Chapter 3 Stateless Server Load Balancing - Brocade
Chapter 3 Stateless Server Load Balancing - Brocade
Chapter 3 Stateless Server Load Balancing - Brocade
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Chapter</strong> 3<br />
<strong>Stateless</strong> <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong><br />
This chapter describes <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong> configuration options that are “stateless”. <strong>Stateless</strong> SLB does not<br />
use session table entries for the TCP and UDP sessions between the <strong>Server</strong>Iron ADX and clients or real servers.<br />
These configuration options are useful if you want to deploy multiple <strong>Server</strong>Iron ADXs to provide service for the<br />
same VIPs or applications but the network topology cannot ensure that server responses will pass back through<br />
the <strong>Server</strong>Iron ADX.<br />
NOTE: The Direct <strong>Server</strong> Return (DSR) feature allows you to deploy a single <strong>Server</strong>Iron ADX in a network where<br />
the server responses do not pass back through the <strong>Server</strong>Iron ADX. Compare the configuration example for<br />
SwitchBack with the examples in this chapter to determine which type of configuration is applicable to your<br />
network. See “DSR” on page 2-146.<br />
NOTE: <strong>Server</strong>Iron ADX does not support <strong>Stateless</strong> SLB with aliased ports, such as shown in the following<br />
configuration:<br />
server virtual-name-or-ip v3 10.176.7.23<br />
port dns<br />
port dns stateless<br />
bind dns rs1 7777 real-port dns<br />
<strong>Stateless</strong> TCP/UDP Ports<br />
You can configure a TCP application port to be “stateless”. When an application port is stateless, the <strong>Server</strong>Iron<br />
ADX does not create session table entries for the port. Configuring an application port to be stateless provides<br />
the following benefits:<br />
• The server responses for the application can use alternate paths back to the client. For example, the<br />
<strong>Server</strong>Iron ADX and real servers can be connected through a network that provides multiple return paths to<br />
the client. Since the port is stateless, the <strong>Server</strong>Iron ADX does not assume that the application is unhealthy if<br />
the server’s response does not flow back through the <strong>Server</strong>Iron ADX.<br />
• The <strong>Server</strong>Iron ADX has more session resources available for application ports that need them. For example,<br />
if your server farm provides non-secure web content in addition to secured transaction processing using SSL,<br />
you can use the <strong>Server</strong>Iron ADX to maintain state information for the SSL connections while allowing the<br />
HTTP (web) connections to be stateless. The SSL connections flow back through the <strong>Server</strong>Iron ADX but the<br />
HTTP connections use any available path as determined by a real server’s gateway and other routers back to<br />
the client.<br />
June 2009 © 2009 <strong>Brocade</strong> Communications Systems, Inc. 3 - 1
<strong>Server</strong>Iron ADX <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong> Guide<br />
NOTE: The SwitchBack feature also allows server responses to take paths that do not pass back through the<br />
<strong>Server</strong>Iron ADX. However, SwitchBack still uses session table resources because the <strong>Server</strong>Iron ADX creates a<br />
session table entry for the connection from the client to the real server.<br />
NOTE: <strong>Server</strong>Iron software currently supports stateless TCP/UDP only for stateless application protocols such<br />
as HTTP (TCP port 80).<br />
How the <strong>Server</strong>Iron ADX Selects a Real <strong>Server</strong> for a <strong>Stateless</strong><br />
Port<br />
The <strong>Server</strong>Iron ADX does not use the standard SLB load-balancing methods when selecting a real server for a<br />
stateless application port. Instead, the <strong>Server</strong>Iron ADX uses hash values to select a real server. The <strong>Server</strong>Iron<br />
ADX calculates the hash value for a given client request based on the request’s source IP address and source<br />
