Cover image for Optimizing network performance with content switching : server, firewall, and cache load balancing
Title:
Optimizing network performance with content switching : server, firewall, and cache load balancing
Personal Author:
Syme, Matthew, 1967-
Publication Information:
Upper Saddle River, NJ : Prentice Hall, 2004
ISBN:
9780131014688
Subject Term:
Network performance (Telecommunication)

Computer networks -- Workload

Telecommunication -- Switching systems
Added Author:
Goldie, Philip, 1974-

Available:*

Library
Item Barcode
Call Number
Material Type
Item Category 1
Status
Searching...
 30000004707612 TK5105.5 S95 2004 Open Access Book Book
Searching...

On Order

Summary

Summary

Content switching technology optimizes resource allocation across networks and over the Internet, and is fast becoming a standard in enterprise and ISP networks. Optimizing Network Performance with Content Switching: Server, Firewall, and Cache Load Balancing, by topic experts Matthew Syme and Philip Goldie, provides detailed, example-rich coverage of the field, with material suited for both technical and nontechnical personnel.


Author Notes

Matthew Syme is a product specialist for the Alteon portfolio of Nortel Networks. After exposure to content switching in early 2000, he joined Alteon WebSystems. Matthew has over a decade of experience in networking, working on major infrastructure projects in South Africa, the United Kingdom, and Australia
Philip Goldie is a Product Specialist for the Alteon portfolio within Nortel Networks. Previously he was a systems engineer for Alteon WebSystems, one of the pioneers of content switching. In nearly a decade working in the networking industry, Philip has been a customer, a reseller, and a vendor


Excerpts

Excerpts

Preface There are not many books written about content switching and all the associated applications that make up this exciting technology. The reason for this we believe is twofold. First, content networking is a huge discipline with many different areas ranging from switching to caching and content routing, and this can often be seen as confusing. Second, there is a perceived shortage of skills in the marketplace. While content networking does cover many areas, they are all still inextricably linked with the existing technologies of today. They might have dedicated hardware, more feature-rich software, and allow for unconventional configurations, but ultimately they come back to existing technology with which we are all familiar. On the skills and understanding front there is no shortage or lack of knowledge. Content networking is merely an extension to those existing skills we have developed. Taking the time to dig deeper into the workings of a content switch and understanding how the applications work provides the foundation on which we can build our knowledge. Using our existing knowledge, however, is key to content networking. This book does not try to explain every aspect associated with content networking as a whole, but rather it covers what is called content switching and discusses the associated applications. The Audience and Purpose of This Book The purpose of this book is to eliminate the confusion and conflicting views about this expanding topic and ensure that the fundamental theory and technologies are presented in a clear and concise manner. This is done in a two-tier approach. Managers, sales personnel, and executive-level individuals who require an overall understanding of this new breed of networking will be able to get an introductory overview of the topics involved. This will provide them with insight into the benefits and pitfalls of each application; why the need for such things as Secure Sockets Layer (SSL) offload, firewall load balancing, Web cache redirection, and so forth is a definite requirement for technology scaling; and the ability to understand the concepts of a technology that is continually changing. In short, this book will provide the individual with the basics of content switching, allowing them to make informed decisions in their day-to-day tasks and allow the sales and marketing personnel the ability to better position and sell these products. For the engineering force, this book will provide a comprehensive explanation of the inner workings of content switching, allowing them to build on their Layer 2 and Layer 3 skills. A good understanding of Layer 2 and Layer 3 functionality will ensure that the individual benefits from the advanced topics in this book. These include TCP/IP flows and sessions, delayed binding, URL/URI parsing, cookie persistence, server health checking, and load-balancing metrics, among others. Any engineers exposed to these technologies will find that the material allows them to fully understand the core concepts and functionality behind the applications discussed, giving them a better understanding of what is happening "under the hood." Case Studies As we progress through this book we will discuss fictitious case studies that revolve around a company called Foocorp, Inc. Foocorp, Inc. is a typical large company. They have thousands of employees, located in the head office and also in remote branches. The employees need access to internal applications and systems. Foocorp has also extended its network to include access from its partners and customers over an extranet. Foocorp also has an online presence for e-commerce. We will explain the benefits, the design, and the issues faced by Foocorp Inc. Excerpted from Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing by Matthew Syme, Philip Goldie All rights reserved by the original copyright owners. Excerpts are provided for display purposes only and may not be reproduced, reprinted or distributed without the written permission of the publisher.

