JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: IP Services     Oracle Solaris 11 Express 11/10
search filter icon
search icon

Document Information

Preface

Part I TCP/IP Administration

1.  Planning an IPv4 Addressing Scheme (Tasks)

2.  Planning an IPv6 Addressing Scheme (Overview)

3.  Planning an IPv6 Network (Tasks)

4.  Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)

5.  Enabling IPv6 on a Network (Tasks)

6.  Administering a TCP/IP Network (Tasks)

7.  Configuring IP Tunnels

8.  Troubleshooting Network Problems (Tasks)

9.  TCP/IP and IPv4 in Depth (Reference)

10.  IPv6 in Depth (Reference)

Part II DHCP

11.  About DHCP (Overview)

12.  Planning for DHCP Service (Tasks)

13.  Configuring the DHCP Service (Tasks)

14.  Administering DHCP (Tasks)

15.  Configuring and Administering the DHCP Client

16.  Troubleshooting DHCP (Reference)

17.  DHCP Commands and Files (Reference)

Part III IP Security

18.  IP Security Architecture (Overview)

19.  Configuring IPsec (Tasks)

20.  IP Security Architecture (Reference)

21.  Internet Key Exchange (Overview)

22.  Configuring IKE (Tasks)

23.  Internet Key Exchange (Reference)

24.  IP Filter in Oracle Solaris (Overview)

25.   IP Filter (Tasks)

Part IV Networking Performance

26.  Integrated Load Balancer Overview

27.  Configuration of Integrated Load Balancer Tasks

Installing the Integrated Load Balancer

Enabling and Disabling ILB

How to Enable ILB

How to Disable ILB

Configuring ILB

DSR, Full-NAT, and Half-NAT Topologies

Half-NAT Load-Balancing Topology

Full-NAT Load-Balancing Topology

ILB High-Availability Configuration (Active-Passive Mode Only)

ILB HA Configuration Using the DSR Topology

How to Configure ILB to Achieve High-Availability by Using the DSR Topology

ILB High-Availability Configuration by Using the Half-NAT Topology

How to Configure ILB to Achieve High-Availability by Using the Half-NAT Topology

Setting Up User Authorization for ILB Configuration Subcommands

Administering ILB Server Groups

How to Create a Server Group

How to Delete a Server Group

Displaying a Server Group

Administering Back-End Servers in ILB

How to Add a Back-End Server to a Server Group

How to Remove a Back-End Server From a Server Group

How to Re-enable or Disable a Back-End Server

Administering Health Checks in ILB

Creating a Health Check

User-Supplied Test Details

Deleting a Health Check

Listing Health Checks

Displaying Health Check Results

Administering ILB Rules

How to Create a Rule

Deleting a Rule

Listing Rules

Displaying ILB Statistics

Obtaining Statistical Information Using the show-statistics Subcommand

Displaying the NAT Connection Table

Displaying the Session Persistence Mapping Table

Using Import and Export Subcommands

28.  Virtual Router Redundancy Protocol (Overview)

29.  VRRP Configuration (Tasks)

30.  Implementing Congestion Control

Part V IP Quality of Service (IPQoS)

31.  Introducing IPQoS (Overview)

32.  Planning for an IPQoS-Enabled Network (Tasks)

33.  Creating the IPQoS Configuration File (Tasks)

34.  Starting and Maintaining IPQoS (Tasks)

35.  Using Flow Accounting and Statistics Gathering (Tasks)

36.  IPQoS in Detail (Reference)

Glossary

Index

ILB High-Availability Configuration (Active-Passive Mode Only)

This section describes the high availability configuration of ILB using the DSR, half-NAT, and full-NAT topologies.

ILB HA Configuration Using the DSR Topology

This section describes how to set up the ILB connections to achieve high availability (HA) by using the DSR topology. You need to set up two load balancers, one as the primary load balancer and the other as the standby load balancer. If the primary load balancer fails, the standby load balancer assumes the role of the primary load balancer.

The following figure shows the DSR topology for configuring the ILB connections to achieve HA.

ILB HA configuration using DSR Topology

How to Configure ILB to Achieve High-Availability by Using the DSR Topology

  1. Configure both the primary and standby load balancers by using the following load balancer commands:
    # ilbadm create-servergroup -s server=10.0.0.1,10.0.0.2 sg1
    # ilbadm create-rule -i vip=81.0.0.3,port=9001 \
    -m lbalg=hash-ip-port,type=DSR -o servergroup=sg1 rule1
  2. Make sure that all server have VIP configured on their lo0 interface.
    Server1# ipadm create-addr -T static -d -a 81.0.0.3/24 lo0/server1
    Server2# ipadm create-addr -T static -d -a 81.0.0.3/24 lo0/server2
  3. Configure Load Balancer 1 to serve as the primary load balancer.
    LB1# dladm create-vnic -m vrrp -V 1 -A inet -l eth0 vnic1
    LB1# vrrpadm create-router -V 1 -A inet -l eth0 -p 255 vrrp1  
    LB1# ipadm create-addr -T static -d -a 81.0.0.3/24 vnicl/lb1
  4. Configure Load Balancer 2 to act as the stand by load balancer.
    LB2# dladm create-vnic -m vrrp -V 1 -A inet -l eth0 vnic1
    LB2# vrrpadm create-router -V 1 -A inet -l eth0 -p 100 vrrp1
    LB2# ipadm create-addr -T static -d -a 81.0.0.3/24 vincl/lb2

