Designing Content Switching Solutions (Hardcover)
暫譯: 設計內容切換解決方案 (精裝版)

Description

A practical guide to the design and deployment of content switching solutions for mission-critical applications in data center environments

• Design and deploy content switching solutions in the data center using this definitive guide
• Learn about various content switching design approaches with implementation details, requirements for each solution, and design caveats
• Examine detailed case studies that include configuration examples based on deployed content switching solutions
• Explore scaling server load balancing within the data center, integrated data center design, and GSLB using DNS or IP
• Assists network administrators in managing their content switching solutions

With the advent of e-commerce and Internet-accessible applications, more and more enterprises and service providers rely on data center services to grow their businesses. Content switching solutions, such as load balancing, caching, and disaster recovery for applications, are an essential data center technology and a key to helping businesses run in an efficient and redundant fashion. Understanding content switching solutions is a must for network designers, engineers, and administrators who need to scale their networks to meet the demands of their business.

 

Designing Content Switching Solutions helps you understand content switching solutions using Cisco® content switching products. You’ll get a thorough grounding in the theories and concepts behind content switching and then examine specific solutions through case studies. The case studies in Designing Content Switching Solutions emulate real-world scenarios for the solutions covering some of the common features and functionality deployed in production networks.

 

Designing Content Switching Solutions begins by introducing you to server load balancing (SLB), load balancing HTTP, VPNs, firewalls, and migrations between SLB devices. From there, you move to Secure Socket Layer (SSL) using Cisco products, including providing end-to-end encryption from client to server using backend SSL. Later chapters explore advanced techniques, such as how to provide distributed data center solutions using global server load balancing (GSLB) and how to conduct scaling and integration of SLB with SSL and GSLB.

 

Intended for data center architects and managers, network engineers, network administrators, and project managers, Designing Content Switching Solutions shows you the best practices for each content switching solution, enabling you to design and deploy the most critical content switching solutions in the data center.

 

Table of Contents 

Foreword

Introduction

Part I    Server Load Balancing (SLB)

Chapter 1    Introduction to Server Load Balancing

    Why Load Balance?

        Scalability

        Availability and Redundancy

        Security

        Cost Effectiveness

    History of Server Load Balancing

        First-Generation Load Balancers

        Second-Generation Load Balancers

        Third-Generation Load Balancers

    Characterization of the Application

        Protocol and Port

        Sessions per Second

        Duration of Transaction

        Concurrent Sessions

        Idle Timeout

        Back End Sessions

        Session Stickiness

    SLB and SLB Modes

        Dispatch Mode

        Directed Mode

    SLB Designs

        Layer 2 Design

        Layer 3 Design

        One-Armed Design

        Direct Server Return

    Deciding on a Load Balancer

    Review of Infrastructure Design Concepts

        VLANs

        STP

        Dot1Q Trunking

        Dual Homed Servers

    Summary

Chapter 2    Introduction to the Cisco Content Services Switch

    CSS 11500 Platforms Overview

        CSS 11501

        CSS 11503

        CSS 11506

    CSS 11500 Architecture

        Distributed Architecture

        CSS 11500 Modules

        Switch Control Module for the Cisco 11500

        SSL Module for the Cisco 11500

        I/O Modules for the Cisco 11500

        Session Accelerator Module for the Cisco 11500

    Load Balancing with CSS 11500

        Services, Owners, and Content Rules

        CSS 11500 Flow Overview

    WebNS Software Features

        Infrastructure-Level Features

        Load-Balancing Algorithms

        High Availability

        SSL Integration for Security and Performance

        Local and Global Load Balancing

        Site and System Security

        Summary of WebNS Features

    Case Study: CSS-Based Solution

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        Design Options

        Traffic Flow

        Test and Verification

    Summary

Chapter 3    Introduction to the Cisco Content Switching Module

    Benefits of the Content Switch Module

    CSM Architecture

    Load Balancing with Content Switching Module

        Real Server, Virtual Server, SLB Policy, and More

        Load Balancing Methods

        VLAN Tag

        Client Group (Access Control List)