Table of Contents

Prefacep. xvii
Chapter 1 Introduction to Content Switchingp. 1
The Evolution of Layer 2 and Layer 3 Networksp. 1
The Bigger, Faster Internetp. 2
The Drive for Richer Contentp. 3
Solving the Problems with Content Switchingp. 4
The Pioneersp. 7
Current Market Landscapep. 10
Summaryp. 10
Chapter 2 Understanding Layer 2, 3, and 4 Protocolsp. 13
The OSI Seven Layer Model--What Is a Layer?p. 13
The Application Layer (Layer 7)p. 14
The Presentation Layer (Layer 6)p. 14
The Session Layer (Layer 5)p. 15
The Transport Layer (Layer 4)p. 15
The Network Layer (Layer 3)p. 15
The Data Link Layer (Layer 2)p. 16
The Physical Layer (Layer 1)p. 16
Putting All the Layers Togetherp. 16
Switching at Different Layersp. 19
Layer 2 Switchingp. 20
Layer 3 Switching and Routingp. 20
Understanding Layer 4 Protocolsp. 21
Transport Control Protocol (TCP)p. 23
The Lifecycle of a TCP Sessionp. 24
User Datagram Protocol (UDP)p. 29
A Simple UDP Data Flowp. 30
Virtual Router Redundancy Protocol (VRRP)p. 31
Layer 2 and 3 Redundancyp. 32
The Components of VRRPp. 33
VRRP Addressingp. 34
VRRP Operationp. 35
Summaryp. 36
Chapter 3 Understanding Application Layer Protocolsp. 37
HyperText Transfer Protocol (HTTP)p. 37
Basic HTTP Page Retrievalp. 38
HTTP Methodsp. 39
The HTTP URLp. 40
Persistent Connections in HTTPp. 40
Other HTTP Headersp. 41
Cookies--The HTTP State Management Mechanismp. 44
HTTP--Further Readingp. 47
File Transfer Protocol (FTP)p. 47
FTP Basicsp. 47
Active Mode FTPp. 48
Passive Mode FTPp. 48
FTP--Further Readingp. 50
Real Time Streaming Protocol (RTSP)p. 51
The Components of RTSP Deliveryp. 51
RTSP Operationp. 52
Other Options for Data Deliveryp. 55
RTSP and RTP--Further Readingp. 58
Secure Sockets Layer (SSL)p. 58
The Need for Application Securityp. 58
Fitting SSL into the Seven Layer Modelp. 60
Encryption and Cryptographyp. 60
SSL in Actionp. 68
SSL Summaryp. 70
Summaryp. 70
Chapter 4 The Concepts of Content Switchingp. 71
Virtual Services and Application Redirectionp. 71
Virtual Services and Virtual IP Addressesp. 72
Application Redirectionp. 73
Resources and Real Serversp. 74
Frames, Packets, and Sessionsp. 74
Deep Packet Inspectionp. 76
Summaryp. 76
Chapter 5 Basic Server Load Balancingp. 77
Why Load Balance Servers?p. 77
The Alternatives to Server Load Balancingp. 78
Topologies of Server Load Balancingp. 79
Layer 2 (Bridging) Server Load Balancingp. 79
Layer 3 (Routing) Server Load Balancingp. 82
Single Arm Server Load Balancingp. 85
Implementing High Availability for SLBp. 88
Layer 4 Load Balancing Metricsp. 96
Least Connectionsp. 97
Round Robinp. 97
IP Address Hashingp. 98
Response Time and Server Agentp. 100
Bandwidthp. 100
Weighting and Maximum Connectionsp. 101
Server Health Checkingp. 101
Link-Based Health Checksp. 102
ARP Health Checksp. 102
ICMP Health Checksp. 103
TCP Health Checksp. 103
Application Health Checksp. 104
Health Check Scriptingp. 104
Summaryp. 104
Case Study: Layer 4 Server Load Balancingp. 105
Chapter 6 Content-Aware Server Load Balancingp. 109
What is Layer 7 Server Load Balancing?p. 109
Why Use Layer 7 Server Load Balancing?p. 110
Example 1 All Servers Are Not Built Equallyp. 110