TCP/UDP port.<br />
The <strong>Server</strong>Iron ADX has up to 8192 hash buckets (the default is 256) and divides the number of buckets evenly<br />
among the real servers. When the <strong>Server</strong>Iron ADX forwards a client’s request for a stateless application port to<br />
the real server that corresponds to the calculated hash value, the <strong>Server</strong>Iron ADX does not change the source<br />
address of the client’s request, but does change the destination address from the requested VIP into the real<br />
server’s IP address.<br />
For example, when a <strong>Server</strong>Iron ADX receives a request for TCP port 80 (HTTP) on VIP (192.168.4.69) from<br />
client 209.161.1.88, the <strong>Server</strong>Iron ADX calculates a hash value based on 209.161.1.88 and 80, then forwards the<br />
request to the real server that has the calculated hash value. The request packet is in the following format:<br />
• Source IP: client’s IP address<br />
• Source application port: port number selected by client’s application<br />
• Destination IP: real server’s IP<br />
• Destination application port: port number requested by client<br />
If client 209.161.1.88’s Web browser sent the request from TCP port 8080, and the <strong>Server</strong>Iron ADX’s hash<br />
calculation resulted in selection of real server 10.10.10.2, the packet would have the following address values:<br />
• Source IP: 209.161.1.88<br />
• Source application port: 8080<br />
• Destination IP: real server’s IP 10.10.10.2<br />
• Destination application port: 80<br />
Since the client’s request contains the client’s IP address and application port, the real server can send the packet<br />
back to the client by any valid routing path. The request does not need to pass back through the <strong>Server</strong>Iron ADX<br />
that forwarded the request. In fact, the <strong>Server</strong>Iron ADX that forwards the requests to the transparent VIP does not<br />
create session table entries for the requests.<br />
Since the <strong>Server</strong>Iron ADX does not maintain state information for the requests for the stateless application port,<br />
the <strong>Server</strong>Iron ADX does not care whether the server response for a stateless port passes back through the<br />
<strong>Server</strong>Iron ADX on the way to the client. For a normally configured VIP, the server’s response passes back though<br />
the <strong>Server</strong>Iron ADX. For a transparent VIP, the response does not necessarily pass back through the <strong>Server</strong>Iron<br />
ADX.<br />
NOTE: Since the <strong>Server</strong>Iron ADX does not create session table entries for requests to the stateless application<br />
port, you cannot use <strong>Server</strong>Iron ADX features that use information in the session table. For example, you cannot<br />
use source NAT, port translation, and so on.<br />
3 - 2 © 2009 <strong>Brocade</strong> Communications Systems, Inc. June 2009
Configuring the <strong>Stateless</strong> Hash Table Size<br />
You can configure the size of the stateless hash table as shown in the following:<br />
<strong>Server</strong>Iron(config)#server real R1 10.10.10.1<br />
<strong>Server</strong>Iron(config-rs-R1)#server stateless-hash-table-size 1024<br />
Syntax: [no] server stateless-hash-table-size <br />
<strong>Stateless</strong> <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong><br />
The variable can be set to any of the following values: 256, 512, 1024, 2048, 4096, or 8192.<br />
The default value is 256.<br />
Configuring a <strong>Stateless</strong> Application Port<br />
To configure an application port to be stateless, enable the stateless parameter on the port in the virtual server.<br />
Here is an example:<br />
<strong>Server</strong>Iron(config)#server real R1 10.10.10.1<br />
<strong>Server</strong>Iron(config-rs-R1)#port http<br />
<strong>Server</strong>Iron(config-rs-R1)#exit<br />
<strong>Server</strong>Iron(config)#server real R2 10.10.11.1<br />
<strong>Server</strong>Iron(config-rs-R2)#port http<br />
<strong>Server</strong>Iron(config-rs-R2)#exit<br />
