-csw-mycookie)# 2. Match rule & take action in one statement a) Persist (config-csw-mycookie)# match r1 persist offset 0 length 4 group-or-server-id b) Forward (config-csw-mycookie)# default forward 10 c) Rewrite (config-csw-mycookie)# default rewrite insert-cookie 30

Cookie Insertion Lab 6-1

Lab 6-1: Cookie Insertion 32

Cookie Domains A cookie domain identifies a server that sent a cookie The browser will only send the cookie to http://server.domain1.com or to a.us.oracle.com what ever the domain is, that is the server the cookie will be sent to. 33

Cookie Domains (Cont.) A cookie domain identifies a server that sent a cookie ServerIron ADX (config)# server virtual cookievip 192.168.1.241 ServerIron ADX (config-vs-cookievip)# port http cookiedomain brocade.com ServerIron ADX (config-vs-cookievip)# exit Syntax: [no] port <virtual port> cookie-domain <domain> 34

Cookie Path Sets the URL that the cookie is valid for. ServerIron ADX (config)# server virtual cookievip 192.168.1.241 ServerIron ADX (config-vs-cookievip)# port http cookiepath "/services/documentation/ ServerIron ADX (config-vs-cookievip)# exit Syntax: [no] port <virtual port> cookie-path <path> 35

Cookie Age ServerIron ADX (config)# server virtual cookievip 192.168.1.241 ServerIron ADX (config-vs-cookievip)# port http cookie-age 10 ServerIron ADX (config-vs-cookievip)# exit Syntax: [no] port <virtual port> cookie-age <minutes> 36

Display Cookie Information ServerIron ADX # show cookie-info Cookie: Total Inserted: 3 Total Insertion Error: 0 Total Deleted: 9 Total Deletion Error: 0 Total Destroyed: 5 Total Destroy Error: 0 Content Rewrites: Total Allocated: 34 Total Freed: 34 Used Now: 0 Allocation Failures: 0 Total Memory Already Consumed: 1600 KB. Total Memory Can Be Reached: 25600 KB. 37

HTTP/1.1 Packet Analysis GET /images/homenav/homenav1.gif HTTP/1.1 Accept: */* Referer: http://206.65.10.10 Accept-Encoding: gzip, deflate If-Modified-Since: Wed, 27 Oct 1999 20:10:54 GMT; length=1054 Host: 206.65.10.10 Connection: Keep-Alive Cookie: Training_Cookie_001=0 HTTP/1.0 304 Not Modified Set-Cookie: Training_Cookie_001=0 U; path=/ Date: Thu, 30 Oct 2003 19:12:58 GM Connection: close ETag: "40818-41e-38175c4e HTTP/1.0 304 Not Modified Set-Cookie: Training_Cookie_001=1111; path=/ Date: Thu, 30 Oct 2003 20:26:17 GMT Server: Apache/1.3.6 (Unix) mod_perl/1.21 mod_ssl/2.2.8 OpenSSL/0.9.2b Connection: close ETag: "9887-3696-3c64d382" 38

URL Switching

URL Switching for Personal Websites Inspecting the URL to serve multiple web sites General pattern matching on string 40

URL Switching Static and Dynamic Content Separate static content requests from dynamic content requests Pattern matching on suffix and string 41

Define CSW Rule for URL Switching Specifies string to match in URL Example of URL Prefix Rule (config)#csw-rule products url prefix /PRODUCTS case-insensitive (config)#csw-rule support url prefix /SUPPORT case-insensitive 42

Create a Policy for URL Switching Specifies action to take when rule is matched 1. Create a policy (config)# csw-policy myurlpolicy case-insensitive (config-csw-myurlpolicy)# 2. Match rule & take action in one statement a) Forward (config-csw- myurlpolicy)# match products forward 201 b) Forward config-csw-myurlpolicy)# match support forward 202 c) Forward (config-csw-myurlpolicy)# default forward 201 43

Enable URL Switching Policy Configuration Steps: ADX (config)# server virtual url-sw-vip 206.65.10.20 ADX (config-vs-url-sw-vip)# port http ADX (config-vs-url-sw-vip)# port http csw-policy myurlpolicy ADX (config-vs-url-sw-vip)# port http csw ADX (config-vs-url-sw-vip)# bind http rs1 http rs2 http 44

URL Switching Lab 6-2

Lab 6-2: URL Switching 46

End of Module 6: Content Switching (CSW) Revision 0310

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information