IPv4 Load Balancing

This chapter describes load balancing of traffic based solely on transport protocol (TCP, UDP, or others such as ICMP), without the need to specify the protocol port numbers to be load balanced.

The following topics are covered:

     Overview of IPv4 Load Balancing

     Configure IPv4 Load Balancing

Overview of IPv4 Load Balancing

IP protocol load balancing enables you to easily load balance traffic based solely on whether the traffic is TCP, UDP, or others such as ICMP (not UDP or TCP), without the need to specify the protocol port numbers to be load balanced.

You can combine IP protocol load balancing with other load balancing configurations. For example, you can use IP protocol load balancing along with HTTP load balancing. In this case, HTTP traffic to the VIP HTTP port number is load balanced sepa­rately from traffic to other port numbers.

Figure 41 shows a hypothetical example of an IP protocol load balancing deployment.

NOTE:                               For a real-world example, see the following document: A10 Microsoft Exchange Server 2010 Deployment Guide. This deployment guide is available for download from the A10 Networks website.

FIGURE 41         IP Protocol Load Balancing

IP-protocol-LB.png

 

This example uses separate service groups for each of the following types of traffic:

     HTTP traffic addressed to TCP port 80 is sent to service group http-grp.

     All TCP traffic addressed to any TCP port except port 80 is sent to service group tcp-grp.

     All UDP traffic, addressed to any UDP port, is sent to service group udp-grp.

     All other traffic (all non TCP/UDP traffic) is sent to service group others-grp.

Although this example shows separate service groups for each type of traffic, you can use the same service group for multi­ple traffic types.

In IP protocol load-balancing configurations, port 0 (zero) is used as a wildcard port and matches on any port number. In configurations where some protocol port numbers are explicitly specified, SLB for those ports takes precedence over SLB for the wildcard port (0). In the example above, the service group configured for TCP port 80 is always used for client requests addressed to that port, instead of a service group configured for the wildcard port.

NOTE:                               Health checking does not apply to the wildcard port. When you configure IP protocol load balancing, make sure to disable health checking of port 0. If you leave health checking enabled, the port will be marked down and the client’s request therefore will not be serviced.

SLB NAT

For client request traffic to which IP protocol load balancing applies, the ACOS device translates only the destination IP address, not the protocol port number. ACOS translates the destination IP address in the request from the VIP address to a real server’s IP address. ACOS then sends the request to the same protocol port number as the one requested by the client. (Likewise, the ACOS device does not translate the port number to “0”.)

In configurations where some protocol port numbers are explicitly specified, auto port translation is still supported for the explicitly specified port numbers. In the example above, SLB NAT can translate TCP port 80 into another TCP port number if required by the configuration.

Template Support

For TCP or UDP, a TCP or UDP template is applied, as in other types of SLB. Optionally, you also can use a source-IP persistence template.

For non-TCP/UDP traffic, the TCP template is used.

Direct Server Return

For either of the following types of applications, IP protocol load balancing is supported only when Direct Server Return (DSR) is enabled on the virtual port.

     Application Layer Gateway (ALG) applications, such as FTP. For an ALG application, either enable DSR or configure SLB explicitly for the ALG service port.

     Any application that requires inspection of any part of the client request packet other than the destination IP address

NOTE:                               In the CLI, DSR is enabled by the no-dest-nat command.

Comparison of IP Protocol Load Balancing to Layer 4 TCP/UDP Load Balancing

IP protocol load balancing is similar to Layer 4 load balancing, except IP protocol load balancing enables you to load balance non-TCP/UDP traffic. Layer 4 load balancing applies only to TCP or UDP traffic. In addition, IP protocol load balancing uses a wildcard port number that matches on any TCP port, UDP port, or any non-TCP/UDP port, depending on the configuration. Layer 4 load balancing requires you to explicitly specify the protocol port numbers to load balance.

Configure IPv4 Load Balancing

To configure IP protocol load balancing:

1.     Configure the real servers. For each real server that will service requests to IP protocol load-balanced traffic, add service port 0 (the wildcard port).

Disable health checking of port 0. Health checking does not apply to the wildcard port.

2.     Configure the service group(s). To add members (real servers) for traffic to which IP protocol load balancing will apply, specify 0 as the protocol port for the member.

