Integrating Load Balancing Technology In Layer 4 Switches.Companies continuously strive to increase market share, deliver better service, and provide higher returns to their shareholders. Increasingly, the company Web site, along with the IT infrastructure behind it, is playing an important role in helping to achieve these goals. Similarly, bandwidth management Controlling the traffic flow in a network. See bandwidth manager. , 24/7 uptime, and high security are critical concerns for the IT managers in charge. In the past year, various advancements such as accelerated network performance via Gigabit Ethernet An Ethernet standard that transmits at 1 Gbps. Used mostly to connect high-end workstations and servers as well as for network backbones, Gigabit Ethernet transmits full duplex from point to point using switches and half duplex in a shared environment (CSMA/CD) using a hub. and Layer 3 switching have removed the router bottleneck. However, content, software, network, and server failure can still threaten application availability. Resources are often out of balance with low performance resources receiving more requests than their higher performance counterparts. Solving these problems requires an integrated approach, one that includes multi-layer switches and high availability Also called "RAS" (reliability, availability, serviceability) or "fault resilient," it refers to a multiprocessing system that can quickly recover from a failure. There may be a minute or two of downtime while one system switches over to another, but processing will continue. load balancing The fine tuning of a computer system, network or disk subsystem in order to more evenly distribute the data and/or processing across available resources. For example, in clustering, load balancing might distribute the incoming transactions evenly to all servers, or it might redirect them appliances. Many switches typically provide wire-speed Layer 2 and wire-speed Layer 3 capabilities at a relatively low cost-per-port basis. However, when it comes to high availability load balancing at Layer 7, they tend to falter in performance as it relates to load balancing decisions per second. The fewer the decisions, the greater the backup of users blocked from trying to "get in" to a site. Where is the switching market headed? Most likely, switch vendors will integrate Layer 4 load balancing functionality into their switch products. This directly addresses the market need of core wire-speed load balancing functionality in combination with wire-speed switching and routing capabilities. It provides for server load balancing, high availability, server health checking, and a majority of load balancing tasks. Second, the more specialized Layer 7 capabilities will evolve within appliances working alongside switches in a complementary fashion. That's because application technology is rapidly evolving and is, therefore, more appropriate to a software-based device rather than a hardware-based device. This brings us to the first evolution of switches and load balancing, which involves the integration of Layer 4 load balancing directly onto the switch. In fact, switch vendors have already begun this process. Why? Quite simply, Layer 4 code represents the core functionality required to implement load balancing and it: * Allows the balancing of IP protocols such as Web, email, FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to , LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory. , streaming audio and video, UDP UDP (uridine diphosphate): see uracil. (User Datagram Protocol) A protocol within the TCP/IP protocol suite that is used in place of TCP when a reliable delivery is not required. , TCP (1) (Transmission Control Protocol) The reliable transport protocol within the TCP/IP protocol suite. TCP ensures that all data arrive accurately and 100% intact at the other end. , DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the , and SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. * Allows the balancing of multiple network devices, including: Internet servers, firewalls, routers, cache servers, proxy servers, multimedia servers, VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. , NFS (Network File System) The file sharing protocol in a Unix network. This de facto Unix standard, which is widely known as a "distributed file system," was developed by Sun. See file sharing protocol and WebNFS. NFS - Network File System , and LDAP servers * Brings load balancing algorithms to the switch; for example, round robin, least connections, ratio, and fastest * Provides simplified coordination of switch, router, and load-balancing functionality * Offers fewer devices to manage * Provides flexibility in upgrades: no need to build a new ASIC (Application Specific Integrated Circuit) Pronounced "a-sick." A chip that is custom designed for a specific application rather than a general-purpose chip such as a microprocessor. (Application-Specific Integrated Circuit (hardware) Application-Specific Integrated Circuit - (ASIC) An integrated circuit designed to perform a particular function by defining the interconnection of a set of basic circuit building blocks drawn from a