|
|
| ServerIron ADX Server Load Balancing Guide |
| Release 12.0.00 |
| June 15, 2009 |
|
|
|
|
Minimizing Source-IP and Source-NAT-IP Requirements for Large DeploymentsIn previous implementations for earlier ServerIron ADX products, when source-ip or source-nat-ip is defined, the total number of 64K ports (of which some are reserved for internal use) per IP address are allocated and shared across all real servers. Each real server will only use portion of the entire port pool. As a net result, the number of connections that the system can handle is limited by the number of source-ip/source-nat-ip defined on the system multiply by maximum port pool per IP.As global port pool is shared by all real servers, the supply of ports can be quickly exhausted. Defining of additional source-ip/source-nat-ip may not always be feasible. The release 10.2.01 enhances this functionality and effctively conserves IP addresses.In this implementation, the port pool(s) are not shared globally but are allocated to each real server and each real server is able to use the entire pool by itself.This feature is recommended for deployments with large numbers of real servers, which can lead to a shortage of ports and necessitate configuration of additional source IPs and source NAT IPs.NOTE: This enhancement only applies to the server source-ip and server source-nat-ip. It is not applicable to source-ip and source-nat-ip addresses used for SSL.If source-ip and source-nat-ip are configured for the same subnet, then the source-nat-ip is given a higher priority. In the router case, the interface IPs are programmed as source-ips on the BP. The IP that matches the default gateway is given preference in the router case. As a result, if you configure the source-nat-ip in a subnet different than the gateway remote servers that ared defined on the ServerIron ADX, then this source-nat-ip must not be used. You should take this into account during network design.For example, if you want to keep using the same IP 4.4.4.101 as source-ip, but change old source-ip feature to new source-ip port-alloc-per-real. You need to perform the following steps in order:ServerIronADX(config)# server source-ip 209.157.22.28 255.255.255.0 209.157.22.1 port-alloc-per-realSyntax: [no] server source-ip <ip-addr> <ip-mask> <default-gateway> [<for-ssl> | <port-alloc-per-real>]ServerIronADX(config)# server source-nat-ip 10.10.10.5 255.255.255.0 0.0.0.0 port-range 2 portalloc-per-realSyntax: [no] server source-nat-ip <ip-addr> <ip-mask> <default-gateway> port-range <1>|<2> [<for-ssl> | <port-alloc-per-real>]NOTE: You should not enable/disable this functionality while the IP addresses are in use by the traffic flow. You must bring the traffic level to zero using this IP address or remove the command and redefine it.You should not enable/disable this functionality while the IP addresses are in use by the traffic flow. You must bring the number of traffic flows utilizing this IP address to zero or remove the command and redefine it.As an example, for changing from statement #1 to statement #2 below, either bring the traffic level to nil or negate the command first using "no server...." and then re-define it.Syntax: [no] source-ip-log
|
|
|
|
|
