Introduction to ServerIron ADX Application Switching and Load Balancing. Module 7: Global Server Load Balancing (GSLB) Revision 0310



Similar documents
December ServerIron ADX. Global Server Load Balancing Guide. Supporting Brocade ServerIron ADX version 12.5.

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing

Alteon Global Server Load Balancing

Citrix NetScaler Global Server Load Balancing Primer:

Global Server Load Balancing

Global Server Load Balancing (GSLB) Concepts

FortiBalancer: Global Server Load Balancing WHITE PAPER

Advanced SLB High Availability and Stateless SLB

Global Server Load Balancing

Server Iron Hands-on Training

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 5: Server Load Balancing (SLB) Revision 0310

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

Introduction to ServerIron ADX Application Switching and Load Balancing. Module 6: Content Switching (CSW) Revision 0310

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers

Advanced Networking Technologies

Exam Name: Foundry Networks Certified Layer4-7 Professional Exam Type: Foundry Exam Code: FN0-240 Total Questions: 267

How to set up the Integrated DNS Server for Inbound Load Balancing

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

1 Introduction: Network Applications

BCLP in a Nutshell Study Guide for Exam Exam Preparation Materials

Configuring Health Monitoring

Extreme Networks NetSight SDN Integration with A10 Networks Load Balancer, Service Pools and Virtualization Resources

How To Guide Edge Network Appliance How To Guide:

ExamPDF. Higher Quality,Better service!

Configuring Citrix NetScaler for IBM WebSphere Application Services

How to Add Domains and DNS Records

Reverse Proxy Guide. Version 2.0 April 2016

Connection Broker The Leader in Managing Hosted Desktop Infrastructures and Virtual Desktop Infrastructures (HDI and VDI) DNS Setup Guide

Understanding Slow Start

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Wireshark DNS. Introduction. nslookup

How To Manage Dns On An Elfiq Link Load Balancer (Link Balancer) On A Pcode (Networking) On Ipad Or Ipad (Netware) On Your Ipad On A Ipad At A Pc Or Ipa

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

Chapter 16 Route Health Injection

Deploying SAP NetWeaver Infrastructure with Foundry Networks ServerIron Deployment Guide

IOS Server Load Balancing

IOS Server Load Balancing

Cisco ACE GSS 4492R Global Site Selector

CS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015

Policy Based Forwarding

Deployment Guide Microsoft IIS 7.0

MS 10972A Administering the Web Server (IIS) Role of Windows Server

Using DNS SRV to Provide High Availability Scenarios

DNS ROUND ROBIN HIGH-AVAILABILITY LOAD SHARING

Wireshark Lab: DNS. 1. nslookup

Load Balancing Microsoft Sharepoint 2010 Load Balancing Microsoft Sharepoint Deployment Guide

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

Digi Cellular Application Guide Using Digi Surelink

Application and service delivery with the Elfiq idns module

ENTERPRISE DATA CENTER CSS HARDWARE LOAD BALANCING POLICY

A Layman's Guide to Global Server Load Balancing

COMP 361 Computer Communications Networks. Fall Semester Midterm Examination

FortiGate Multi-Threat Security Systems I

Application-layer protocols

F-SECURE MESSAGING SECURITY GATEWAY

Deployment Guide AX Series with Citrix XenApp 6.5

Private Cloud. Technical Overview. Revision Date: 10 August 2015

Cisco GSS 4492R Global Site Selector

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Firewall Load Balancing

HUAWEI OceanStor Load Balancing Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

LinkProof DNS Quick Start Guide

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

Basic Administration for Citrix NetScaler 9.0

Ensuring Business Continuity and Disaster Recovery with Coyote Point Systems Envoy

Cisco GSS 4492R Global Site Selector

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Track 2: Operations: Data Center Architectures and Technologies

EECS 489 Winter 2010 Midterm Exam

Lab 5 Explicit Proxy Performance, Load Balancing & Redundancy

Server Traffic Management. Jeff Chase Duke University, Department of Computer Science CPS 212: Distributed Information Systems

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

Application Note. Active Directory Federation Services deployment guide

Configuring the CSS and Cache Engine for Reverse Proxy Caching

Brocade Virtual Traffic Manager and Microsoft SharePoint 2010 Deployment Guide

10972-Administering the Web Server (IIS) Role of Windows Server

Firewall Load Balancing

Radware AppDirector and Juniper Networks Secure Access SSL VPN Solution Implementation Guide

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

A Standard Modest WebSite

F5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: Mob.:

Combining Global Load Balancing and Geo-location with Emissary TM

Using IPM to Measure Network Performance

Network Layers. CSC358 - Introduction to Computer Networks

Copyright

Load Balancing. FortiOS Handbook v3 for FortiOS 4.0 MR3

Load Balancing for Microsoft Office Communication Server 2007 Release 2

FortiOS Handbook - Load Balancing VERSION 5.2.2

Computer Networks - CS132/EECS148 - Spring

Link Load Balancing :50:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Securing Networks with PIX and ASA

Solutions Guide. Deploying Citrix NetScaler for Global Server Load Balancing of Microsoft Lync citrix.com

Configuring the Content Routing Software

Administering the Web Server (IIS) Role of Windows Server

Lecture 2 CS An example of a middleware service: DNS Domain Name System

Part 5 DNS Security. SAST01 An Introduction to Information Security Martin Hell Department of Electrical and Information Technology

Transcription:

Introduction to ServerIron ADX Application Switching and Load Balancing Module 7: Global Server Load Balancing (GSLB) Revision 0310

Objectives Upon completion of this module, the student will: Be able to understand the need for a GSLB Be able to define the GSLB policy Setup the ServerIron ADX as a DNS proxy Configure GSLB and Site information Define and use GSLB affinity settings 2

How Does Global Server Load Balancing Work GSLB ServerIron ADX adds intelligence to authoritative DNS evaluates IP address best host for client is on placed on top of the returned DNS list sets DNS TTL Local DNS has most current information GLSB ServerIron ADX gathers information from Site/Remote ServerIron ADXs: Local VIPs Session table statistics and CPU load Round Trip Time (RTT) between client and remote site (Client s TCP SYN and Client s TCP ACK) GSLB uses proprietary communication between Sites 3

Domain Name Server (DNS) Defines a naming scheme for the Internet domain Translates names into an IP address Implemented as a distributed database DNS names are constructed hierarchically sunc.scit.wlv.ac.uk www.brocade.com 4

DNS Hierarchical Structure 5

Distributed Domain Database 6

A Record (Address Record) root@linux:~> dig www.brocade.com ;; QUESTION SECTION: ;www.brocade.com. IN A ;; ANSWER SECTION: www.brocade.com. 3600 IN A 63.236.63.244 ;; AUTHORITY SECTION: brocade.com. 3600 IN NS ns1.sfj.pnap.net. brocade.com. 3600 IN NS ns1.brocade.com. brocade.com. 3600 IN NS ns2.sfj.pnap.net. brocade.com. 3600 IN NS ns2.brocade.com. ;; ADDITIONAL SECTION: ns1.sfj.pnap.net. 41909 IN A 216.52.1.1 ns1.brocade.com. 3600 IN A 63.251.100.12 ns2.sfj.pnap.net. 41909 IN A 216.52.1.33 <<truncated>> 7

DNS Request Types Two types: Recursive - get me the best answer (most common) Example shown below Iterative - give me the answer or the next hop www.example.brocade.com 8

Global Server Load Balancing (GSLB) Overview GSLB operations: Modes - [non] transparent, cache Proxy DNS (Authoritative address is a VIP[s]) GSLB ADX does contain an DNS server Provides caching and the ability to respond to A records Two components in a GSLB configuration: GSLB ServerIron ADX Front-ends an authoritative DNS server(s) Remote sites can include a ServerIron ADX and a real server Geographically separated authoritative DNSs can be front-ended by two GSLBs or by one GSLB with Source-NAT GSLB protocol is used to communicate between a GSLB ADX and a remote ADX. (TCP port 182) 9

GSLB Features Leverages existing DNS servers Minimal disruption to existing network environment Measures proximity to actual customers in the most accurate manner Ability to tolerate failures after DNS lookup is complete Implemented on highest performing traffic management switch Provides the most comprehensive global server load balancing with or without using DNS 10

GSLB Example Appear as one web site to clients Directs a client to the nearest server for fastest content delivery Directs a client to the best alternate server in case of server outage Provide transparent backup in case of natural disasters, power outages SLB and GSLB operations be single box 11

