Presentation is loading. Please wait.

Presentation is loading. Please wait.

Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT."— Presentation transcript:

1 Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT

2 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern2 Overview  Why  How  Features  Modes  What  Where to  Conclusions

3 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern3 Why  Get Rid Of Old Clusters  AIX Highly Available Load Environment HALE  Minimize Efforts for Clustering  Commercial „All-In-One“ Box  Possible Replacement For Traditional Clusters  Getting Better  Customer Invisible Service Switching  Enhanced Load Distribution  Only One Virtual Hostname Per Service  Enhancing Fault Tolerance and Security

4 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern4 How  Using/Testing F5 Switch  Common Effort of the IT Systems and Network Groups  Switch is BSD Unix Cluster  Redundant Network Connections  https:WEB and ssh:CLI Configuration Interface  Starting with Layer 2/3 Routing Layer 7 Routing planned for WEB  Checking Implementation Aspects of Different Services

5 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern5 Key Features and Benefits  Architecture:  (24) 10/100 BASE-TX Ports  (4) 1000 BASE-SX Ports  Switch Fabric Capacity: 8 Gb/s one direction 16 Gb/s aggregate  100 SSL TPS included at no additional charge; upgradeable to 800 TPS  Provides significant cost savings and flexibility for SSL acceleration and capacity  Flexibility and speed to directly connect servers, caches, firewalls, databases, SIP, and VPN endpoints  Eliminates the need to buy additional switches; supports fully meshed network deployments  2 GHz of centralized processing power; provides more power to intercept, inspect, transform, and direct Layer 7 (application traffic) than web or content switches  1 GB of RAM in base configuration; additional 1 GB can be added as an option - provides the greatest amount of concurrent connections for unparalleled traffic capacity  Traffic Management:  All the advanced features and functions of award-winning BIG-IP software  Static and Dynamic load balancing for diverse server platforms and applications  Active/Active Controller feature for added performance, scalability, reliability  Full stateful session failover from active to backup or active IP Application Switch  Multiple modes of persistence  Simple and advanced business rules to ensure QoS  Smart content and application determination to route requests for content to appropriate devices  Unique One Connect™ Content switching reduces bandwidth costs and server overhead by up to 20%  iControl enabled- allows applications to directly control network traffic by preemptively avoiding application failures  Award-winning 3-DNS wide-area load balancing available as an option  Real-time performance monitoring and statistics  Easy to install and manage via secure CLI & GUI Additional Information “Not For Screen Usage”

6 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern6 Mode 1: Dump Service  F5 Secure Network Address Translation SNAT = on  Server sees F5 Switch as Client  No Client Change  All Traffic handled by F5 Switch Standard Router Server System(s) Client System

7 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern7 Mode 2: Single Service  No F5 Network Address Translation NAT = off  Client Changes:  Set Local Host Interface lo0 to Virtual Host IP (“NAT”)  Limitations  One Service  Server on same L2 net  Default Route unchanged Standard Router Server System Client System

8 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern8 Mode 3: Multi Service  F5 Network Address Translation NAT = on  Client Changes:  Default Route to F5 Switch  F5 IP Forwarding needed  Multiple Services Possible  All Traffic handled by F5 Switch Standard Router Server System Client System

9 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern9 What  Font Server fontsrv.desy.de  Multi Service Mode  Each Port Is One Service  2 Port Protocol: Persistency  Network Install Management Server nims.desy.de  Single Service Mode  Common Install Server  Testing UDP Persistency (NFS)  Public Login Service plus.desy.de (under Evaluation)  Single or Multi Service ?  Key Handling  ISS Replacement  dCache Web and Control Connection dcap.desy.de  Stateful failover  One Virtual Host  2 Ports  …

10 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern10 Where to  WEB Service  Starting with standby server if AFS fails ?  Layer 7 Routing ?  MAIL Service  Different SMTP Server for Internal and External (Rules Setup)  …  Security  Use F5 Switch as Network Filter to Protected Server Subnet  Overcome Routing Problems  Cisco Software Upgrade Workaround: Moving MAC  Test Client Functionality From Server Network  SSL Possible  But seems not compliant to.htaccess-Configuration  First Production Tests  Planned for June 2003

11 @ HEPiX AmsterdamHighly Available Central Services / Th. Finnern11 Conclusions  Rather Simple To Use  Nice Operating Model  Minimal Changes on Server Machines  Platform Independent  Could Be A Standard Feature  If tests results will be reliable  If people will trust virtual hosts

Download ppt "Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT."

Similar presentations

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Business Solutions Network Security Solutions Gateway Security

Business Solutions Network Security Solutions Gateway Security
Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)

Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)
MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Firewall Configuration Strategies

Firewall Configuration Strategies
Module 8: Concepts of a Network Load Balancing Cluster

Module 8: Concepts of a Network Load Balancing Cluster
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Lesson 1: Configuring Network Load Balancing

Lesson 1: Configuring Network Load Balancing
SIP Bridging for Hoot n Holler Hydra-Link TM Florida Reliability Coordinating Council Solutions for:

SIP Bridging for Hoot n Holler Hydra-Link TM Florida Reliability Coordinating Council Solutions for:
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
M2M Gateway Features Jari Lahti, CTO www.violasystems.com.

M2M Gateway Features Jari Lahti, CTO
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Similar presentations

Ads by Google