    The preceding configuration provides protection against the following failure scenarios:

    • If Load Balancer 1 fails, Load Balancer 2 becomes the primary, takes over address resolution for the VIP 81.0.0.3, and handles all the packets from clients with the destination IP address 81.0.0.3.

      When Load Balancer 1 recovers, Load Balancer 2 returns to the standby mode.

    • If one or both of the Load Balancer 1's interfaces fails, Load Balancer 2 takes over as the primary. Thus, the Load Balancer 2 takes over address resolution for VIP 81.0.0.3 and handles all the packets from clients with the destination IP address 81.0.0.3.

      When both of Load Balancer 1's interfaces are healthy, Load Balancer 2 returns to the standby mode.

ILB High-Availability Configuration by Using the Half-NAT Topology

This section describes how to set up the ILB connections to achieve HA by using the half-NAT topology. You need to set up two load balancers, one as the primary and the other as the stand by. If the primary load balancer fails, the standby load balancer assumes the role of the primary load balancer.

The following figure shows the half-NAT topology for configuring the ILB connections to achieve HA.

ILB HA Configuration using Half-NAT Topology

How to Configure ILB to Achieve High-Availability by Using the Half-NAT Topology

  1. Configure both the primary and standby load balancers.
    # ilbadm create servergroup -s server=10.0.0.1,10.0.0.2 sg1
    # ilbadm create-rule -ep -i vip=81.0.0.3,port=9001-9006,protocol=udp \ -m lbalg=roundrobin,type=HALF-NAT,pmask=24 \ -h hc-name=hc1,hc-port=9006 \ -t conn-drain=70,nat-timeout=70,persist-timeout=70 -o servergroup=sg1 rule1
  2. Configure Load Balancer 1 to serve as the primary load balancer.
    LB1# dladm create-vnic -m vrrp -V 1 -A inet -l eth0 vnic1
    LB1# ipadm create-addr -T static -d -a 81.0.0.3/24 vnic1/lb1
    LB1# vrrpadm create-router -V 1 -A inet -l eth0 -p 255 vrrp1
    LB1# dladm create-vnic -m vrrp -V 2 -A inet -l eth1 vnic2
    LB1# ipadm create-addr -T static -d -a 10.0.0.3/24 vnic2/lb1
    LB1# vrrpadm create-router -V 2 -A inet -l eth1 -p 255 vrrp2
  3. Configure the Load Balancer 2 to serve as the stand by load balancer.
    LB2# dladm create-vnic -m vrrp -V 1 -A inet -l eth0 vnic1
    LB2# ipadm create-addr -T static -d -a 81.0.0.3/24 vnic1/lb2
    LB2# vrrpadm create-router -V 1 -A inet -l eth0 -p 100 vrrp1
    LB2# dladm create-vnic -m vrrp -V 2 -A inet -l eth1 vnic2
    LB2# ipadm create-addr -T static -d -a 10.0.0.3/24 vnic2/lb2
    LB2# vrrpadm create-router -V 2 -A inet -l eth1 -p 100 vrrp2
  4. Add the IP address for the floating default gateway to both servers.
    # route add net 192.168.6.0/24 10.0.0.3

    The preceding configuration provides protection against the following failure scenarios:

    • If Load Balancer 1 fails, Load Balancer 2 will become the primary and take over address resolution for the VIP 81.0.0.3 and handle all the packets from clients with the destination IP address 81.0.0.3. It should also handle all the packets that are sent to the floating gateway address 10.0.0.3.

      When Load Balancer 1 recovers, Load Balancer 2 will return to the standby mode.

    • If one or both of Load Balancer 1's interfaces fails, Load Balancer 2 will take over as primary. Thus Load Balancer 2 takes over address resolution for VIP 81.0.0.3 and handles all packets from clients with the destination IP address 81.0.0.3. It should also handle all the packets destined to the floating gateway address 10.0.0.3.

      When both Load Balancer 1's interfaces are healthy, Load Balancer 2 returns to the standby mode.


    Note - The current implementation of ILB does not synchronize primary and standby load balancers. When the primary load balancer fails and the standby load balancer takes over, the existing connections will fail. However, HA without synchronization is still valuable under circumstances when the primary load balancer fails.