DNS limitations (no GSLB) No server health checks clients directed to dead servers No proximity awareness clients can be sent to farthest server Just round-robin inefficient load balancing Local DNS caches responses clients maybe sent to dead servers 12

HTTP Redirect limitations (no GSLB) Works only for HTTP traffic Requires different host names for each site Could be redirected to an inoperable server 13

ServerIron ADX GSLB Direction to Functional Site Approach: Directs client to optimal site Front-end the authoritative DNS Server Transparently modify the DNS response based on server and application availability Authoritative DNS server can be located remotely Results in: Leveraging existing DNS servers Easy to configure and manage Minimal disruption to existing DNS servers 14

Site Selection Criteria Default evaluation order: 1. Server Health 2. ServerIron ADX session capacity threshold 3. Round Trip Time between the remote ServerIron ADX and the DNS client 4. The geographic location of the server 5. ServerIron ADX available session capacity 6. FlashBack speed 7. Least Response selection / Round Robin 15

1. Server Health Client opens browser and requests www.brocade.com Authoritative DNS passes a Round Robin response with 3 addresses through the GSLB ADX ADX sends health checks based on application port to each of these addresses 16

2. Session Capacity Threshold GSLB ServerIron ADX gathers session info using GSLB Protocol with the remote ServerIron ADXs. ServerIron ADX(config)# show gslb site ServerIronTE: sunnyvale ServerIron slb-1 209.157.22.209 State: CONNECTION ESTABLISHED Current num. Session CPU load Location Sessions Util% (%) 500000 50 35 N-AM Virtual IPs: 209.157.22.227(A) ServerIron ADX(config)# Show gslb site ServerIronTE: Tokyo ServerIron slb-1 209.157.22.111 State: CONNECTION ESTABLISHED Current num. Session CPU load Location Sessions Util% (%) 750000 75 41 N-AM Virtual IPs: 209.157.22.227(A) The GSLB learns from each remote ServerIron ADX shows the maximum number of sessions and the number of available session via GSLB Default Session Capacity Threshold: 90%. i.e. If the current number of sessions has not reached 90% of the supported total, the site is eligible for being selected as the best site 17

3. Round-Trip Time (RTT) A site is favored by GSLB only if the RTT difference is more than 10% (default). 18

4. Geographic Location of the Server IP Addresses are allocated in blocks to different continents Based on the client IP address, ServerIron ADX picks the web site ensuring that requests stay in continental domains This approach cannot differentiate IP addresses within a continent 19

5. Available Session Capacity ServerIron ADX(config)# show gslb site ServerIronTE: sunnyvale ServerIron slb-1 209.157.22.209 State: CONNECTION ESTABLISHED Current num. Session CPU load Location Sessions Util% %) 1000000 50 35 N-AM Virtual IPs: 209.157.22.227(A) 10% Capacity tolerance by default The first ServerIron ADX is preferred over the second ServerIron ADX because the difference (200,000) is greater than 10% of 1 million. If another ServerIron ADX with 900,000 sessions was available, it would be equally preferable with the first ServerIron ADX because 10% difference is less that threshold. ServerIron ADX(config)# show gslb site ServerIronTE: Tokyo ServerIron slb-1 209.157.22.111 State: CONNECTION ESTABLISHED Current num. Session CPU load Location Sessions Util% (%) 800000 75 41 N-AM Virtual IPs: 209.157.22.227(A) 20

6. FlashBack FlashBack measures the roundtrip time between the ServerIron ADX in front of authoritative DNS and each other site (Basically, the Health Check Time) FlashBack serves as a starting point for network responsiveness and proximity information Uses tolerance value when comparing FlashBack speeds. 10% difference by default 21

7a. Least Response Selection (Default) 22

7b. Round Robin Selection 23

GSLB Affinity Allows preference of one site over all others as long as the server is HEALTHY Other sites used for backup IP address based Preference affinity - affinity definition associated with client s IP address - prefix (144.10.0.0/16) Configured default affinity - 0.0.0.0/0 Up to 50 affinities 24

Site ServerIron ADX Affinity Configuration ServerIron ADX(config)# gslb affinity ServerIron ADX(config-gslb-affinity)# prefer denver slb-1 for 0.0.0.0/0 ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# preference Turns on policy Prefer Denver over all other sites 25

