The Ins and Outs of Layer 4 Switching
- Slides: 33
The Ins and Outs of Layer 4+ Switching Dr. Shirish Sathaye ssathae@alteon. com Vice President of Engineering NANOG L 4 Switching Presentation
Is Layer 4 Switching Meaningful? • You can’t switch at Layer 4 BUT you can use Layer 4 information to make switching decisions! • The term “Layer 4 Switching” is too confusing. It usually means one of two things: – 1. Layer 4 information is used to prioritize and queue traffic (routers have done this for years) – 2. Layer 4 information is used to direct application sessions to different servers (next generation load balancing) • Though the term may be meaningless the idea and value of L 4 switching is valid NANOG L 4 Switching Presentation
Packet-by-Packet Traffic Management Insufficient » L-2 Switches and Routers » Increasing Hardware Integration » High performance » Optimized for packet-by-packet forwarding under normal conditions » Expensive exception handling » Hop-by-Hop Traffic Management » Stateless protocols: RSVP, IGMP, 802. 1 z, 802. 1 p/Q, . . . » Requires every device along path to collaborate » No built-in end-system feedback » Only useful for WAN and LAN/WAN boundary NANOG L 4 Switching Presentation
Session-Based Traffic Management Required » Session-Aware Devices » Firewalls, traffic directors, packet shapers » End-to-End Traffic Management » » ATM, TCP, HTTP, FTP, . . . Maintain session states Built-in end-station feedback Precise control over service quality, availability and performance » Per session handling is protocol and application specific » Requires session-specific software and massive processing power NANOG L 4 Switching Presentation
How L 4 -Aware Systems Work • By making intelligent switching decisions and to forward frames based on TCP/UDP port information and IP source/destination addresses • L 4 switching=Session Switching – – examines client requests directed at the L 4 switch multiplexes client requests across any server available to handle those requests passively measures application health and responsiveness to determine server availability stateful processing • By combining the benefits of L 4 sofware on a high-speed L 2 switching platform • By using this information to establish policy controls for how traffic is to be managed NANOG L 4 Switching Presentation
Why is L 4 -switching important? NANOG L 4 Switching Presentation
Emergence of L 4 -Aware Devices Session Management and Packet-Switched Devices External Server Farm itching w S t e k c a P Qo. S Mgr Internet Intranet Load Balan. Load Firewall cer Balancer Firewall on M i s s e S ent m e g ana LAN Clients Proxy Cache Firewall itc Packet Sw hing Load Balancer Session Management NANOG L 4 Switching Presentation Internal Server Farm
Application Servers Integrating L 4 Switching » Single-function devices subsumed by routers and server switches » L 4 switch functions Internet » Multi-speed server connectivity » Reduce network overhead on servers Intranet » Monitor individual server/ application » Application session management » Server load-balancing » Web cache redirection » High availability » Session-by-session Qo. S L 4 Web Servers L 4 NFS Server Cache Servers Backup Server NANOG L 4 Switching Presentation
Traffic Management Required for New Global Applications Example: Incremental delay experienced by a 64 byte packet queued behind 10 x 1, 500 byte packets 56 Kbps: 2 -2. 5 sec T 1: 80 -100 millisec WAN Needs WAN bandwidth prioritization Milliseconds to seconds Fast Ethernet: 1 -2 millisec Gb. E: 100 -200 microsec LAN Bandwidth management debatable NANOG L 4 Switching Presentation Servers Needs intelligent distribution of traffic sessions to servers
Key Layer 4 -based Applications 1. Local/Global Server load balancing 2. High availability applications 3. Web Cache Redirection 4. DNS redirection 5. Firewall Load Balancing 6. URL-based redirection, switching NANOG L 4 Switching Presentation
Local Server Load Balancing • Scalable application processing capacity – FTP HTTP DNS • High availability – – – Database Queries Add servers on-demand Server/application health monitoring Backup and overflow servers Hot-standby switch configurations • Tiers-of-service by servers – Priority users/applications can be directed to premium servers • Integrated switch and load balancer D N S F H T T P – – Flexibility Scalability Economy of scale Performance Clients NANOG L 4 Switching Presentation
