Skip Navigation Links | |
Exit Print View | |
System Administration Guide: IP Services Oracle Solaris 11 Express 11/10 |
1. Planning an IPv4 Addressing Scheme (Tasks)
2. Planning an IPv6 Addressing Scheme (Overview)
3. Planning an IPv6 Network (Tasks)
4. Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)
5. Enabling IPv6 on a Network (Tasks)
6. Administering a TCP/IP Network (Tasks)
8. Troubleshooting Network Problems (Tasks)
9. TCP/IP and IPv4 in Depth (Reference)
12. Planning for DHCP Service (Tasks)
13. Configuring the DHCP Service (Tasks)
14. Administering DHCP (Tasks)
15. Configuring and Administering the DHCP Client
16. Troubleshooting DHCP (Reference)
17. DHCP Commands and Files (Reference)
18. IP Security Architecture (Overview)
20. IP Security Architecture (Reference)
21. Internet Key Exchange (Overview)
23. Internet Key Exchange (Reference)
24. IP Filter in Oracle Solaris (Overview)
Part IV Networking Performance
26. Integrated Load Balancer Overview
ILB and the Service Management Facility
27. Configuration of Integrated Load Balancer Tasks
28. Virtual Router Redundancy Protocol (Overview)
29. VRRP Configuration (Tasks)
30. Implementing Congestion Control
Part V IP Quality of Service (IPQoS)
31. Introducing IPQoS (Overview)
32. Planning for an IPQoS-Enabled Network (Tasks)
33. Creating the IPQoS Configuration File (Tasks)
34. Starting and Maintaining IPQoS (Tasks)
35. Using Flow Accounting and Statistics Gathering (Tasks)
This section describes some terms that are useful to know when implementing ILB on your systems.
connection drainingA mechanism that provides the capability to prevent new connections to a server that is administratively disabled. This feature is useful for shutting down the servers without disrupting the active connections or sessions. The already existing connections to the server will work normally. After the server is ready to handle the requests, it can be administratively enabled again and the load balancer will forward the new connections to it. ILB provides this capability only for the servers with NAT-based virtual services.
Refers to load-balancing incoming requests to the back-end servers and letting the return traffic from the servers bypass the load balancer by sending them directly to the client. ILB's current implementation of DSR does not provide TCP connection tracking (meaning that it is stateless).
Advantages:
Better performance than NAT because only the destination MAC address of packets is changed and servers respond directly to clients.
Full transparency: The servers see a connection directly from the client IP address and reply to the client through the default gateway.
Disadvantages:
The back-end server must respond to both its own IP address (for health checks) and the virtual IP address (for load balanced traffic).
Because the load balancer maintains no connection state (meaning that it is stateless), adding or removing servers will cause connection disruption.
The algorithm that ILB uses to select a back-end server from a server group for an incoming request.
In ILB, a virtual service is represented by a load-balancing rule and is defined by the following parameters:
Virtual IP address
Transport protocol: TCP or UDP
Port number (or a port range)
Load-balancing algorithm
Type of load-balancing mode (DSR, full-NAT, or half-NAT)
Server group consisting of a set of back-end servers
Optional server health checks that can be executed for each server in the server group
Optional port to use for health checks
Note - You can specify health checks on a particular port or on any port that the ilbd daemon randomly selects from the port range for the server.
Rule name to represent a virtual service
Involves rewriting the IP header information, and handles both the request and the response traffic. There are two types of NAT: half-NAT and full-NAT. Both types rewrite the destination IP address. However, full-NAT also rewrites the source IP address, making it appear to the server that all connections are originating from the load balancer. NAT does provide TCP connection tracking (meaning that it is stateful).
Advantages:
Works with all back-end servers by changing the default gateway to point to the load balancer.
Because the load balancer maintains the connection state, adding or removing servers without connection disruption is possible.
Disadvantages:
Slower performance than DSR because processing involves manipulation of the IP header and servers send responses to the load balancer.
All the back-end servers must use the load balancer as a default gateway.
In the context of ILB, a persistent configuration is a configuration (that is, a set of load-balancing rules) that persists across reboots and package updates.
The range of IP addresses that can act as proxies. The range is limited to 10 IP addresses. The proxy source is required only when you have the full NAT implementation.
Consists of a number of packets that come from the same client during a time period, which might have some meaning as a whole.
Allows all packets from a client to be sent to the same back-end server. Also known as stickiness. You can setup simple session persistence (that is, source address persistence) for a virtual service by specifying the options pmask=prefix length and persist-timeout=value in seconds. After session persistence is established between a client and a server, all packets from the client to the virtual service are forwarded to the same back-end server as long as the persistence exists. The prefix length in CIDR notation is a value between 0–32 for IPv4 and 0–128 for IPv6.
Consists of zero or more back-end servers and must contain at least one server when it is used for a virtual service. For example, if you want to load balance HTTP requests, you must configure ILB with a server group consisting of one or more back-end servers. ILB will balance the HTTP traffic across the configured set of servers.
A unique name for the IP address that is assigned by the system when the server is added to a server group.
The IP address for a virtual service.
A service that the clients see as VIP:port. For example: www.foo.com:80. Although the service is being handled by a server group potentially consisting of more than one server, the server group appears to clients of the virtual service as a single IP address:port. A single server can be included in more than one server group and hence can serve multiple virtual services. Also, a single server group can service multiple virtual services.