Port Ranges

ServerIron ADX Server Load Balancing Guide

Release 12.0.00

June 15, 2009

Server Load Balancing > Port Ranges

Port Ranges

Port ranges can be defined under real servers or virtual servers. Port ranges can be used with bind statement under VIP. Additionally, you can define port profiles for a port range and specify characteristics such as tcp/udp, keepalive timers, retires for all ports inside port range.

NOTE: Port-policy definition is not supported with port range. This is because all ports inside a port range must have same characteristics and these characteristics can be defined using port profile.

The ServerIron ADX processes client requests destined to ports inside a port range in the same manner as it processes connections to individual ports.

Defining a Port Range

Port ranges are identified by their names. A port range can be created as follows:

1.

Define the port range

ServerIron(config)# port-range pr1

Syntax: [no] port-range <port-range-name>

2.

Identify the ports in the range.

ServerIron(config-pr-pr1)# port 8051 to 8100

Syntax: [no] port <port-number> to <port-number>

Enter the port’s numerical value for <port-number>

When defining a port range:

•

Ports in a port range must be consecutive.

•

You must define a starting port and an ending port for the range.

•

The starting port must be greater than zero (0).

•

The ending port must be larger than the starting port.

•

There can be up to 50 ports in a port range.

•

You can change the starting port and ending port using a single command. When changing the ports in a port range, if the port range is not used with a bind statement or other configuration, then the change is applied immediately; otherwise, the change remains pending until the apply port-range command is issued.

•

You cannot include the default port (65535) and well-known ports in a port range.

•

Furthermore, if role based management is used, only the super user or global manager can create port ranges at the global configuration level. Role based users can use port ranges and bind them under the real server and virtual server configuration levels. Also, role based users can view the list of port ranges by issuing the show port-range command.

•

If system encounters an error while implementing port-range and its associated features then it will still go ahead and complete the process. It will then log an error message. The system user will then need to manually remove port-range config, correct the error and re-apply the configuration until it succeeds.

•

If you define many port ranges to cover many application ports (in the order to several hundreds or thousands ports) then you need to keep an eye on MP CPU resources as a system may not be able to handle health checks for all these ports. Disabling of health checks for several ports or port-ranges may be needed in such cases to prevent health check issues.

•

Port ranges cannot be used with alias port ("real-port") definitions.

•

Port ranges can be combined with L4 switching only. They cannot be used with L7 switching.

•

Port ranges cannot be used with IPv6 services

•

Some of the other features not supported with port range are: PBSLB, TCS, boolean health check, scripted health check, track-groups, track-ports, tcp offload & keepalive

Using a Port Range under a Real Server Definition

You can define port ranges under a real server definition.

ServerIron(config)# server real real1 10.0.0.1

ServerIron(config-rs-real1)# port-range pr1

Syntax: [no] port-range <port-range-name>

Enter the ID of the port range for <port-range-name>. See the rules “Defining a Port Range” for additional rules.

You can add more than one port range to a real server; however, the ports in the port ranges cannot overlap. For example, if you define PR1 to include ports 8051 to 8100 and define PR2 to include ports 8061 to 8110, then you cannot use these two port ranges under the same real server because ports are overlapping. Also, if a port is included inside a port range and that port range is specified under real server, then that port cannot be specified separately under same real server.

All commands available to a single application port are available to the ports in a port range. For example, you can configure keepalive for a port range as you would for a single port.

ServerIron(config)# server real rs1 10.0.0.1

ServerIron(config-rs-rs1)# port-range pr1 keepalive

Using a Port Range under a Virtual Server Definition

You can define a port range under a virtual server.

ServerIron(config)# server virtual-name-or-ip virtual1 10.0.0.1

ServerIron(config-vs-virtual1)# port-range pr1

Syntax: [no] port-range <port-range-name>

Enter the ID of the port range for <port-range-name>.

The rules for including port ranges to a real server also apply to a virtual server. (See “Using a Port Range under a Real Server Definition”.)

Binding a Port Range for Virtual Ports to a Real Server

You can bind a port range from under a virtual server to real servers. Binding a port range is equivalent to binding all ports contained in the port range to the specified real server. All rules that apply to single port bindings also apply to binding port ranges. Also, you can bind different port ranges to a virtual server as long as the port ranges have the same number of ports.

The binding is a one-to-one mapping, where the starting port in the virtual server port range is bound to the starting port in the real server port range. The second port in a virtual server port range is bound to the second port of a real server port range.

ServerIron(config)# port-range pr1

ServerIron(config-pr-pr1)# port 8051 to 8100

ServerIron(config-pr-pr1)# exit

ServerIron(config)# port-range pr2

ServerIron(config-pr-pr2)# port 7051 to 7100

ServerIron(config-pr-pr2)# exit

ServerIron(config)# server virtual-name-or-ip virtual1 10.0.0.1

ServerIron(config-vs-virtual1)# bind-range pr1 realserver1 pr1 realserver2 pr2

Syntax: [no] bind-range <port-range-name> <real-server-name> <port-range-name>

Defining Port Profile for Port Range

You can define a profile for a port range. Policies and other features defined for a port profile are applied to all the ports included in the port range.

ServerIron(config)# server port-profile port-range pr1

ServerIron(config-port-profile-range-pr1))# tcp keepalive use-master-state

Syntax: [no] server port-profile port-range <port-range-name>

The following commands are available under the port-profile-range configuration level.

•

bringup-retries

•

disable

•

l4-bringup-interval

•

l7-bringup-interval

•

no-fast-bringup

•

tcp

•

udp

When defining port profile for a port range, note the following:

•

A separate port profile for an individual port inside a port-range definition is not permitted. All ports inside a port-range must have same properties.

•

In the case of overlapping port ranges that are used under different real servers, a port profile for only one of the port ranges is allowed. You cannot have conflicting properties for the same port under different port ranges.

Displaying a List of Port Ranges

You can display a list of port ranges that have been created in the ServerIron ADX by issuing the following command:

ServerIron(config)# show port-range

Syntax: show port-range [<start-index>]

Issuing the show port-range command displays information for all the port ranges configured on the ServerIron ADX. To limit the number of port ranges included in the output, issue the show port-range <start-index> command. Information only for the port ranges starting from the specified start-index is displayed.

Using a <start-index> variable begins display at the record specified where the first record has a value of 0. In the following example, the <start-index> value of 2 is used on the same port-range displayed in the previous example:

HA1(config)#show port-range 2

Name Start End Pending Start Pending End RefCnt

pr98 9800 9803 4

range4 7001 7050

To display a list of port ranges with a name that starts with a specified prefix issue the following command:

ServerIron(config)# show port-range starts-with pr

Syntax: show port-range starts-with <prefix>

The following table describes the information in the output:

Table 2.3: Field Descriptions of show port-range

Field

Description

Name

Name of the port range

Start

First port in the port range

End

Last port in the port range

Pending Start

The port range has been changed but the apply port-range command has not been issued. This column shows the start of the new port range.

Pending End

The port range has been changed but the apply port-range command has not been issued. This column shows the end of the new port range.

RefCnt

This is used by developers for debugging purposes.

Table 2.3: Field Descriptions of show port-range
Field	Description
Name	Name of the port range
Start	First port in the port range
End	Last port in the port range
Pending Start	The port range has been changed but the apply port-range command has not been issued. This column shows the start of the new port range.
Pending End	The port range has been changed but the apply port-range command has not been issued. This column shows the end of the new port range.
RefCnt	This is used by developers for debugging purposes.

Server Load Balancing > Port Ranges