Summary
A simple definition of the fourth layer exchange is: it is a function, it determines that the transfer is not only based on the MAC address (second layer bridge) or source / target IP address (third layer rout), and according to TCP / UDP ( The fourth layer) application port number. The fourth floors exchange function is like a virtual IP, pointing to the physical server. It transfers a variety of integration protocols, HTTP, FTP, NFS, Telnet, or other protocols. These businesses require complex load balancing algorithms based on physical servers.
First, fourth floor exchange
A simple definition of the fourth layer exchange is: it is a function, it determines that the transfer is not only based on the MAC address (second layer bridge) or source / target IP address (third layer rout), and according to TCP / UDP ( The fourth layer) application port number. The fourth floors exchange function is like a virtual IP, pointing to the physical server. It transfers a variety of integration protocols, HTTP, FTP, NFS, Telnet, or other protocols. These businesses require complex load balancing algorithms based on physical servers. In the IP world, the service type is determined by the terminal TCP or UDP port address, and the application section in the fourth layer exchange is determined by the source and terminal IP addresses, TCP, and UDP ports.
Setup virtual IP addresses (VIPs) for each server group for search, each set of applications in the fourth-floors. Each application server address stored in the Domain Name Server (DNS) is VIP instead of a real server address.
When a user applies for an application, a VIP connection request with the target server group (eg, a TCP SYN package) is sent to the server switch. The server switch selects the best server in the group, replaces the VIP in the terminal address with the IP of the actual server, and transmits the connection request to the server. Thus, all of the packages in the same interval are mapped by server switches, transmitting between users and the same server.
Second, the principle of the fourth layer exchange
The fourth layer of the OSI model is a transport layer. The transport layer is responsible for end-to-end communication, that is, coordinating communication between network sources and target systems. This is the protocol layer where TCP (a transport protocol) and UDP (user packet protocol) are located in the IP protocol stack.
In the fourth layer, TCP and UDP headers include portNumber, which can uniquely distinguish which application protocols (such as HTTP, FTP, etc.) each data package (eg HTTP, FTP, etc.). The endpoint system uses this information to distinguish the data in the package, in particular the port number, enable a receiving computer system to determine the IP packet type it receives and hand it over to the appropriate high-level software. The combination of port numbers and device IP addresses is often referred to as an "socket".
The port numbers between 1 and 255 are reserved, and they are called "well known" ports, that is, in all host TCP / IP protocol stack implementations, these port numbers are the same. In addition to the "well known" port, the standard UNIX service is assigned in the range of 256 to 1024 ports, and customized applications typically allocate port numbers over 1024.
The recent list of allocation port numbers can be found on RFC1700 "Assigned NumBers". The additional information provided by the TCP / UDP port number can be used for the network switch, which is the foundation of the 4th floor exchange.
Example of "Know" port number:
Application protocol port number
FTP20 (data)
21 (control)
Telnet23
SMTP 25
HTTP 80
NNTP 119
NNMP 16
162 (SNMP TRAPS)
The additional information provided by the TCP / UDP port number can be used for the network switch, which is the foundation of the fourth layer exchange.
A switch with a fourth layer function can function as a "virtual IP" (VIP) front end connected to the server. A VIP address is configured for each server and a server group that supports a single or universal application. This VIP address is sent out and registered on the domain name system. When a service request is issued, the fourth layer switch begins to identify the beginning of a session by determining the TCP. It then uses a complex algorithm to determine the best server that handles this request. Once this decision is made, the switch will link the session with a specific IP address and use the server's true IP address instead of the VIP address on the server.
Each fourth layer switch holds a connection table associated with the source IP address compared with the selected server and the source TCP port. The fourth layer switch is then forwarded to this server. All subsequent packages are re-imaged and forwarded between the client and the server until the switch discovers the session.
In the case of using the fourth layer exchange, access can be connected with the real server to satisfy the rules that the user is developed, such as having equal number of access to each server or allocating a transport stream using the capacity of the different servers.
Third, the role of the fourth layer exchange
The main role of the fourth layer exchange is to improve the reliability and spreadability of the server and server groups.
