Escolar Documentos
Profissional Documentos
Cultura Documentos
Layer4+Switching
Dr. Shirish Sathaye
ssathae@alteon.com
Vice President of Engineering
Thoughthetermmaybemeaninglesstheideaandvalueof
L4switchingisvalid
NANOG L4 Switching
Hop-by-Hop Traffic
Management
Stateless protocols: RSVP,
IGMP, 802.1z, 802.1p/Q, ...
Requires every device along path
to collaborate
No built-in end-system feedback
Only useful for WAN and LAN/WAN
boundary
NANOG L4 Switching
Session-Aware Devices
Firewalls, traffic directors,
packet shapers
End-to-End Traffic
Management
NANOG L4 Switching
BycombiningthebenefitsofL4sofwareonahighspeedL2
switchingplatform
By usingthisinformationtoestablishpolicycontrolsfor
howtrafficistobemanaged
NANOG L4 Switching
NANOG L4 Switching
External Server
Farm
hing
c
t
i
w
S
t
e
Pack
Load
BalanFirewall cerLoad
Balancer
Firewall
QoS
Mgr
QoS
Mgr
Internet
Intranet
o
Sessi
ent
m
e
g
a
n
n Ma
LAN
Clients
Proxy
Cache
Proxy
Cache
Firewall
itching
w
S
t
e
k
c
Pa
Load
Balancer
Session Management
NANOG L4 Switching
Internal
Server
Farm
Application Servers
Integrating L4 Switching
Single-function devices
subsumed by routers
and server switches
L4 switch functions
Intern
et
L4
Web Servers
L4
NFS Server
Cache Servers
Backup Server
NANOG L4 Switching
WAN
Needs WAN
bandwidth
prioritization
Milliseconds
to seconds
Fast Ethernet: 1-2 millisec
GbE: 100-200 microsec
LAN
Bandwidth
management
debatable
Server
s
Needs intelligent
distribution of traffic
sessions to servers
NANOG L4 Switching
NANOG L4 Switching
FTP
HTTP
DNS
Highavailability
Tiersofservicebyservers
Database
Queries
Integratedswitchandloadbalancer
D
N
S
F H
T T
P T
P
Flexibility
Scalability
Economy of scale
Performance
Clients
NANOG L4 Switching
Ethernet
Basic Configuration
Ethernet
Client
Real Server
192.168.2.1
Client
Server Ports
Client
Ethernet
Ethernet
Client Ports
Real Server
192.168.2.2
Layer 4 Switch
Virtual IP
192.168.2.100
Ethernet
Client
Real Server
192.168.2.3
Real Server
192.168.2.4
Domain Name
www.right.com
Virtual IP Address
192.168.2.100
Ports Activated
80 (HTTP)
21 (FTP)
Port Mapping
None
NANOG L4 Switching
Real IP Addresses
192.168.2.1
192.168.2.2
192.168.2.3
192.168.2.4
Domain Name
Virtual IP Address
Ports Activated
Port Mapping
www.right.com
192.168.2.100
80 (HTTP)
None
www.right.com
192.168.2.100
21 (FTP)
None
NANOG L4 Switching
Real IP Addresses
192.168.2.1
192.168.2.2
192.168.2.3
192.168.2.4
Multiple VIPs
Domain Name
Virtual IP Address
Ports Activated
Port Mapping
Real IP Addresses
www.right.com
192.168.2.100
80 (HTTP)
21 (FTP)
None
192.168.2.1
192.168.2.2
wwwleft.com
192.168.2.101
80 (HTTP)
21 (FTP)
None
192.168.2.3
192.168.2.4
Domain Name
Virtual IP Address
Ports Activated
Port Mapping
Real IP Addresses
www.right.com
192.168.2.100
80 (HTTP)
None
192.168.2.1
192.168.2.2
www.left.com
192.168.2.101
80 (HTTP)
8001
192.168.2.2 (8001)
192.168.2.3 (8001)
192.168.2.4 (8001)
NANOG L4 Switching
Back-Up Servers
Real Servers can be configured as Back-Up Servers for
other Real Servers or specified Virtual Services.
When backing up a Real Server, the Back-Up Server will come
into service if the Real Server fails.
When backing up a Virtual Service, the Back-Up Server will come
into service if all Real Servers which are part of the Virtual
Service group fail.
NANOG L4 Switching
Round Robin
LeastConns
Load Based
Server Feedback Based
NANOG L4 Switching
Session ID Substitution
Client to Server
NANOG L4 Switching
Session ID Substitution
Server-to-Client
NANOG L4 Switching
NANOG L4 Switching
Internet
No Geographic Awareness
Cached DNS requests for servers
that are down produces failure to
connect messages
NANOG L4 Switching
www.foo.com
162.113.25.20
Rank
1
2
3
Site
B
C
A
%Traffic
70
20
10
C
1. Clients DNS request for
www.foo.com sent to local
DNS
www.foo.com
172.168.13.10
DSSP
Updates
DNS
www.foo.com
205.178.2.2
Rank
1
2
3
Site
B
C
A
B
Traffic
75
15
5
A
Rank
1
2
3
NANOG L4 Switching
Site
B
C
A
Traffic
80
20
10
NANOG L4 Switching
Site C
5 health checks; 25MB/1800ms;
2000 active sessions;
400 available sessions
Site A
5 health checks; 25MB/1200ms;
1200 active sessions;
600 available sessions
D
B
NANOG L4 Switching
A
B
C
#1 Site B 80%
#2 Site A 20%
#3 Site C 0%
No connection delay
Client geographic awareness based on
DNS request origination
Distributed site performance awareness
Fair site selection
Statistical site performance
measurements
minimize impact of traffic spikes
Best performing sites get fair
proportion of traffic but are not
overwhelmed
Protection against best site failure
HTTP Redirect or IP Proxy as last
resort
Straight-forward configuration
All IP protocols supported
NANOG L4 Switching
Peer Site #2
VIP-2 for www.company.com
Remote Server to Site #1
NANOG L4 Switching
NANOG L4 Switching
Host C
L4
HTTPTo B
HTTPTo C
HTTPTo B
HTTPTo A
High Availability
Hot Stand By Set-Up
Network Ports
Server Ports
AN
1
AS
1
Server
Active Switch
AN
2
AS
2
Client Network
Server Network
Failover Link
SN
1
OFF
Client Network
SN
2
SS
1
Standby Switch
Standby Ports
SS
2
Server Network
Server
NANOG L4 Switching
Server Ports
AN
1
Network Ports
AS
1
Active Switch
AN
2
AS
2
AN
1
Server
AN
2
Server Network
OFF
SN
2
Server Network
SS
1
Failover Link
SN
1
SS
1
Active Switch
Standby Switch
Standby Ports
AS
2
Server
Client Network
Failover Link
Client Network
AS
1
Standby Ports
Standby Switch
Client Network
SN
1
Server Ports
SS
2
Server Network
Client Network
SN
2
Server
NANOG L4 Switching
SS
2
Server Network
Server
DNS Redirection
NANOG L4 Switching
NANOG L4 Switching
Beyond Layer 4
NANOG L4 Switching
Conclusion
NANOG L4 Switching