Site ServerIron ADX Affinity (Cont.) Always prefer Denver for prefixes = 144.10.0.0/16 Always prefer London for prefixes = 144.20.0.0/16 (Disabled by default) 26

GSLB Administrative Preference The administrative preference allows the following: Temporarily change the preference of a site to accommodate changing network conditions Temporarily disqualify a site ServerIron ADX from being selected, without otherwise changing the site s configuration or the GSLB ServerIron ADX s configuration Bias a GSLB ServerIron ADX that is also configured as a site ServerIron ADX (for locally configured VIPs) to always favor itself as the best site Syntax: [no] si-name [<name>] <ip-addr> [<preference>] 27

show gslb default / show gslb policy SW-ServerIron ADX_A(config)# show gslb policy Default metric order: ENABLE Metric processing order: 1-Server health check 2-Remote ServerIron's session capacity threshold 3-Round trip time between remote ServerIron and client 4-Geographic location 5-Remote ServerIron's available session capacity 6-Server flashback speed 7-Least response selection DNS active-only: DISABLE DNS best-only: DISABLE DNS override: DISABLE DNS cache-proxy: DISABLE DNS transparent-intercept: DISABLE DNS cname-detect: DISABLE Modify DNS response TTL: ENABLE DNS TTL: 10 (sec), DNS check interval: 30 (sec) Remote ServerIron status update period: 30 (sec) Session capacity threshold: 90% Session availability tolerance: 10% Round trip time tolerance: 10%, round trip time explore percentage: 5% Round trip time cache prefix: 20, round trip time cache interval: 120 (sec) Flashback appl-level delay tolerance: 10%, TCP-level delay tolerance: 10% Connection load: DISABLE 28

GSLB ServerIron ADX Configuration Steps 1. Add real server definitions 2. Add VIP 3. Identify the sites 4. Identify the ServerIron ADXs at the site 5. Identity the DNS zones 6. Identify the host applications with each host 7. Add a source-ip address 29

Configuration Example (1 of 3) 30

Configuration Example (2 of 3) Configure DNS Proxy Parameters Configure a source IP address The source IP address is required so that the GSLB ServerIron ADX can perform Health Checks on remote devices Add a real-server definition for the DNS Add a VIP for the DNS and bind the real server and virtual server. ServerIron_SanJose(config)# server source-ip 209.157.23.225 255.255.255.0 0.0.0.0 ServerIron_SanJose(config)# server real-name dns_ns 209.157.23.46 ServerIron_SanJose(config-rs-dns_ns)# port dns proxy ServerIron_SanJose(config)# server virtual-name dns-proxy 209.157.23.87 ServerIron_SanJose(config-vs-dns-proxy)# bind dns dns_ns dns This VIP is what the world thinks is the Auth. Name Server This Real Address is one of the actual Name Servers 31

Configuration Example (3 of 3) Configure Site Parameters Specify the sites and the ServerIron ADXs within the site Configure Zone Parameters Specify the Zones and the host names within the zones ServerIron ADX(config)# gslb site sunnyvale ServerIron ADX(config-gslb-site-sunnyvale)# si-name slb-1 209.157.22.209 ServerIron ADX(config-gslb-site-sunnyvale)# si-name slb-2 209.157.22.210 ServerIron ADX(config)# gslb site Tokyo ServerIron ADX(config-gslb-site-Tokyo)# si-name slb-1 192.108.22.111 ServerIron ADX(config-gslb-site-Tokyo)# si-name slb-2 192.108.22.112 ServerIron ADX(config)# gslb dns zone-name brocade.com ServerIron ADX(config-gslb-dns-brocade.com)# host-info www http ServerIron ADX(config-gslb-dns-brocade.com)# host-info ftp ftp Zone Parameters Site Parameters 32

show gslb site (1 of 2) ServerIron ADX(config)# show gslb site ServerIronTE: sunnyvale ServerIron: slb-1 209.157.22.209: state: CONNECTION ESTABLISHED Current num. Session CPU load Preference Location sessions util(%) (%) 500000 50 35 128 N-AM Virtual IPs: 209.157.22.227(A) 209.157.22.103(A) ServerIron: slb-2 209.157.22.210: state: CONNECTION ESTABLISHED Current num. Session CPU load Preference Location sessions util(%) (%) 1 0 16 128 N-AM Virtual IPs: 209.157.22.227(S) 33

