You can configure a TCP application port to be “stateless”. When an application port is stateless, the ServerIron ADX does not create session table entries for the port. Configuring an application port to be stateless provides the following benefits:
|
•
|
The ServerIron ADX has more session resources available for application ports that need them. For example, if your server farm provides non-secure web content in addition to secured transaction processing using SSL, you can use the ServerIron ADX to maintain state information for the SSL connections while allowing the HTTP (web) connections to be stateless. The SSL connections flow back through the ServerIron ADX but the HTTP connections use any available path as determined by a real server’s gateway and other routers back to the client.
|
The ServerIron ADX does not use the standard SLB load-balancing methods when selecting a real server for a stateless application port. Instead, the ServerIron ADX uses hash values to select a real server. The ServerIron ADX calculates the hash value for a given client request based on the request’s source IP address and source TCP/UDP port.
The ServerIron ADX has up to 8192 hash buckets (the default is 256) and divides the number of buckets evenly among the real servers. When the ServerIron ADX forwards a client’s request for a stateless application port to the real server that corresponds to the calculated hash value, the ServerIron ADX does not change the source address of the client’s request, but does change the destination address from the requested VIP into the real server’s IP address.
For example, when a ServerIron ADX receives a request for TCP port 80 (HTTP) on VIP (192.168.4.69) from client 209.161.1.88, the ServerIron ADX calculates a hash value based on 209.161.1.88 and 80, then forwards the request to the real server that has the calculated hash value. The request packet is in the following format:
If client 209.161.1.88’s Web browser sent the request from TCP port 8080, and the ServerIron ADX’s hash calculation resulted in selection of real server 10.10.10.2, the packet would have the following address values:
Since the client’s request contains the client’s IP address and application port, the real server can send the packet back to the client by any valid routing path. The request does not need to pass back through the ServerIron ADX that forwarded the request. In fact, the ServerIron ADX that forwards the requests to the transparent VIP does not create session table entries for the requests.
Since the ServerIron ADX does not maintain state information for the requests for the stateless application port, the ServerIron ADX does not care whether the server response for a stateless port passes back through the ServerIron ADX on the way to the client. For a normally configured VIP, the server’s response passes back though the ServerIron ADX. For a transparent VIP, the response does not necessarily pass back through the ServerIron ADX.
The <table-size> variable can be set to any of the following values: 256, 512, 1024, 2048, 4096, or 8192.
ServerIron(config)#server real R1 10.10.10.1ServerIron(config-rs-R1)#port http
ServerIron(config-rs-R1)#exit
ServerIron(config)#server real R2 10.10.11.1
ServerIron(config-rs-R2)#port http
ServerIron(config-rs-R2)#exit
ServerIron(config)#server virtual-name-or-ip StatelessHTTP 192.168.4.69
ServerIron(config-vs-StatelessHTTP)#port http stateless
ServerIron(config-vs-StatelessHTTP)#bind http R1 http
ServerIron(config-vs-StatelessHTTP)#bind http R2 http
By default, stateless SLB uses a hashing algorithm to select a real server. The ServerIron ADX calculates a hash value for a given client request based on the request’s source IP address and source TCP/UDP port. The request is sent to a real server corresponding to this hash value.
For UDP connections consisting of one client packet and one server response packet, you can disable the stateless SLB hashing algorithm. When the stateless SLB hashing algorithm is disabled for UDP ports, the ServerIron ADX uses the round-robin load balancing method to select a real server for the request. In this case, the ServerIron ADX load balances UDP packets destined for the VIP without creating a session and without calculating hash values based on UDP port number and source IP address.
You can use the stateless option when configuring an application port on a virtual server to make that port stateless. By default, the port is stateless for both TCP and UDP. You can specify the protocol for which you want the port to be stateless. For example, you can configure port DNS to be stateless for TCP while remaining stateful for UDP, by entering commands such as the following:
ServerIron(config)# server real R1 10.10.10.1ServerIron(config-rs-R1)# port http
ServerIron(config-rs-R1)# exit
ServerIron(config)# server real R2 10.10.11.1
ServerIron(config-rs-R2)# port http
ServerIron(config-rs-R2)# exit
ServerIron(config)# server virtual-name-or-ip StatelessDNS 192.168.4.69
ServerIron(config-vs-StatelessDNS)#
port dns stateless tcp
ServerIron(config-vs-StatelessDNS)# bind dns R1 dns
ServerIron(config-vs-StatelessDNS)# bind dns R2 dns
The stateless parameter configures the port to be stateless.
The tcp | udp parameter restricts stateless operation to the specified protocol (TCP or UDP).
The no-hash parameter disables the SLB hashing mechanism for the port (and protocol, if specified). When hashing is disabled, the ServerIron uses the round-robin load balancing method to select a real server for each request.
Copyright © 2009 Brocade Communications Systems, Inc.