If the server speeds can't keep up, even if the network with the fastest-switched exchange cannot fully ensure end-to-end performance. You can want to see high-priority services to block in this QoS enabled network, because of the low priority business queue in the server. In a worst case, the server will even lose the ability to loop processing services.
The purpose of the fourth level switching on the server is to extend the performance and service flow of the second layer and the third layer exchange in the past servers and applications.
Fourth, the advantages of the fourth floor exchange
The fourth layer exchanges the header information using the third layer and the fourth layer packet, and the traffic flow of the entire interval segment is assigned to the appropriate application server according to the application interval.
Each open range is related to a specific server, for the tracking server, the fourth layer exchanges special applications supported by multiple servers, and linearly enhances overall performance with the increase of the server. At the same time, the fourth level exchange is improved by reducing the dependence of any particular server.
The fourth level exchange also requires end to end QoS, improve the ability of the second layer and the third layer exchange a pack of QoS transmission. For example, from a network service stream from a high-level user or an important application, you can assign to the fastest I / O system and CPU, and ordinary business is assigned to a poor performance.
V. Fourth floor exchange and second layer, third floor exchange
If the second floor exchange is the reproduction of the bridge, the third layer exchange is routed, then what is the fourth floor exchange? The fourth floor exchange can be queued according to specialized applications, which provides a more *-based approach based on rule-based service quality mechanisms. We can swap the fourth floors as a "session switch".
a, second floor exchange
LAN exchange technology is an example of a solution that provides a valid network segment for shared local area networks, which allows each user to share the maximum bandwidth as much as possible. The preceding has been mentioned that the switching technology is the second layer in the OSI seven-layer network model, that is, the data link layer is made, so the forwarding of the switch on the packet is based on the MAC address-physical address basis. For IP network protocols, it is transparent, that is, when the switch is forwarding the packet, it is not known that the IP address of the source machine and the SWIT is not required, only the physical address is MAC address. The switch will constantly collect the information in the * process to create an address table of its own itself. This table is quite simple. It explains one of the MAC addresses to be discovered on which port is discovered, so when the switch receives a TCP / IP When the package, he will look at the destination MAC address of the label section of the packet, check the address table to confirm which port you will send out, because this process is relatively simple, plus today this function is made from ASIC The hardware is carried out, so the speed is quite high, usually only tens of microseconds, the switch can determine an IP package to send it. It is worth mentioning that if the switch receives a unknown package, if the destination MAC address cannot be found in the address table, the switch will "spread" out of the IP package, that is, put it from each port. Send it out, as if the switch is processed when receiving a broadcast packet. The weakness of the Layer 2 is exactly the way it handles the broadcast package is too effective. For example, when a switch receives a broadcast package issued from the TCP / IP workstation, he will pass the package to all other ports. Go, even some ports are IPX or Decnet workstations! This, the bandwidth of non-TCP / IP contacts will be negatively affected, even if the same TCP / IP contact, unless their subnets are sent to the broadcast package The subnet of the workstation is the same, otherwise they will receive some online broadcasts that are unhealthy, and the efficiency of the entire network will be greatly reduced. B, third floor exchange
Assuming host A has previously communicated by switch, if the intermediate switch supports third-level exchange, he will record the IP addresses of A and B and their MAC addresses. When other hosts such as C is to A or B. When the address package issued by C, the third layer switch will send C and a reply package tells him a or b's MAC address, and then c will of course use A or B's MAC address "direct" and He communicates. Because the communication between the communication has not passed the third party like the router, it is afraid that A, B and C are different subnets, and they can directly know that the other's MAC address is communicated. More importantly, the third-layer switch is Without spreading the broadcast package, the third layer switch is called three-layer switch because they can understand the three-layer information, such as IP addresses, ARP, etc. Therefore, the three-layer exchanger can inspect what is the purpose of a broadcast package, and without having to spread him, meet the needs of the people who have issued the broadcast package (no matter where they are in any subnet). If you think that the third layer switch is the router, it should also be called a super high-speed anti-traditional router, because the third-layer switch does not do any "demolition" data package work, all passing his packet will not be modified and The speed of exchange is transmitted to the destination.