library provided by the circuit manufacturer. ) when upgrades become available * Delivers seamless integration between the switch, the wide-area traffic manager, and the file replication and synchronization product * Provides a simplified, coordinated solution for switch and load balancing functionality * Delivers coordinated policies for Quality of Service, access policies, and system security * Gives customers a cost-effective switch--with wire-speed load balancing functionality The more specialized application functions are considered Layer 7. Layer 7 is particularly useful in providing high availability and intelligent load balancing for mission-critical e-commerce and enterprise applications. Potential benefits include: 1. ECV ECV External Cephalic Version ECV Enhanced Call Verification (ADT Alarm Services) ECV Extracellular Volume ECV Expanded Capacity Vehicle ECV Electrical Cardioversion ECV Expected Commercial Value ECV Essential Climate Variable (Extended Content Verification) and EAV EAV, n.pr See electroacupuncture according to Voll. (Extended Application Verification) server health checking (though TCP/UDP TCP/UDP Transmission Control Protocol/User Datagram Protocol application port checking is included in the Layer 4 capability) 2. Filtering for traffic shaping and security; multiple persistence options through many different modes, including Source, Server, VIP, SSL, Cookie Persistence, and Destination Address Affinity 3. Greater network reliability and stability (it is easier to diagnose and correct problems that are isolated to a particular device) 4. Faster time to market as it relates to application changes and innovations Layer 7 Integration Problems One might ask: Why not simply embed Layer 7 technology into a switch, similar to the integration of Layer 4? Basically, Layer 7 is tightly integrated with the application infrastructure and specialized application Layer 7 functionality is more appropriately delegated to an appliance-based device than to a switch. For those environments needing application-level content checking, combining (not embedding) Layer 7 appliance functionality with the switch solution provides the greatest flexibility, performance, scalability, and manageability. Customers benefit through an open and flexible solution that is implemented through software, which can easily be enhanced and updated as necessary. Some vendors are, of course, attempting to incorporate Layer 2-7 load balancing into their switches. However, close examination reveals that they are doing so by sacrificing functionality, including routing and performance. For example, consider virtual IP addresses. The "right" integrated approach (switch+load balancing) can handle up to 10,000 virtual IP addresses without any significant drain on the product's overall performance. The "wrong" integrated approach (the "all-in-one" switch) translates into a product that is greatly limited in the number of IP addresses it can support, often as few as 256. Degradation of overall product performance can occur with as few as 40 IP addresses. Another problem is the ability (or lack thereof) to troubleshoot when a problem occurs within the network. Is it the problem with the switch? Is it with the load balancer? Configuration and troubleshooting become a guessing-game, something few network managers will tolerate for very long. Additionally, the load balancing functionality within these vendors' products is ASIC-based. To add additional Layer 7 functionality to the product, the vendor is tied to ASIC release cycles. Since ASIC cycles take approximately 12 months, customers will see 7 "Internet Years" pass them by before the product can address any new requirements. Additionally, various surveys indicate that most customers prefer a "best-of-breed" approach to a consolidated approach when it comes to introducing functionality into their networks. Most customers prefer to have this mission-critical, high availability, and load balancing functionality in best-of-breed solutions that integrate tightly with their network infrastructure. In the future, most commonly used load balancing capabilities will be incorporated into switching devices; the more specialized Layer 7 capabilities will continue to evolve within appliances working alongside switches in a complementary fashion. This is because application technology continues to evolve rapidly and event-driven and specialized Layer 7 functionality is more appropriate to an appliance-based device. The more common Layer 7 functions will eventually exist in switch products, as well, but typically not with the specialization associated with function-specific appliance devices. The agreements between high-availability, load-balancer appliance vendors and various switch vendors deliver the best of both worlds by allowing a "best of breed" solution for the "heavy-lifting" of most server load balancing applications and a specialized best-of-breed solution where application checking is required. Brett Helsel is the vice president of product development and CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. at F5 Networks (Seattle, WA). |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion