2/10/2008

Technical White Paper - Multi-site Load Balancing

1. Overview
1.1 This is just the Outline.
1.1.1Document is not yet complete. Email me if you would like to receive
what I have so far. (ron@eis-corp.com)

2. Objectives
2.1 High Availability, Business Continuity, and Disaster Recovery
2.1.1Websites that NEVER GO DOWN. NO impact when servers crash.

2.1.2To achieve an application and infrastructure design so that there is

no single point of failure.

2.1.3Possible single points of failure.

2.2 Shared Infrastructure

2.2.1How will different application utilize the LB infrastructure?

2.2.2What types of Load Balancing is taking place? (Multiple Levels)

3. Applications
3.1 Standards for Accepting Applications into the Load Balanced (LB)
Environment.

3.2 Statement of Principles for LB.

3.3 OS, Web Server, & Software Platforms Load Balanced in multiple data
center locations.
3.3.1Based on the application requirements, which datacenter locations,
services & servers will be LB?

3.3.2Examples of Web Server LB

3.4 Application Servers in LB environment

3.4.1BEA Weblogic Application Servers (EJB clients, EJB Servers, and
JSP)

Ron Kim ron@eis-corp.com Page 1 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing
3.4.2Examples of App Server LB.

3.5 Working with many virtual IP’s and websites.

3.5.1How do we LB different types of websites?

3.5.2Provide some examples.

4. Load Balancing & High Availability

4.1 Load Balancing (LB) Between Multiple Sites (GSLB – Global Server
Load Balancing)
4.1.1Criteria for sending clients to the optimal data center(s).

4.2 Load Balancing Server Farms & other network devices using a Server
Load Balancer
4.2.1Different types of servers that will be load balanced

4.2.2Other Devices that will be Load Balanced.

4.3 Benefits of implementing Load Balancing.

4.3.1Business Continuity

4.3.2Reliability / NO DOWNTIME

4.3.3Enhanced Capacity

4.3.4Much faster Performance

4.3.5Security Enhancements (Secure website).

4.3.6New Application Release

4.3.7Change Control and Rollback procedures

4.4 When Load Balancing is NOT deployed.

4.4.1Lost Revenue

4.4.2Frustrated clients

4.4.3Calls to helpdesk

Ron Kim ron@eis-corp.com Page 2 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

5. Misunderstanding of Load Balancers

5.1 Load Balancers do SO MUCH MORE!
5.1.1Caching

5.1.2Compression

5.1.3SSL Acceleration

5.1.4Network level Security

5.1.5Application Level Security

5.1.6Load Balance Networks (Not only single Virtual IP’s)

6. What can be Load Balanced?

6.1 Proxy, Cache

6.2 Web servers

6.3 Applications servers

6.4 Firewalls

6.5 FTP, Mail, NNTP, Mainframe

7. Vendors, Products, and Services tested and implemented

7.1 What did we use to build out a 100% uptime Internet Infrastructure.

7.2 Which vendors did we test?

7.3 What are the recommended vendors?

7.4 Is one vendor the best solution for everyone (Not necessarily)?

8. Network Design
8.1 Routing for LB (Load Balanced) Environments.

Ron Kim ron@eis-corp.com Page 3 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing
8.1.1x.x.x.x is routed over the ISP_1 Internet links.

8.1.2BGP route advertisements of the Virtual Server network over multiple

ISP links.

8.1.3Internal Corporate network routing issues.

8.2 IP Addressing
8.2.1Company owned IP address space (x.x.x.x)

8.2.2Virtual Server Networks. (Explain how multiple networks can be

configured.)

8.2.3Subnet that Load Balancers and Servers are on and why.

8.2.4Internal network with 10.x.x.x IP addresses

8.2.5Issues when Web Servers need to communicate with App Servers on

different IP networks.

8.2.6Use of Host Static Routes instead of Network Static Routes.

8.3 Data Security / Firewalls

8.3.1When two firewalls are configured active-active

8.3.2Firewalls are active-standby and using VRRP

8.4 Web Application access from the Internet

8.5 Web Application access from Internal Corporate Network.

8.5.1Internal clients coming from the 10.x.x.x and 192.168.x.x networks.