Basic Configuration NANOG L 4 Switching Presentation
Separate Real Server Groups NANOG L 4 Switching Presentation
Multiple VIPs NANOG L 4 Switching Presentation
Back-Up Servers • Real Servers can be configured as Back-Up Servers for other Real Servers or specified Virtual Services. – When backing up a Real Server, the Back-Up Server will come into service if the Real Server fails. – When backing up a Virtual Service, the Back-Up Server will come into service if all Real Servers which are part of the Virtual Service group fail. • Support for Back-Up Servers alone might be compelling reason for customers to invest in L 4 Switching. NANOG L 4 Switching Presentation
Load Balancing Algorithms • • Round Robin Least. Conns Load Based Server Feedback Based NANOG L 4 Switching Presentation
Session ID Substitution Client to Server NANOG L 4 Switching Presentation
Session ID Substitution Server-to-Client NANOG L 4 Switching Presentation
Global Server Load Balancing Issues • Increase application availability in event of entire site failure or overload • Scale application performance by load balancing traffic across multiple sites • Need for more granularity and control in directing Web traffic • More flexibility in building and managing Internet infrastructures NANOG L 4 Switching Presentation
Distributed Content Sites Today www 1. company. com www 2. company. com www 3. company. com • Mostly static content on Web (HTTP, FTP, NNTP. . ) servers • Load and site distribution through Round Robin DNS Internet • • No Site Health Awareness No Site Performance Awareness No Geographic Awareness Cached DNS requests for servers that are down produces “failure to connect” messages NANOG L 4 Switching Presentation
How L 4 GSLB Works www. foo. com 162. 113. 25. 20 Rank 1 2 3 Site B C A %Traffic 70 20 10 C 1. Client’s DNS request for www. foo. com sent to local DNS 1 www. foo. com 172. 168. 13. 10 5 4 2 2. Local DNS queries upstream DNS 3. Switch at site C receives DNS request and determines that sites B and C are closest to user. Acting as Authoritative Name Server, switch selects the best site (B) and returns site B’s IP to client’s local DNS 4. Local DNS server responds to client with site B’s VIP 5. Client opens application session to 205. 178. 2. 2 (site B) DSSP Updates 3 DNS www. foo. com 205. 178. 2. 2 Rank 1 2 3 Site B C A B Traffic 75 15 5 NANOG L 4 Switching Presentation A Rank 1 2 3 Site health, response time and throughput exchanged between switches on a periodic or event-driven basis using encoded DSSP Site B C A Traffic 80 20 10
Distributed Site State Protocol • • Lightweight, encoded protocol runs over HTTP Used to exchange health, load, throughput information Periodic Updates – Peer site performance behavior (one site’s view of all other sites) – Local site status information (server health, current connections, etc) – Periodic Updates result in each switch building an Ordered Handoff Table Triggered Updates – If a site observes that another site is unresponsive, it will Trigger all other sites to check the questionable site – If a site experiences a connection spike (reaching Max. Conns) it will trigger an update to all other sites to stop Site Handoff NANOG L 4 Switching Presentation
Dynamic, Global Site Performance Knowledge • Sites ranked based on statistical site performance data Site D 5 health checks; 25 MB/900 ms; 1000 active sessions; 1000 available sessions – Test each remote site’s (VIP) health, throughput, response, load and available capacity – Build Site Table based on time-averaged test results Site C 5 health checks; 25 MB/1800 ms; 2000 active sessions; 400 available sessions • Sites ranked based on global view of top sites – Periodically exchange Site Table with all peer sites Site A 5 health checks; 25 MB/1200 ms; 1200 active sessions; 600 available sessions – Computes Weighted Handoff Table based on how frequently each site is ranked top performing by peers A D B • Dynamic site ranking with triggered updates – If a site finds a peer site unresponsive, it will trigger all other sites to check questionable site C – If a site experiences a connection spike (reaching Max. Conns) it will trigger an update to all other sites NANOG L 4 Switching Presentation