Example 2 All Content Must Be Available Everywherep. 111
Example 3 You Get What You Pay Forp. 111
Example 4 Future Proofingp. 111
Dealing with Layer 7 Trafficp. 112
Immediate vs. Delayed Binding of Sessionsp. 113
Using Delayed Binding as a Security Mechanismp. 115
Layer 7 Parsing and the Connection: Keep-Alive Headerp. 116
HTTP URL Parsing and Load Balancingp. 118
Examples of URL Parsingp. 119
HTTP Header Load Balancingp. 119
Applications of HTTP Header Load Balancingp. 121
HTTP Cookie Load Balancingp. 127
Applications of Cookie Load Balancingp. 128
Load Balancing FTPp. 132
Load Balancing FTP in Active Modep. 132
Load Balancing FTP in Passive Modep. 135
Load Balancing DNS at Layer 7p. 138
Applications of Layer 7 DNS Load Balancingp. 139
Load Balancing RTSP Streaming Mediap. 141
Load Balancing RTSP at Layer 4 Onlyp. 142
Applications of Layer 7 RTSP Load Balancingp. 144
Summaryp. 147
Case Study: Content-Aware Server Load Balancingp. 148
Chapter 7 Persistence, Security, and the Internetp. 151
Internet Service Providers--Proxying and Traffic Volumesp. 152
Proxiesp. 153
IP Address Hashingp. 156
Cookie-Based Persistencep. 157
Cookiesp. 157
Cookie Typesp. 159
Cookies in Actionp. 160
SSLp. 162
SSL Session ID Persistencep. 162
Fixing the Model with SSL Offloadp. 163
Summaryp. 170
Case Study: Persistencep. 171
Deploying Persistencep. 171
Chapter 8 Application Redirectionp. 175
The Requirement for Application Redirectionp. 176
VIP-Based SLB vs. Application Redirectionp. 177
Web Cache Redirection (WCR)p. 178
How Caching Worksp. 179
Cache Typesp. 184
WCRp. 191
IP Spoofingp. 192
Layer 4 Web Cache Redirectionp. 192
Layer 7 WCRp. 198
Vendor Issuesp. 203
Security Redirectionp. 205
Router/Link Load Balancingp. 205
Summaryp. 209
Case Study: Application Redirectionp. 210
Deploying Application Redirectionp. 210
Chapter 9 Firewall and VPN Load Balancingp. 213
Why Load Balance Firewalls and VPN Switches?p. 214
Firewall Overviewp. 215
Stateful Firewallp. 215
Firewall Synchronizationp. 216
Layer 2 Firewallsp. 217
Deploying Firewall Load Balancingp. 218
Using VRRPp. 218
Using Software-Based Solutionsp. 219
Using Content Switchesp. 219
Creating the Pathsp. 220
Health Checking Firewallsp. 222
Traffic Flow through a Firewall Load Balanced Sandwichp. 222
NATing Firewallsp. 225
Policy-Based Firewall Load Balancingp. 228
Topology Examplesp. 229
Layer 2 Firewallsp. 232
Layering Firewalls for Greater Securityp. 233
Using the Content Switch for Additional Protectionp. 235
Adding Demilitarized Zones (DMZs)p. 236
VPN and MAC Persistencep. 238
VPN in Actionp. 238
Load Balancing VPNsp. 239
Failure Scenariosp. 241
Summaryp. 243
Case Study: Firewall and VPN Load Balancingp. 244
Deploying Firewall and VPN Load Balancingp. 244
Chapter 10 The Architecture of a Content Switchp. 247
Typical Layer 2 and Layer 3 Architecture Considerationsp. 247
Why Content Switching is Differentp. 248
Packets vs. Sessionsp. 249
Breaking the Rulesp. 249
What Makes a Good Content Switch?p. 250
Session Setup vs. Simultaneous Sessionsp. 250
Layer 4-7 Handlingp. 252
Different Approachesp. 253
PC Architecturesp. 253
ASIC-Based Architecturesp. 255
Where To Next?p. 256
Associated Hardwarep. 256
Summaryp. 257
Indexp. 259