8.6 VLAN numbering standards

9. DNS Design and other issues

9.1 Top Level Domains (TLD)

9.2 Authoritative DNS Servers

9.3 Primary and Secondary DNS

Ron Kim ron@eis-corp.com Page 4 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

9.4 Named & BIND

9.5 Types of DNS Resource Records

9.5.1“A” Record

9.5.2PTR Record

9.5.3CNAME Record

9.5.4NS Record

9.6 DNS servers on the Internet (Front-End / External)

9.7 Internal corporate DNS (Back-End / Corpnet)

9.8 DNS servers used by the servers in the LB DMZ’s

9.9 Integration of GSLB into the existing DNS environment (Introducing

intelligent DNS)

9.10 Working with Sub-Domains

9.11 “DNSLB” Sub-Domain

9.11.1What needs to be done to make GSLB authoritative for the “DNSLB”
sub-domain?

9.11.2DNS Glue Records to delegate the DNSLB sub-domain.

9.12 Being authoritative for Private Labeled Sub-Domains

9.13 Why the DNS server that a end-user’s workstation is using is

important.

9.14 What is a DNS TTL and why is this important?

9.15 Issues to be aware of regarding DNS TTL.

10.SSL / HTTPS
10.1 Type of SSL encryption (128 Bit or Key Length 1024)

10.2 SSL on SERVER LB Load Balancer

Ron Kim ron@eis-corp.com Page 5 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

10.3 SSL Certificates

10.3.1Certificates for Company owned domain names

10.3.2Certificates for 3rd Party Domains

10.3.3Certificate request process

10.3.4Each Certificate needs be assigned a unique IP address

10.3.5Certificate management

11.Web Browsers and how they interact with a web site.

11.1 Browser versions

11.2 Domestic version of Web Browsers

11.3 Browser Cookies

11.4 Caching of Content

11.5 Caching of IP Addresses

12.Web Site Performance

12.1 Sending clients to the best performing web site.

12.2 How SSL Acceleration on SERVER LB increases web site

performance.

13.Administration Load Balancing devices.

13.1 Secure Remote Administration
13.1.1Browser / GUI based management access (HTTPS)

13.1.2Command Line Interface (CLI) access (SSH, Telnet, and RSH)

13.1.3User account control

13.2 Administration using Terminal Server (TS) access

Ron Kim ron@eis-corp.com Page 6 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

14.General Configuration Standards for devices.

14.1 Technical terminology used

14.2 Software and configuration change control.

14.3 Network Time Protocol (NTP)

14.4 SSH

15.GSLB Design & Configuration Standards

15.1 How Does GSLB work?

15.2 How does GSLB help to provide High Availability for Applications
located in multiple Data Centers?

15.3 Primary and Secondary GSLB (Statistics collector or Statistics

receiver)

15.4 What happens when you lose a primary GSLB and/or if you lose a
primary DNS?

15.5 “DNSLB” Sub-domains configured on GSLB

15.6 Using GSLB to Load Balance Top Level Domains (TLD)

15.7 GSLB’s on the Internet

15.8 GSLB in the Internal Corporate Network.

15.9 Availability Verification / Health Checks between GSLB and Server

LB device
15.9.1Communications protocol of SERVER LB (Status Check)

15.9.2Health Checks on Servers and other devices. (TCP connections and

SNMP Query)

15.10 GSLB Load Balancing

15.10.1GSLB LB Algorithms (Static & Dynamic)

15.11 GSLB Naming Conventions & Configuration Standards.

Ron Kim ron@eis-corp.com Page 7 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing
15.11.1Data Center

15.11.2GSLB Names

15.11.3SERVER LB Names

15.11.4Virtual Server Pools

15.11.5LB Modes

15.12 GSLB Configuration details.

15.12.1GSLB Global Configuration Options

15.12.2Creating Data Center Objects in GSLB

15.12.3Adding SERVER LB’s to GSLB Configuration

15.12.4Specifying Virtual Servers and to which SERVER LB the VSR’s are

configured on.