Global Server Load Balancing Advantages #1 Site B 60% #2 Site A 30% #3 Site C 10% A B C #1 Site B 80% #2 Site A 20% #3 Site C 0% • No connection delay – Client geographic awareness based on DNS request origination – Distributed site performance awareness • Fair site selection – Statistical site performance measurements minimize impact of traffic spikes – Best performing sites get fair proportion of traffic but are not overwhelmed • Protection against “best” site failure – HTTP Redirect or IP Proxy as last resort • Straight-forward configuration • All IP protocols supported NANOG L 4 Switching Presentation
Global Server Load Balancing Site Performance Awareness • Each site performs health and performance tests on all peer sites – Server switch views a peer VIP in a remote site as a “remote server” Peer Site #1 VIP-1 for www. company. com Remote Server to Site #2 Internet – Switch performs periodic health/performance checks on all remote servers – Switch builds ordered site handoff sequence per remote server • Dynamic site ranking based on global, statistical site performance data – Switch periodically exchanges site handoff sequence with all other peer sites Peer Site #2 VIP-2 for www. company. com Remote Server to Site #1 – Switch recomputes site handoff sequence based on each peer site’s ranking by all other peer sites NANOG L 4 Switching Presentation
Web Cache Deployment Options • Proxy caching – Browser sends requests for web pages to cache instead of origin server • Transparent proxy caching – Browser sends requests for web pages to origin server – Cache sits in data path, examines all packets bound for the Internet, intercepts web traffic and processes web requests • Transparent proxy caching with web cache redirection – Browser sends requests for web pages to origin server – LAN switch sits in data path, examines all packets bound for the Internet, and redirects web traffic to cache(s) – Cache(s) attached to web cache redirector processes web requests NANOG L 4 Switching Presentation
Transparent Proxy Caching with Web Cache Redirection Host B Host A Host C • Pro: Limited impact on non-Web traffic • Pro: No browser or cache administration required • Pro: Each client hits multiple caches L 4 – Takes advantage of data stored in all local caches, raising hit rate HTTPTo B HTTPTo C HTTPTo B HTTPTo A – Higher hit rates mean less user delay and less unnecessary WAN traffic Cache Servers – If any cache is down, traffic directed to other caches • Con: Must purchase and deploy web cache redirection hardware/software NANOG L 4 Switching Presentation
High Availability Hot Stand By Set-Up NANOG L 4 Switching Presentation
Link Failure Detection and Failover Single Link Failure Combined Network/Server Failure NANOG L 4 Switching Presentation
DNS Redirection NANOG L 4 Switching Presentation
Firewall Load Balancing NANOG L 4 Switching Presentation
Beyond Layer 4 NANOG L 4 Switching Presentation
Conclusion NANOG L 4 Switching Presentation
- Circuit switching vs packet switching vs message switching
- The ins and outs of sarah
- Difference between datagram and virtual circuit approach
- Circuit switched vs packet switched
- Cell switching vs packet switching
- A switched wan is normally implemented as a network
- Cell switching vs packet switching
- Data link layer switching
- Data link layer switching
- Leg muscles
- Enzyme cut-outs activity answer key
- Enzyme cut-outs activity
- Fig 19
- Git layers
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Secure socket layer and transport layer security
- Layer 6 presentation layer
- Layer 2 e layer 3
- Layer-by-layer assembly
- Layer 2 vs layer 3 bitstream
- Routing fabric
- Abderazek ben abdallah
- 325181028 routing
- Routing and switching protocols
- Code switching and code mixing
- Overvoltage due to switching surges
- Lan switching and wireless
- Optical switching and networking
- Intraverbal fill-ins examples
- Hát kết hợp bộ gõ cơ thể
- Features of greenstone digital library software
- Sit ins