Configuring an Oracle® Solaris 11.2 System as a Router or a Load Balancer

Exit Print View

 
Updated: September 2014
 
 

Configuring ILB Rules

This section describes how you can use the ilbadm command to create, delete, and list the load-balancing rules.

ILB Algorithms

ILB algorithms control traffic distribution and provide various characteristics for load distribution and server selection.

    ILB provides the following algorithms for the two modes of operation:

  • Round-robin – In a round-robin algorithm, the load balancer assigns the requests to a server group on a rotating basis. After a server is assigned a request, the server is moved to the end of the list.

  • src-IP hash – In the source IP hash method, the load balancer selects a server based on the hash value of the source IP address of the incoming request.

  • src-IP, port hash – In the source IP, port hash method, the load balancer selects a server based on the hash value of the source IP address and the source port of the incoming request.

  • src-IP, VIP hash – In the source IP, VIP hash method, the load balancer selects a server based on the hash value of the source IP address and the destination IP address of the incoming request.

Creating an ILB Rule

    In ILB, a virtual service is represented by a load-balancing rule and is defined by the following parameters:

  • Virtual IP address

  • Transport protocol: TCP or UDP

  • Port number (or a port range)

  • Load-balancing algorithm

  • Load-balancing mode (DSR, full-NAT, or half-NAT)

  • Server group consisting of a set of back-end servers

  • Optional server health checks that can be executed for each server in the server group

  • Optional port to use for health checks

    Note -  You can specify health checks on a particular port or on any port that the ilbd daemon randomly selects from the port range for the server.

  • Rule name to represent a virtual service

Before you can create a rule, you must do the following:

  • Create a server group that includes the appropriate back-end servers. For information, see Defining Server Groups and Back-End Servers in ILB.

  • Create a health check to associate the server health check with the rule. For information, see Creating a Health Check.

  • Identify the VIP, port, and optional protocol that are to be associated with the rule.

  • Identify the operation you want to use (DSR, half-NAT, or full-NAT).

  • Identify the load-balancing algorithm to be used. For more information, see ILB Algorithms.

You create an ILB rule by using the ilbadm create-rule command. For more information about using the ilbadm create-rule command, see the ilbadm (1M) man page.

The syntax is as follows:

# ilbadm create-rule -e -i vip=IPaddr,port=port,protocol=protocol \
-m lbalg=lb-algorithm,type=topology-type,proxy-src=IPaddr1-IPaddr2,\
pmask=value -h hc-name=hc1-o servergroup=sg rule1
Note -  The -e option enables the rule that is being created, which would otherwise be disabled by default.
Example 6-4  Creating a Full-NAT Rule With Health Check Session Persistence

This example creates a health check called hc1 and a server group called sg1. The server group consists of two servers, each with a range of ports. The last command creates and enables a rule called rule1 and associates the rule to the server group and the health check. This rule implements the full-NAT mode of operation. Note that the creation of the server group and health check must precede the creation of the rule.

# ilbadm create-healthcheck -h hc-test=tcp,hc-timeout=2,\
hc-count=3,hc-interval=10 hc1
# ilbadm create-servergroup -s server=192.168.0.10:6000-6009,192.168.0.11:7000-7009 sg1
# ilbadm create-rule -e -p -i vip=10.0.0.10,port=5000-5009,\
protocol=tcp -m lbalg=rr,type=NAT,proxy-src=192.168.0.101-192.168.0.104,pmask=24 \
-h hc-name=hc1 -o servergroup=sg1 rule1

When you create persistent mapping, subsequent requests for connections, packets, or both, to a virtual service with a matching source IP address of the client are forwarded to the same back-end server. The prefix length in Classless Inter-Domain Routing (CIDR) notation is a value between 0-32 for IPv4 and 0-128 for IPv6.

When creating a half-NAT or a full-NAT rule, specify the value for the connection-drain timeout. The default value of conn-drain timeout is 0, which means that connection draining keeps waiting until a connection is gracefully shut down.

Listing ILB Rules

To list the configuration details of a rule, issue the following command. If no rule name is specified, information is provided for all rules.

# ilbadm show-rule
RULENAME        STATUS   LBALG           TYPE    PROTOCOL VIP           PORT
rule-http       E        hash-ip-port    NAT     TCP      10.0.0.1      80
rule-dns        D        hash-ip         NAT     UDP      10.0.0.1      53
rule-abc        D        roundrobin      NAT     TCP      2001:db8::1   1024
rule-xyz        E        ip-vip          NAT     TCP      2001:db8::1   2048-2050

Deleting an ILB Rule

You use the ilbadm delete-rule command to delete a rule. Add the -a option to delete all rules. The following example deletes the rule called rule1. 

# ilbadm delete-rule rule1
Copyright © 2011, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next