15.12.5Load Balanced URL.

15.12.6DNS TTL

15.12.7Virtual Server Pools

15.12.8Configuring GSLB so that “nslookup” will work.

15.12.9Important configuration files

16.SERVER LB Design & Configuration Standards

16.1 How does SERVER LB work?
16.1.1Active-Standby

16.1.2Shared Failover IP’s and Virtual Servers on Active device

16.2 How does SERVER LB help to provide High Availability for groups
of servers?

16.3 What is a Virtual Server?

16.4 Definition of a node

Ron Kim ron@eis-corp.com Page 8 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

16.5 Multiple default gateways

16.5.1The SERVER LB’s have five default gateways.

16.6 Load Balancing Web Servers

16.7 Load Balancing Application Servers and other Backend Servers

16.8 SSL Acceleration / Proxy

16.9 SSL Certificates on SERVER LB

16.9.1What type of SSL Certs can be used by SERVER LB?

16.9.2Reasons for terminating SSL on the SERVER LB

16.9.3Persistence, Cookies and clear text to Web Server.

16.10 Load Balancing multiple subnets.

16.11 Multiple Virtual Server Networks

16.12 Persistence
16.12.1Why is persistence needed? And why is it important?

16.12.2Cookie Persistence; (Clear text to Web Server)

16.12.3Importance of Time Synchronization when using Cookie

Persistence.

16.12.4Source IP Persistence; (When it is used and when not to use. And

Why.)

16.12.5Why you should not use SSL ID persistence.

16.13 Availability Verification / Health Checks for servers

16.14 Virtual Server configuration

16.15 Use of an internal Virtual Server in conjunction with SSL

Acceleration

16.16 SERVER LB Load Balancing Algorithm

Ron Kim ron@eis-corp.com Page 9 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

16.17 SERVER LB Naming Conventions & Configuration Standards.

16.18 SERVER LB Configuration Details

16.18.1SERVER LB Global Configuration Options

16.18.2Administrative IP addresses

16.18.3Configure Default Gateway Pool

16.18.4Create an SSL proxy

16.18.5Map the SSL proxy to an internal Virtual Server.

16.18.6Define a pool of servers

16.18.7Configure server pool characteristics

16.18.8Session state mirroring on SERVER LB’s

16.18.9List of important files

17.Design & Configuration Standards

17.1 How do Server Load Balancers work? (Greater Detail)
17.1.1Subset of SERVER LB features. SERVER LB also contains these
features.

17.2 Forwarding Virtual Servers

17.3 Availability Verification / Health Checks

18.Server Configuration Standards & Server Management

18.1 General Server configuration issues.
18.1.1Server Default gateways

18.1.2Return traffic from Web Server to requesting client (Internet or

Internal Network)

18.1.3DNS servers used by Web Servers and App Servers

Ron Kim ron@eis-corp.com Page 10 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing
18.1.4DNS change request procedures for servers to be listed on the
internal DNS servers.

18.1.5How mis-configuration of DNS settings can lead to very slow Web

Site Performance

18.2 Server / Web Site management.

18.2.1Application release management

18.2.2Taking servers out of a LB pool.

18.2.3Taking web site of LB and sending clients to one site.

18.3 Web Server configuration standards.

18.3.1TCP ports/sockets to be used on the web servers.

19.Testing Procedures & the Test Lab

19.1 Located in test data center

20.Application Monitoring
20.1 Who is using what tools.
20.1.1What tools are out there?

20.1.2What are the most common tools.

21.Appendix
21.1 Network Diagram

21.2 Why GSLB needs to be authoritative for a LB URL.

21.3 IP addresses

21.4 Routing / Static Routes

21.5 Firewall ports needed

21.6 Important GSLB commands

Ron Kim ron@eis-corp.com Page 11 of 12

 2/10/2008
Technical White Paper - Multi-site Load Balancing

21.7 Important SERVER LB and Commands

21.8 Load Balancing Questionnaire

21.9 Sample SERVER LB Configuration File

21.10 Sample GSLB Configuration File

Ron Kim ron@eis-corp.com Page 12 of 12