PHYSICAL TOPOLOGY
LOGICAL TOPOLOGY
In Today's post I am going to present fairly an old IOS feature Called Server load balancing, but still I believe not many people are aware of it. Most importantly the feature is documented very well in IOS 12.4(15)T guides
which means some Evil CCIE Proctor or lab writer can turn your lab day into horrific experience by introducing something like this into configuration section of lab or into troubleshooting, which of course will be more obnoxious.
which means some Evil CCIE Proctor or lab writer can turn your lab day into horrific experience by introducing something like this into configuration section of lab or into troubleshooting, which of course will be more obnoxious.
Now Before moving onto the configuration part, let's talk a little about Load Balancer or I should say application load balancing. The idea is simple: The traffic towards the Application originated from outer world is going to hit the Virtual IP or VIP. The VIP basically represents the IP Address towards which the traffic is sent out in order to access the application. Now Behind the load balancer we have our Physical Servers running that application. The job of the load balancer now is to distribute the incoming connections from outer world towards the Physical Servers. The distribution pretty much depends upon the Algorithm we have chosen for configuration. While most of load balancers in market choose ROUND ROBIN as the default method. Other may choose different ones like Weight Based where a certain Weight is assigned to a physical server to ensure it handles more requests compare to server with
less weight. Which of course makes sense if server with Higher weight is a large Server compare to server with less weight which is say a P4 PC running Server application.
If you really want to dig a little deeper about load balancers from vendor independent point of view, I would recommend a fairly small book: Server Load Balancing From O'Reilly Publishers.
Now talking about Vendors, actually there are couple market players in Load Balancer Segment like - F5, Cisco, Citrix, Barracuda etc.
From Implementation perspective, The load balancer can work on LAN side as well as WAN side. For example F5 has LAN Based load balancer products called LTM and WAN based load balancer products called GTM. In similar fashion Cisco has dedicated load balancer products for LAN side called ACE series and WAN based called GSS.
Now coming back to IOS Based SLB implementation. It provides a very basic LAN based load balancing features. Since it's not a dedicated load balancer products so granularity is of course going to be less. But again an idle feature for SOHO environments for things like FTP load balancing etc.
Talking about IOS SLB implementation, there are basically two ways of doing it or I should say two modes:
> Dispatched Mode
> Directed Mode
The basic difference between Dispatched Mode Vs Directed Mode is that in Dispatched mode the limitation is the Physical Servers should have direct Layer 2 reach-ability with Load Balancer. While this is not the case with Directed mode which essentially uses NAT feature to load balance.
From CCIE Lab perspective, since the current IOS version devices running is 12.4(15)T. The feature is documented under - Server Load Balancing Configuration Guide. Which I believe is recent change since if I remember correctly when I took the lab last year it was documented under - IP Application Services Configuration Guide. Same logic applies to Command Reference guide just in case.
IP Application Services Configuration Guide, Cisco IOS Release 12.4T
Server Load Balancing Configuration Guide, Cisco IOS Release 12.4T
Now in this post I'll be covering "Dispatched Mode" Implementation. Let's first establish the basic connectivity using our initials before jumping into SLB specific configuration:
R1
==
!
en
!
conf t
!
no ip do lo
no cdp run
!
ho R1
!
int lo0
ip add 1.1.1.1 255.255.255.255
exit
!
int f0/0
ip add 12.12.12.1 255.255.255.0
no sh
exit
!
router eigrp 100
no auto
net 1.1.1.1 0.0.0.0
net 12.12.12.1 0.0.0.0
exit
!
end
!
wr
!
=============================================
R2
==
!
en
!
conf t
!
no ip do lo
no cdp run
!
ho R2
!
int lo0
ip add 2.2.2.2 255.255.255.0
exit
!
int f0/0
ip add 12.12.12.2 255.255.255.0
no sh
exit
!
int f0/1
ip add 23.23.23.2 255.255.255.0
no sh
exit
!
router eigrp 100
no auto
net 2.2.2.2 0.0.0.0
net 12.12.12.2 0.0.0.0
net 23.23.23.2 255.255.255.0
exit
!
end
!
wr
!
=============================================
R3
==
!
en
!
conf t
!
no ip do lo
no cdp run
!
ho R3
!
int lo0
ip add 3.3.3.3 255.255.255.0
exit
!
int f0/0
ip add 23.23.23.3 255.255.255.0
no sh
exit
!
int f1/0
ip add 33.33.33.3 255.255.255.0
no sh
exit
!
int lo 100
ip add 100.100.100.100 255.255.255.255
exit
!
router eigrp 100
no auto
net 3.3.3.3 0.0.0.0
net 23.23.23.3 0.0.0.0
net 33.33.33.3 0.0.0.0
net 100.100.100.100 0.0.0.0
exit
!
line vty 0 4
no login
exit
!
end
!
wr
!
