Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000004707612 | TK5105.5 S95 2004 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Content switching technology optimizes resource allocation across networks and over the Internet, and is fast becoming a standard in enterprise and ISP networks. Optimizing Network Performance with Content Switching: Server, Firewall, and Cache Load Balancing, by topic experts Matthew Syme and Philip Goldie, provides detailed, example-rich coverage of the field, with material suited for both technical and nontechnical personnel.
Author Notes
Matthew Syme is a product specialist for the Alteon portfolio of Nortel Networks. After exposure to content switching in early 2000, he joined Alteon WebSystems. Matthew has over a decade of experience in networking, working on major infrastructure projects in South Africa, the United Kingdom, and Australia
Philip Goldie is a Product Specialist for the Alteon portfolio within Nortel Networks. Previously he was a systems engineer for Alteon WebSystems, one of the pioneers of content switching. In nearly a decade working in the networking industry, Philip has been a customer, a reseller, and a vendor
Excerpts
Excerpts
Preface There are not many books written about content switching and all the associated applications that make up this exciting technology. The reason for this we believe is twofold. First, content networking is a huge discipline with many different areas ranging from switching to caching and content routing, and this can often be seen as confusing. Second, there is a perceived shortage of skills in the marketplace. While content networking does cover many areas, they are all still inextricably linked with the existing technologies of today. They might have dedicated hardware, more feature-rich software, and allow for unconventional configurations, but ultimately they come back to existing technology with which we are all familiar. On the skills and understanding front there is no shortage or lack of knowledge. Content networking is merely an extension to those existing skills we have developed. Taking the time to dig deeper into the workings of a content switch and understanding how the applications work provides the foundation on which we can build our knowledge. Using our existing knowledge, however, is key to content networking. This book does not try to explain every aspect associated with content networking as a whole, but rather it covers what is called content switching and discusses the associated applications. The Audience and Purpose of This Book The purpose of this book is to eliminate the confusion and conflicting views about this expanding topic and ensure that the fundamental theory and technologies are presented in a clear and concise manner. This is done in a two-tier approach. Managers, sales personnel, and executive-level individuals who require an overall understanding of this new breed of networking will be able to get an introductory overview of the topics involved. This will provide them with insight into the benefits and pitfalls of each application; why the need for such things as Secure Sockets Layer (SSL) offload, firewall load balancing, Web cache redirection, and so forth is a definite requirement for technology scaling; and the ability to understand the concepts of a technology that is continually changing. In short, this book will provide the individual with the basics of content switching, allowing them to make informed decisions in their day-to-day tasks and allow the sales and marketing personnel the ability to better position and sell these products. For the engineering force, this book will provide a comprehensive explanation of the inner workings of content switching, allowing them to build on their Layer 2 and Layer 3 skills. A good understanding of Layer 2 and Layer 3 functionality will ensure that the individual benefits from the advanced topics in this book. These include TCP/IP flows and sessions, delayed binding, URL/URI parsing, cookie persistence, server health checking, and load-balancing metrics, among others. Any engineers exposed to these technologies will find that the material