show gslb dns zone ServerIron ADX# show gslb dns zone ZONE: b.c HOST: a: Flashback DNS resp. delay selection (x100us) counters TCP APP Count (%) * 4.4.4.11: dns v-ip DOWN N-AM -- -- 6 (26%) * 1.1.1.11: dns v-ip ACTIVE N-AM 0 0 6 (26%) * 2.2.2.11: dns v-ip DOWN N-AM -- -- 6 (26%) * 3.3.3.11: dns real-ip DOWN N-AM -- -- 5 (21%) IP addresses associated with a host name in a DNS Reply. These are the servers that contain the content for the host. 34

show gslb dns detail ServerIron ADX(config)# show gslb dns detail ZONE: brocade.com HOST: www: Flashback delay (x100us) TCP APP (%) * 209.157.22.227: dns v-ip ACTIVE N-AM. 6 60 40 site: sunnyvale, ServerIron: slb-1 (209.157.22.209) session util: 0%, avail. sessions: 524287 preference: 128 HOST: ftp: Flashback delay (x100us) TCP APP (%) * 209.157.22.103: dns v-ip ACTIVE N-AM. 6 60 40 site: sunnyvale, ServerIron: slb-2 (209.157.22.210) session util: 7%, avail. sessions: 414287 preference: 128 DNS resp. selection percentage DNS resp. selection percentage 35

Remote Show - rshow SW-GSLB(config)# rshow 133.100.10.2 server real Requesting real server 133.100.10.2... Type Control-c to abort Management address of site ServerIron ADX Real Servers Info ======================== State(St) - ACT:active, ENB:enabled, FAL:failed, TST:test, DIS:disabled, UNK:unknown, UNB:unbind, AWU:await-unbind, AWD:await-delete Name : rs1 Mac-addr: 0010.e000.f518 IP:10.10.10.202 Range:1 State:Active Wt:0 Max-conn:1000000 Port St Ms CurConn TotConn Rx-pkts Tx-pkts Rx-octet Tx-octet Reas ---- -- -- ------- ------- ------- ------- -------- -------- ---- http ACT 0 0 2 240 153 293814 17852 0 default UNB 0 0 0 0 0 0 0 0 Server Total 0 2 240 153 293814 17852 0 36

GSLB Lab 7-1

Lab 7-1: GSLB 38

Modifying DNS Parameters Deleting sites that fail health checks Retain best address only Verification of DNS records Time-To-Live value DNS override DNS Cache Proxy 39

Delete Sites that Fail Health Checks ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns active-only Syntax: [no] dns active-only 40

Best Address Only ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns best-only Syntax: [no] dns best-only 41

Verification of DNS Records ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns check-interval 50 Syntax: [no] dns check-interval <num> GSLB SI periodically (default 30 ) sends DNS Queries to the Auth DNS to verify Zone/Host and IP address info with the Auth. DNS server. 42

Time-To-Live Value ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns ttl 45 Syntax: [no] dns ttl <num> By default, the GSLB SI resets the TTL to 10 to ensure the clients always get the best site. 43

DNS Override (Proxy Server) ServerIron ADX(config)# gslb dns zone brocade.com ServerIron ADX(config-gslb-dns-brocade.com)# host www http ServerIron ADX(config-gslb-dns-brocade.com)# host www ip-list 209.157.23.59 Syntax: host <host-name> ip-list <ip-addr...> GSLB SI overrides the IP addresses with the IPs configured on itself for a given host received from the Auth DNS. 44

Enable DNS Override ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns override Syntax: [no] dns override 45

DNS Cache Proxy ServerIron ADX(config)# gslb policy ServerIron ADX(config-gslb-policy)# dns cache-proxy Syntax: [no] dns cache-proxy When DNS cache proxy is enabled, the GSLB ServerIron caches the IP addresses for the requested domain, and responds to the client with the best address among the ones that are cached, without forwarding the request to the DNS server. 46

GSLB without a DNS server Lab 7-2

Lab 7-2: GSLB without a DNS server 48

End of Module 7: Global Server Load Balancing (GSLB) Revision 0310

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information