Advanced Programmable Cloudbased GSLB to Optimize Performance and
Advanced, Programmable Cloud-based GSLB to Optimize Performance and Availability Terry Bernstein Senior Product Manager Verisign Managed DNS Service
Agenda • Verisign • Global Server Load Balancing • Dynamic Traffic Management Overview & Examples Verisign Public 2
Powered By Verisign Protect and provide 100% uninterrupted DNS availability for. com and. net for more than 18 years Operate two of the Internet’s 13 root servers Worldwide constellation of 76 Internet Resolution Sites Enable more than $800 billion of global B 2 C e-commerce annually Reliable, secure & available critical Internet infrastructure processing 111 billion DNS queries daily Entrusted with the domains that define the Internet – more than 130 million domain names Develop innovative technologies reflected in hundreds of industry-leading patents Verisign Public 3
The Benefits of Global Traffic Management Organizations want to direct Internet traffic among multiple sites, clouds, or CDNs to: Improve Availability • Provide alternate locations in the event of a failure, or during routine maintenance Increase Capacity • Split traffic among multiple locations to handle peak loads Enhance Performance • Direct users to the closest or fastest service for the best experience Verisign Public Reduce Costs • Direct traffic to the least expensive location, based on service or networking costs Differentiate Services • Direct traffic based on either the physical location or IP network to provide unique services
Benefits of Traffic Management in the Cloud Enhanced Security and Availability • DDo. S attack resilient with a redundant and high-capacity infrastructure Speed and Agility Enable Fast and Easy Deployment • Does not require in-house expertise, extensive planning, or hardware/software installations Elastic Capacity • Vastly deployed cloud-based infrastructure allows companies to scale capacity up or down Cost Savings • No Capex and typically lower Opex Ideal for Cloud Platform or CDN Balancing • Truly global GLB solution that keeps traffic in the cloud for faster performance Verisign Public 5
Recursive Server DC 1 DC 2 AWS SERVICE INSTANCES Verisign Dynamic Traffic Management puts the power at your fingertips to dynamically improve Website service availability and performance utilizing rulesbased scripts with virtually unlimited options for customization. Verisign Public
Split DNS based on Source IP Multiple Internal IPs General Public Employee local internalips=build. Tbl(getacctval(“ip_list”) -- ip_list: “ 192. 0/24, 198. 51. 100. 0/24” Recursive Server if (innetwork(internalips) == true) then Single Internal IP return "internal" else if innetwork(“ 209. 112. 113. 0/24”) = true then return “public" return “internal” end else return “public” local function build. Tbl(inputstr) Internal Public DC end Servers local t={} ; local i=1 for str in string. gmatch(inputstr, "([^, ]+)") do t[i] = str ; I = I +1 end return t end Verisign Public Recursive IP? • Company Recursive Internal Server • Else Public DC
Backup for Hardware-based DNS Load Balancers www. example. com? A: 1. 1. 1. 2 3. 3 www. example. com? Automated Failover Recursive Server CNAME: svc 1. vrsn. example. com svc 1. gtm. example. com CNAME: A: 3. 3 Manual Failover local gtmhealth = getacctval( svc 1. gtm. example. com? GSLB "system+example. com+gtmcheck. example. com. +A+209. 112. 113. 33") Appliance local GTMstat = getacctval(“GTM_active") A: 1. 1. 1. 2 if gtmhealth=="F" then if GTMstat == "active" then return “Verisign_CNAME" return “GTM_CNAME" else return “Verisign_CNAME" End end “F”: Health check probe failed DC 1 DC 2 “S”: Health check probe success 1. 1. 1. 2 3. 3 Verisign Public
Choose the “Best” CDN local geo. View = getview(“My. Geo. View") if geo. View == "Asia. Pac" then return “CDN_C" end if geo. View == "Americas" then geo. Index = 1 end if geo. View == "Europe. Middle. East" then geo. Index = 2 end local A_Cost = tonumber(getacctval("cost_CDN_A")) local E_Cost = tonumber(getacctval("cost_CDN_E")) CDN A E Perf=95 Perf=60 local A_Tbl. Perf = build. Tbl(getacctval("perf_CDN_A")) local A_Perf = tonumber(A_Tbl. Perf[geo. Index]) local E_Tbl. Perf = build. Tbl(getacctval("perf_CDN_E")) local E_Perf = tonumber(E_Tbl. Perf[geo. Index]) if A_Cost <= E_Cost then Cheaper. CDN = "CDN_A" else Cheaper. CDN = "CDN_E“ end • Asia. Pac: CDN C if A_Perf <= E_Perf then Faster. CDN = "CDN_A" • Ro. W: = "CDN_E“ end else Faster. CDN • Peak hours: Fastest CDN • Off hours: Cheapest CDN local time = gettime() Verisign Public if time. hour >= 9 and time. hour < 17 then return Faster. CDN else return Cheaper. CDN Parameter Value Cost_CDN_A 10 Cost_CDN_E 6 Perf_CDN_A CDN C Perf_CDN_E 99, 75 90, 80
Dynamic Traffic Management Details LUA Scripting Functions • Parameters • • Get. Geo Get. View • IP / ASN • • • Getip Getresolverip Get. ASN Get. Resolver. ASN Get. Request. Details In. Network • add. User. Parameters get. User. Parameters delete. User. Parameters Resource Records • • create. Traffic. Management get. Traffic. Management update. Traffic. Management delete. Traffic. Management Miscellaneous • • Verisign Public • • Getacctval Geolocation • • SOAP API • Parameters Get. Random Get. Sticky Get. Variants Note 10
Summary: Traffic Management from Verisign Cloud Dynamic / Flexible • Enhanced availability and performance, lower TCO, fast and easy deployment, elastic capacity • Enables unique enterprise traffic management requirements through scripted customization and API DDo. S Resilience • Provides resilience to even the largest DNS-based DDo. S attacks Trusted • From a trusted provider of critical Internet and security infrastructure services with an unmatched record DNS uptime Proven • Built upon the technology and expertise that Verisign has developed to manage. com and. net with operational accuracy and stability for more than 18 years Global Infrastructure Verisign Public • Truly global load balancing provides enhanced user experience by reducing latency 11
© 2015 Veri. Sign, Inc. All rights reserved. VERISIGN and other trademarks, service marks, and designs are registered or unregistered trademarks of Veri. Sign, Inc. and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners.
- Slides: 12