allows them to fully understand the core concepts and functionality behind the applications discussed, giving them a better understanding of what is happening "under the hood." Case Studies As we progress through this book we will discuss fictitious case studies that revolve around a company called Foocorp, Inc. Foocorp, Inc. is a typical large company. They have thousands of employees, located in the head office and also in remote branches. The employees need access to internal applications and systems. Foocorp has also extended its network to include access from its partners and customers over an extranet. Foocorp also has an online presence for e-commerce. We will explain the benefits, the design, and the issues faced by Foocorp Inc. Excerpted from Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing by Matthew Syme, Philip Goldie All rights reserved by the original copyright owners. Excerpts are provided for display purposes only and may not be reproduced, reprinted or distributed without the written permission of the publisher.Table of Contents
Preface | p. xvii |
Chapter 1 Introduction to Content Switching | p. 1 |
The Evolution of Layer 2 and Layer 3 Networks | p. 1 |
The Bigger, Faster Internet | p. 2 |
The Drive for Richer Content | p. 3 |
Solving the Problems with Content Switching | p. 4 |
The Pioneers | p. 7 |
Current Market Landscape | p. 10 |
Summary | p. 10 |
Chapter 2 Understanding Layer 2, 3, and 4 Protocols | p. 13 |
The OSI Seven Layer Model--What Is a Layer? | p. 13 |
The Application Layer (Layer 7) | p. 14 |
The Presentation Layer (Layer 6) | p. 14 |
The Session Layer (Layer 5) | p. 15 |
The Transport Layer (Layer 4) | p. 15 |
The Network Layer (Layer 3) | p. 15 |
The Data Link Layer (Layer 2) | p. 16 |
The Physical Layer (Layer 1) | p. 16 |
Putting All the Layers Together | p. 16 |
Switching at Different Layers | p. 19 |
Layer 2 Switching | p. 20 |
Layer 3 Switching and Routing | p. 20 |
Understanding Layer 4 Protocols | p. 21 |
Transport Control Protocol (TCP) | p. 23 |
The Lifecycle of a TCP Session | p. 24 |
User Datagram Protocol (UDP) | p. 29 |
A Simple UDP Data Flow | p. 30 |
Virtual Router Redundancy Protocol (VRRP) | p. 31 |
Layer 2 and 3 Redundancy | p. 32 |
The Components of VRRP | p. 33 |
VRRP Addressing | p. 34 |
VRRP Operation | p. 35 |
Summary | p. 36 |
Chapter 3 Understanding Application Layer Protocols | p. 37 |
HyperText Transfer Protocol (HTTP) | p. 37 |
Basic HTTP Page Retrieval | p. 38 |
HTTP Methods | p. 39 |
The HTTP URL | p. 40 |
Persistent Connections in HTTP | p. 40 |
Other HTTP Headers | p. 41 |
Cookies--The HTTP State Management Mechanism | p. 44 |
HTTP--Further Reading | p. 47 |
File Transfer Protocol (FTP) | p. 47 |
FTP Basics | p. 47 |
Active Mode FTP | p. 48 |
Passive Mode FTP | p. 48 |
FTP--Further Reading | p. 50 |
Real Time Streaming Protocol (RTSP) | p. 51 |
The Components of RTSP Delivery | p. 51 |
RTSP Operation | p. 52 |
Other Options for Data Delivery | p. 55 |
RTSP and RTP--Further Reading | p. 58 |
Secure Sockets Layer (SSL) | p. 58 |
The Need for Application Security | p. 58 |
Fitting SSL into the Seven Layer Model | p. 60 |
Encryption and Cryptography | p. 60 |
SSL in Action | p. 68 |
SSL Summary | p. 70 |
Summary | p. 70 |
Chapter 4 The Concepts of Content Switching | p. 71 |
Virtual Services and Application Redirection | p. 71 |
Virtual Services and Virtual IP Addresses | p. 72 |
Application Redirection | p. 73 |
Resources and Real Servers | p. 74 |
Frames, Packets, and Sessions | p. 74 |
Deep Packet Inspection | p. 76 |
Summary | p. 76 |
Chapter 5 Basic Server Load Balancing | p. 77 |
Why Load Balance Servers? | p. 77 |
The Alternatives to Server Load Balancing | p. 78 |
Topologies of Server Load Balancing | p. 79 |
Layer 2 (Bridging) Server Load Balancing | p. 79 |
Layer 3 (Routing) Server Load Balancing | p. 82 |
Single Arm Server Load Balancing | p. 85 |
Implementing High Availability for SLB | p. 88 |
Layer 4 Load Balancing Metrics | p. 96 |
Least Connections | p. 97 |
Round Robin | p. 97 |
IP Address Hashing | p. 98 |
Response Time and Server Agent | p. 100 |
Bandwidth | p. 100 |
Weighting and Maximum Connections | p. 101 |