In contrast, the router is a third layer-network layer * in the OSI seven-layer network model. It is in the network, and it is necessary to receive any packets (including the broadcast package). The information of the second layer (data link layer) is removed (called "unpacking") to view the third layer information (IP address). Then, according to the routing table determines the route of the packet, check the secure access table; if the pass, the package of the second layer information is performed (called "package"), and finally the packet is forwarded. If the network address of the corresponding MAC address is not checked in the routing table, the router returns the site of the source address to one message and throws this packet. The router clearly provides a series of access control mechanisms that form an enterprise network security control policy compared to the switch. Since the router must have a "demolition" process for any packet, even if the same source address is sent to all the packets emitted by the same destination address, the same process is repeated. This causes the router to be unlikely to have high throughput, and the router is one of the reasons for the network bottleneck.
End-to-end performance and service quality require detailed balance to ensure that the data between the client and the server is smoothly flowing. The second floor and the third floors have played a good role in solving the bandwidth and capacity issues of the local area network and the Internet, but this may not be enough, more performance, and this is the fourth floor exchange Use of martial arts.
The second floor switches the connection to the user and the network, guiding traffic flow, third layer switching or router in the subnet to transfer the package from one subnet to another, and the fourth floors will be packed to the terminal server. Fourth floor exchange is an important factor in the network infrastructure, which increases server capacity increases with network bandwidth.
From * aspect, the fourth layer exchange is stable because it controls the packet in the range from the source end to the end. On the other hand, the router or third layer is exchanged, only for a single package, unclear, from where to come from, and do not know the next package. They just detect TCP port numbers in the package header, establish a priority queue according to the application. The router determines the route of the package based on the link and network available node. The fourth layer is determined to determine the interval on the basis of available servers and performance.
6. Fourth floor exchange and server cluster
There are some common functions between the fourth floors exchange and server cluster technologies such as Microsoft WolfPack. They all provide service load balancing and fault protection, although many cluster technologies have supported the load balance of applications across multiple servers. The difference between the two technologies is that cluster functions are often integrated into the server * as a system, so it is the manufacturer. The embedded * makes the cluster technology to support file system sharing and close server resources, and allow faster server fault tolerance. On the other hand, the fourth layer exchange is based on the standard IP protocol. Therefore, it makes different vendors, different * as a system-based server to form a "loose coupling" server cluster for load balancing and enhanced reliability, and these two technical products are not standing opposite. The server cluster can use the fourth layer of exchange to increase application scalability and server availability.
Using Fourth Layer Exchange in the server cluster You can use the fourth floors to secure the load balancing of each server in the server cluster on the switch. The fourth floor exchange can make people do without any scruples for many backup servers. At the same time, there will be a series of servers to provide the same services, so that the traffic load on each server can be balanced.
So far, the only way to make the load to balance is * to change the host address, but the problem is that the load that the load will be to be obtained is very difficult, which is simply too arrogant, and it is not possible to meet the user. Requirements for the fourth layer exchange. Applying Fourth floors, adopting advanced application allocation algorithms, better, smarter implementation load balance. Depending on the particle size of the required load balance, the fourth layer switch can be assigned to the server using a variety of ways to the server. These methods include simple weighting cycles for the minimum access to the number of access, measuring the closure loop feedback of the round-trip time delay and the server itself. Closed loop feedback is the most advanced method, which utilizes specific system information such as available memory, I / O interrupts, and CPU utilization, which can be automatically acquired for adapter drivers and fourth floors. The current closed loop feedback mechanism requires installing software agents on each server.
Seven, how to choose the right fourth floor exchange
a, speed
In order to be effective in the enterprise network, the fourth level exchange must provide the ability to compare with the third layer line speed router. That is, the fourth floors must be made in all ports in fullness, even in multiple Gigabit Ethernet connections. Gigabit Ethernet speed is equal to the maximum speed routing of 1488,000 packets per second (assuming the worst case, that is, all packets as well as the smallest size, 64 bytes).
b, server capacity balancing algorithm
According to the desired capacity balancing interval, the fourth layer switch will use a variety of algorithms that are allocated to the server, there is a simple detection loop recent connection, detect loopback feedback of the loop delay or detection server itself. In all predictions, closed-loop feedback provides the most accurate detection that reflects the existing traffic of the server.