3.     Configure the virtual server. Bind virtual port 0 to the service group(s) that have members for port 0. Specify one of the following as the service type:

     TCP

     UDP

     Others

NOTE:                               For load balancing of non-TCP/UDP traffic such as ICMP, you can specify TCP or UDP as the transport protocol, in the configurations of the real server ports and service groups. If the port number is 0 and the service type on the virtual port is “others”, the ACOS device will load balance the traffic as non-TCP/UDP traffic.

Use the GUI to Configure IPv4 Load Balancing

Configuration of IP protocol SLB is similar to configuration of TCP/UDP SLB, with the following differences.

1.     In the real server Port section (ADC > SLB > Servers > Port), enter 0 in the Port field.

2.     In the Service Groups section (ADC > SLB > Service Groups > Member > Port), enter 0 as the port number.

3.     In the Virtual Port section (ADC > SLB > Virtual Servers > Virtual Port), select TCP, UDP, or Others from the Protocol drop-down list.

Using the CLI to Configure IPv4 Load Balancing

The following commands configure the real servers shown in FIGURE 41   .

For simplicity, the example assumes that only the default TCP health check is used for port 80. Health checking does not apply to the wildcard port number and is therefore disabled. Health checking of other, explicitly specified port numbers is still supported as in previous releases.

ACOS(config)#slb server rs1 10.10.10.21

ACOS(config-real server)#port 80 tcp

ACOS(config-real server)#exit

ACOS(config)#slb server rs2 10.10.10.22

ACOS(config-real server)#port 80 tcp

ACOS(config-real server)#exit

ACOS(config)#slb server rs3 10.10.20.21

ACOS(config-real server)#port 0 tcp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

ACOS(config)#slb server rs4 10.10.20.22

ACOS(config-real server)#port 0 tcp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

ACOS(config)#slb server rs5 10.10.30.21

ACOS(config-real server)#port 0 udp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

ACOS(config)#slb server rs6 10.10.30.22

ACOS(config-real server)#port 0 udp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

ACOS(config)#slb server rs7 10.10.40.21

ACOS(config-real server)#port 0 tcp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

ACOS(config)#slb server rs8 10.10.40.22

ACOS(config-real server)#port 0 tcp

ACOS(config-real server)#no health-check

ACOS(config-real server)#exit

The following commands configure the service groups.

ACOS(config)#slb service-group http-grp tcp

ACOS(config-slb svc group)#member rs1 80

ACOS(config-slb svc group-member:80)#member rs2 80

ACOS(config-slb svc group-member:80)#exit

ACOS(config-slb svc group)#exit

ACOS(config)#slb service-group tcp-grp tcp

ACOS(config-slb svc group)#member rs3 0

ACOS(config-slb svc group-member:0)#member rs4 0

ACOS(config-slb svc group-member:0)#exit

ACOS(config-slb svc group)#exit

ACOS(config)#slb service-group udp-grp udp

ACOS(config-slb svc group)#member rs5 0

ACOS(config-slb svc group-member:0)#member rs6 0

ACOS(config-slb svc group-member:0)#exit

ACOS(config-slb svc group)#exit

ACOS(config)#slb service-group others-grp tcp

ACOS(config-slb svc group)#member rs7 0

ACOS(config-slb svc group-member:0)#member rs8 0

ACOS(config-slb svc group-member:0)#exit

ACOS(config-slb svc group)#exit

 

The following commands configure the virtual server.

ACOS(config)#slb virtual-server vip1 192.168.2.1

ACOS(config-slb vserver)#port 80 tcp

ACOS(config-slb vserver-vport)#service-group http-grp

ACOS(config-slb vserver-vport)#exit

ACOS(config-slb vserver)#port 0 tcp

ACOS(config-slb vserver-vport)#service-group tcp-grp

ACOS(config-slb vserver-vport)#exit

ACOS(config-slb vserver)#port 0 udp

ACOS(config-slb vserver-vport)#service-group udp-grp

ACOS(config-slb vserver-vport)#exit

ACOS(config-slb vserver)#port 0 others

ACOS(config-slb vserver-vport)#service-group tcp-others

 

To display configuration information and statistics, you can use the same show commands used for other types of SLB:

show slb virtual

show slb server

show slb service-group

show session

 

Table of Contents

Index

Glossary

-Search-

Back