<strong>Server</strong>Iron(config)#server virtual-name-or-ip <strong>Stateless</strong>HTTP 192.168.4.69<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>HTTP)#port http stateless<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>HTTP)#bind http R1 http<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>HTTP)#bind http R2 http<br />
Syntax: [no] port stateless<br />
The parameter specifies the application port you want to make stateless.<br />
Disabling the <strong>Stateless</strong> SLB Hashing Algorithm for UDP Ports<br />
By default, stateless SLB uses a hashing algorithm to select a real server. The <strong>Server</strong>Iron ADX calculates a hash<br />
value for a given client request based on the request’s source IP address and source TCP/UDP port. The request<br />
is sent to a real server corresponding to this hash value.<br />
For UDP connections consisting of one client packet and one server response packet, you can disable the<br />
stateless SLB hashing algorithm. When the stateless SLB hashing algorithm is disabled for UDP ports, the<br />
<strong>Server</strong>Iron ADX uses the round-robin load balancing method to select a real server for the request. In this case,<br />
the <strong>Server</strong>Iron ADX load balances UDP packets destined for the VIP without creating a session and without<br />
calculating hash values based on UDP port number and source IP address.<br />
DNS is an example of a UDP port where this feature can be used. The advantage of disabling the stateless SLB<br />
hashing algorithm is that a new real server can be selected immediately after it is brought up.<br />
For example, to disable the stateless SLB hashing algorithm for the DNS port (UDP port 53), enter commands<br />
such as the following:<br />
<strong>Server</strong>Iron(config)# server virtual-name-or-ip <strong>Stateless</strong> 192.168.4.69<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>)# port dns stateless no-hash<br />
Syntax: [no] port stateless no-hash<br />
Configuring a Port To Be Both <strong>Stateless</strong> and Stateful<br />
You can use the stateless option when configuring an application port on a virtual server to make that port<br />
stateless. By default, the port is stateless for both TCP and UDP. You can specify the protocol for which you want<br />
the port to be stateless. For example, you can configure port DNS to be stateless for TCP while remaining stateful<br />
for UDP, by entering commands such as the following:<br />
<strong>Server</strong>Iron(config)# server real R1 10.10.10.1<br />
<strong>Server</strong>Iron(config-rs-R1)# port http<br />
<strong>Server</strong>Iron(config-rs-R1)# exit<br />
June 2009 © 2009 <strong>Brocade</strong> Communications Systems, Inc. 3 - 3
<strong>Server</strong>Iron ADX <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong> Guide<br />
<strong>Server</strong>Iron(config)# server real R2 10.10.11.1<br />
<strong>Server</strong>Iron(config-rs-R2)# port http<br />
<strong>Server</strong>Iron(config-rs-R2)# exit<br />
<strong>Server</strong>Iron(config)# server virtual-name-or-ip <strong>Stateless</strong>DNS 192.168.4.69<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>DNS)# port dns stateless tcp<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>DNS)# bind dns R1 dns<br />
<strong>Server</strong>Iron(config-vs-<strong>Stateless</strong>DNS)# bind dns R2 dns<br />
Syntax: [no] port [stateless [tcp | udp] [no-hash]]<br />
The parameter specifies the application port you want to make stateless.<br />
The stateless parameter configures the port to be stateless.<br />
The tcp | udp parameter restricts stateless operation to the specified protocol (TCP or UDP).<br />
The no-hash parameter disables the SLB hashing mechanism for the port (and protocol, if specified). When<br />
hashing is disabled, the <strong>Server</strong>Iron uses the round-robin load balancing method to select a real server for each<br />
request.<br />
3 - 4 © 2009 <strong>Brocade</strong> Communications Systems, Inc. June 2009
<strong>Stateless</strong> <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong><br />
June 2009 © 2009 <strong>Brocade</strong> Communications Systems, Inc. 3 - 5
<strong>Server</strong>Iron ADX <strong>Server</strong> <strong>Load</strong> <strong>Balancing</strong> Guide<br />
3 - 6 © 2009 <strong>Brocade</strong> Communications Systems, Inc. June 2009