C, table capacity
It should be noted that the switch to the fourth layer exchange needs to distinguish and store a large number of sending entries. This is especially true when the switch is at the heart of an enterprise network. Many second / three-layer switches tend to send the size of the network to the number of network devices. For the fourth-floors, this number must multiply the number of different application protocols and sessions used in the network. Thus the size of the sending table grows rapidly with the increase in the number of endpoint devices and the number of applications. The fourth layer switch designer needs to consider this growth of the table when designing its products. Large table capacity is critical to manufacturing high-performance switches that support the fourth floors of the line speed.
D, redundancy
The fourth layer of switches have functions that support redundant topology. When there is a network card fault tolerance with a double link, it is possible to establish a complete redundant system from one server to NIC, link, and server swap.
Eight, introduce several fourth floors exchange products
Berkeley NetWorks's EXPONENT E4 and Alteon Networks's ACESWITH 180 two-level exchange products have highlighted performance and flexibility, which can make more intelligent forwarding decisions than the second layer and third floors. Due to the implementation of the above functions due to embed the code of the header query into the switch in the switch, it is hardly caused for any delay. Both of these manufacturers can achieve 10M, 100M, and Gigabit Ethernet feature, but Berkeley's switch is designed for enterprise applications, while Alteon switches are used to have a large number of Web or FTP servers.
Alteon's fourth-layer switching technology can be assigned to the appropriate server based on the health of the server, according to the health of the server, according to the health of different servers, allocated in a suitable server in a suitable server. At the same time, Alteon's fourth-layer switching technology has a web cache redirect function that can intercept the HTTP communication to the remote Internet host and reordbound these communications to the local cache server, which greatly accesses the Internet. The speed and saves a large number of valuable wide area network bandwidth. Moreover, this is completely transparent for users and information providers, and does not require user and information providers to do any settings.
The IP9000 Gigabit Router, launched by Cabletron's Smartswitch Router and Torrent NetworkingTechnologies, is also a product with a fourth floors. SMARTSWITCH ROUTER can realize the upgrade conversion of the backbone network to a comprehensive third, fourth floors, and its unique wide area network integration capability and access control capabilities based on the fourth floor exchange for network data transmission security. An orderly manner has been played in an orderly manner. In addition, CABLETRONSMARTSWITCHROUTER provides different levels of priority processing capabilities based on the QoS feature of the fourth floor exchange. Nine, fourth floors exchange and single function load balancing products
At present, the general single function load balancing products can be connected to 400 to 800 access per second. At the same time, the connection speed of a new generation of the second layer and the fourth layer function (hardware-based load balancing function using a customized integrated circuit) exceeds 100,000 access per second.
The fourth layer switch is completely different from the dedicated load balancer in the form and function. Traditional hardware-based load balancer is a two-port device for optimized speed of 45 Mbps. The fourth layer switch is designed for high-speed intranet applications, which support 100Mbps or Gigabit interface.
Fourth floor exchange supports other functions in addition to load balancing function, such as based on the application type and the transfer stream control function of the user ID. With multi-stage queuing techniques, the fourth layer switch can mark the transport stream according to the application and assign a priority for the transport stream. In addition, the fourth floors are placed directly on the front of the server, which understands the application session content and user permissions, thus making it an ideal platform for preventing the unauthorized access server.
Ten, fourth floor exchange program
In this scenario, the load balancing of Web Server is implemented by using Alteon's fourth-floors.
HTTP is the most important application in the Internet. Web Server, which is widely used in the Internet, is used by multi-process technology, which takes up more system resources, low efficiency, usually a Web Server can only withstand hundreds of concurrent users. Using the fourth layer switch can solve the Web Server scalability, improve the reliability of the web server system and reasonably allocate the load between WebServer.
Alteon's Fourth-floors monitor the availability of Web Server, including physical connections, Web Server hosts, and HTTP Server itself's health. Web Server. The Alteon Fourth-floors can also ensure the reliability of the web system by setting the maximum number of sessions that each Web Server can bear, set overflow web server, backup web server, etc.
WEB Server uses a variety of load balancing algorithms when implementing load balancing in the same LAN, including Least Connection, Round Robin, MinMiss, and Hash algorithms, and weighted algorithms.
When web server is not in the same LAN, use the Alteon switch's Globaload Balance technology to realize the rationality of load balancing.