=============================================
R5
==
!
en
!
conf t
!
no ip do lo
no cdp run
!
ho R5
!
int lo0
ip add 5.5.5.5 255.255.255.0
exit
!
int f0/0
ip add 33.33.33.5 255.255.255.0
no sh
exit
!
int lo 100
ip add 100.100.100.100 255.255.255.255
exit
!
router eigrp 100
no auto
net 5.5.5.5 0.0.0.0
net 33.33.33.5 0.0.0.0
net 100.100.100.100 0.0.0.0
exit
!
line vty 0 4
no login
exit
!
end
!
wr
!
=============================================
R6
==
!
en
!
conf t
!
no ip do lo
no cdp run
!
ho R6
!
int lo0
ip add 6.6.6.6 255.255.255.0
exit
!
int f0/0
ip add 33.33.33.6 255.255.255.0
no sh
exit
!
int lo 100
ip add 100.100.100.100 255.255.255.255
exit
!
router eigrp 100
no auto
net 6.6.6.6 0.0.0.0
net 33.33.33.6 0.0.0.0
net 100.100.100.100 0.0.0.0
exit
!
line vty 0 4
no login
exit
!
end
!
wr
!
========
Now as you can see, the VIP or virtual IP address we chose earlier - 100.100.100.100 is configured not only on Router R3 acting as SLB but also on physical servers. Actually it's one of requirements of IOS SLB Dispatched Mode implementation. In dispatched mode the VIP address needs to configured on Physical Servers either as Secondary Address or on the loopback. In our scenario I am using loopbacks for this purpose.
Now let's configure Router R3 as Server Load Balancer (SLB):
!
ip slb serverfarm DISPATCHED_MODE <- Pick any name you want herereal 33.33.33.5 <- Physical Address Of First Server
inservice <- This Command Enables the real server for use by IOS SLB
maxconns 2 <- Optional
weight 1 <- Optional
exit
real 33.33.33.6 <- Similar Steps to be repeated for 2nd Physical Server
inservice
maxconns 2
weight 1
exit
exit
exit
!
ip slb vserver ANYCAST_ADDRESS <- Let's Create the VIP
virtual 100.100.100.100 tcp telnet <- Here we are configuring Telnet SLB
serverfarm DISPATCHED_MODE <- Server Farm Configured Earlier
inservice
advertise
exit
!
Verification:
========
R1>telnet 100.100.100.100
Trying 100.100.100.100 ... Open
R5>exit
[Connection to 100.100.100.100 closed by foreign host]
R1>telnet 100.100.100.100
Trying 100.100.100.100 ... Open
R6>exit
[Connection to 100.100.100.100 closed by foreign host]
So as you can see our Telnet connections are getting load balanced between both Physical Server.
R3#sh ip slb stats
Pkts via normal switching: 60
Pkts via special switching: 0
Connections Created: 2
Connections Established: 2
Connections Destroyed: 2
Connections Reassigned: 0
Zombie Count: 0
DISPATCHED_MODE, predictor = ROUNDROBIN, nat = none
virtuals inservice: 1, reals = 2, bind id = 0
Real servers:
33.33.33.5, weight = 1, OPERATIONAL, conns = 0
33.33.33.6, weight = 1, OPERATIONAL, conns = 0
Total connections = 0
Since there is no active connection, the connection count is 0. Let's initiate one connection:
R1>telnet 100.100.100.100
Trying 100.100.100.100 ... Open
R5>
R3#sh ip slb serverfarms detail
DISPATCHED_MODE, predictor = ROUNDROBIN, nat = none
virtuals inservice: 1, reals = 2, bind id = 0
Real servers:
33.33.33.5, weight = 1, OPERATIONAL, conns = 1
33.33.33.6, weight = 1, OPERATIONAL, conns = 0
Total connections = 1
The IOS Version used for this SLB Test Bed is:
R3#sh ver | i IOS
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(13a), RELEASE SOFTWARE (fc1)
HTH...
R3#sh ver | i IOS
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(13a), RELEASE SOFTWARE (fc1)
DEEPAK ARORA
EVIL CCIE
Interesting. Never worked with that.
ReplyDelete-P
Hi deepk,
ReplyDeleteThanks for sharing this bogs.
Why did you run EIGRP on End Router. Suppose if we have real server, there we cant run EIRGP or any other routing protocol. Please explain
ReplyDeleteYes, In real scenario your servers won't run EIGRP. Though EIGRP is now an open standard so in long term shouldn't be a problem too.
ReplyDeleteBut as SLB router doesn't have 100.X.X.X network directly attached so instead you can point static routes.
Thanks for providing this informative information you may also refer.
ReplyDeletehttp://www.s4techno.com/blog/2016/10/05/big-ip-f5-ltm-license-upgrade/
Thanks for providing this informative information you may also refer.
ReplyDeletehttp://www.s4techno.com/blog/2016/10/05/big-ip-f5-ltm-license-upgrade/