Server Health Checking | p. 101 |
Link-Based Health Checks | p. 102 |
ARP Health Checks | p. 102 |
ICMP Health Checks | p. 103 |
TCP Health Checks | p. 103 |
Application Health Checks | p. 104 |
Health Check Scripting | p. 104 |
Summary | p. 104 |
Case Study: Layer 4 Server Load Balancing | p. 105 |
Chapter 6 Content-Aware Server Load Balancing | p. 109 |
What is Layer 7 Server Load Balancing? | p. 109 |
Why Use Layer 7 Server Load Balancing? | p. 110 |
Example 1 All Servers Are Not Built Equally | p. 110 |
Example 2 All Content Must Be Available Everywhere | p. 111 |
Example 3 You Get What You Pay For | p. 111 |
Example 4 Future Proofing | p. 111 |
Dealing with Layer 7 Traffic | p. 112 |
Immediate vs. Delayed Binding of Sessions | p. 113 |
Using Delayed Binding as a Security Mechanism | p. 115 |
Layer 7 Parsing and the Connection: Keep-Alive Header | p. 116 |
HTTP URL Parsing and Load Balancing | p. 118 |
Examples of URL Parsing | p. 119 |
HTTP Header Load Balancing | p. 119 |
Applications of HTTP Header Load Balancing | p. 121 |
HTTP Cookie Load Balancing | p. 127 |
Applications of Cookie Load Balancing | p. 128 |
Load Balancing FTP | p. 132 |
Load Balancing FTP in Active Mode | p. 132 |
Load Balancing FTP in Passive Mode | p. 135 |
Load Balancing DNS at Layer 7 | p. 138 |
Applications of Layer 7 DNS Load Balancing | p. 139 |
Load Balancing RTSP Streaming Media | p. 141 |
Load Balancing RTSP at Layer 4 Only | p. 142 |
Applications of Layer 7 RTSP Load Balancing | p. 144 |
Summary | p. 147 |
Case Study: Content-Aware Server Load Balancing | p. 148 |
Chapter 7 Persistence, Security, and the Internet | p. 151 |
Internet Service Providers--Proxying and Traffic Volumes | p. 152 |
Proxies | p. 153 |
IP Address Hashing | p. 156 |
Cookie-Based Persistence | p. 157 |
Cookies | p. 157 |
Cookie Types | p. 159 |
Cookies in Action | p. 160 |
SSL | p. 162 |
SSL Session ID Persistence | p. 162 |
Fixing the Model with SSL Offload | p. 163 |
Summary | p. 170 |
Case Study: Persistence | p. 171 |
Deploying Persistence | p. 171 |
Chapter 8 Application Redirection | p. 175 |
The Requirement for Application Redirection | p. 176 |
VIP-Based SLB vs. Application Redirection | p. 177 |
Web Cache Redirection (WCR) | p. 178 |
How Caching Works | p. 179 |
Cache Types | p. 184 |
WCR | p. 191 |
IP Spoofing | p. 192 |
Layer 4 Web Cache Redirection | p. 192 |
Layer 7 WCR | p. 198 |
Vendor Issues | p. 203 |
Security Redirection | p. 205 |
Router/Link Load Balancing | p. 205 |
Summary | p. 209 |
Case Study: Application Redirection | p. 210 |
Deploying Application Redirection | p. 210 |
Chapter 9 Firewall and VPN Load Balancing | p. 213 |
Why Load Balance Firewalls and VPN Switches? | p. 214 |
Firewall Overview | p. 215 |
Stateful Firewall | p. 215 |
Firewall Synchronization | p. 216 |
Layer 2 Firewalls | p. 217 |
Deploying Firewall Load Balancing | p. 218 |
Using VRRP | p. 218 |
Using Software-Based Solutions | p. 219 |
Using Content Switches | p. 219 |
Creating the Paths | p. 220 |
Health Checking Firewalls | p. 222 |
Traffic Flow through a Firewall Load Balanced Sandwich | p. 222 |
NATing Firewalls | p. 225 |
Policy-Based Firewall Load Balancing | p. 228 |
Topology Examples | p. 229 |
Layer 2 Firewalls | p. 232 |
Layering Firewalls for Greater Security | p. 233 |
Using the Content Switch for Additional Protection | p. 235 |
Adding Demilitarized Zones (DMZs) | p. 236 |
VPN and MAC Persistence | p. 238 |
VPN in Action | p. 238 |
Load Balancing VPNs | p. 239 |
Failure Scenarios | p. 241 |
Summary | p. 243 |
Case Study: Firewall and VPN Load Balancing | p. 244 |
Deploying Firewall and VPN Load Balancing | p. 244 |
Chapter 10 The Architecture of a Content Switch | p. 247 |
Typical Layer 2 and Layer 3 Architecture Considerations | p. 247 |
Why Content Switching is Different | p. 248 |
Packets vs. Sessions | p. 249 |
Breaking the Rules | p. 249 |
What Makes a Good Content Switch? | p. 250 |
Session Setup vs. Simultaneous Sessions | p. 250 |
Layer 4-7 Handling | p. 252 |
Different Approaches | p. 253 |
PC Architectures | p. 253 |
ASIC-Based Architectures | p. 255 |
Where To Next? | p. 256 |
Associated Hardware | p. 256 |
Summary | p. 257 |
Index | p. 259 |