        IP Protocol Support

        High Availability

        Connection Redundancy

        User Session Persistence

    A Typical CSM Traffic Flow

    Routing with CSM

    CSM Network Integration Options

        CSM Layer 2 Design—Bridged Mode

        CSM Layer 3 Design I—Routed Mode with MSFC on the Client Side

        CSM Layer 3 Design II—Routed Mode with MSFC on the Server Side

        CSM Layer 3 Design III—One-Armed CSM Design

        CSM Layer 3 Design IV—Direct Server Return

    Case Study: CSM-Based Solution

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        Design Options

        Traffic Flow

        Test and Verification

    Summary

Chapter 4    Layer 7 Load Balancing and Content Customization

    Benefits of Layer 7 Load Balancing

        Scalability and Application Acceleration

        Session Persistence

        Content Customization

    Introduction to TCP

        Data Segments

        TCP Headers

        TCP Connection Establishment and Termination

        TCP Flow Control

    Introduction to HTTP

        Protocol Details

        HTTP Header Fields

        Differences Between HTTP Versions 1.0 and 1.1

    Layer 7 Load Balancing Mechanisms

        HTTP Methods-Based Load Balancing

        HTTP URL-Based Load Balancing

        HTTP Cookie-Based Load Balancing

        HTTP Cookie Passive-Based Persistence

        HTTP Cookie Learn-Based Persistence

        HTTP Cookie Insert-Based Persistence

    Case Study: Layer 7–Based Solution

        Server and Application Requirements

        Infrastructure Configuration

        Probe Configuration

        Online Download Application

        Online Shop Application

        Online User Profile Application

        Maximum HTTP Request Parse Length

        CSM Configuration

        Test and Verification

    Summary

Chapter 5    Firewall Load Balancing

    Reasons for and Benefits of FWLB

        Scalability

        Redundancy

        Manageability

    Types of Firewalls

        Packet-Based Firewalls

        Application-Based Firewalls

        Application Gateway or Proxy Firewalls

        Layer 2 or Stealth Firewalls

    Case Study: Firewall Load Balancing

        Server and Application Requirements

        Security Requirements

        Infrastructure Requirements

        FWLB Design Considerations

        FWLB Probes

        Traffic to the Firewalls

        Traffic from the Firewalls

        Router or Secure Mode

        Bridge Mode

        FWLB Algorithms

        Configuration Details of the INET Segment

        Configuration Details of the DMZ Segment

        Configuration Details of the LAN Segment

        Test and Verification

    Summary

Chapter 6    Transparent and Proxy Cache Load Balancing

    Benefits of Caching

    Caching Overview

    Mechanics of HTTP Caching

        HTTP Response Status Code

        HTTP Request Methods

        HTTP Cache-Control Directives

        Expiration and Validation

        Request Authentication

    Cisco Application Content Networking and Caching

        ACNS Roles

        ACNS Content Types

        Content Engine Architecture

    Transparent Caching Modes

        WCCP Protocols

        Redirection with the CSS

        IP Spoofing

    Proxy Caching Overview

    Server Proxy (Reverse Proxy Caching)

    Supported Protocols on the Content Engine

    Authentication and Management on the Content Engine

    Content Engine Models

    Case Study: Content Engine in a Transparent Caching-Based Solution

        Design Requirements

        Design Options

        Configuration Details

    Summary

Chapter 7    Load Balancing Streaming Video Servers

    Benefits of Load Balancing Streaming Video Servers

        Scalability

        Redundancy

    Introduction to Streaming

        Video Streaming Clients and Protocols

        Methods of Video Stream Initiation

    Types of Streaming Video Servers

        Apple QuickTime

        RealMedia

        Windows Media Technology

    Streaming Video Protocols

        Microsoft Media Server (MMS)

        RTP and RTSP

    Case Study: Load-Balancing Solution for Video Streaming

        CSS-Based Solution

        CSM-Based Solution

    Summary

Chapter 8    Virtual Private Network Load Balancing

    Benefits of VPN Load Balancing

    Introduction to Virtual Private Networks

    Virtual Private Network Protocols

        Internet Key Exchange Protocol (IKE)

        ESP and AH

    Case Study: VPN Load-Balanced Solution

        IKE Requirements

        ESP Requirements

        IPsec over UDP Requirements

        Design Options

        Directed Mode Solution

        Dispatch Mode Solution

    Summary

Chapter 9    Content Switching Device Migrations

    Motivation Behind Migration

        Evolution of Load Balancing

        Advanced Load-Balancing Methods

        Scalability and Performance

        Software Features and Functionality

    Migration Planning

        Migration Team

        Fallback Plan

        Methods and Procedures for the Maintenance Window

        Application Testing

    Case Study: Migration from CSS to CSM

        Infrastructure Requirements

        Server and Application Requirements

        Migration Configuration and Design Details

    Summary

Part II    Secure Socket Layer

Chapter 10    SSL Offloading

    Introduction to SSL

        Public Key Cryptography

        SSL Protocol Communication

        SSL Protocol Structure

        SSL Protocol Versions

    Introduction to SSLMs

        SSLM for the Catalyst 6500

        SSLM Deployments

        SSLM on the CSS

    Case Study: CSM and SSLM–Based Solution

        Design Requirements

        Design Details of a CSM and an SSLM–Based Solution

        Configuration Details

    Summary

Chapter 11    Back-End SSL Offloading

    Back-End SSL on Modules

        Back-End SSL on the SSLM for the Catalyst 6500

        Back-End SSL on the SSLM on the CSS

    Case Study: Back-End SSL Solution

        Requirements

        Design Options

        Configuration Details

Summary

Part III    Distributed Data Centers

Chapter 12    Global Server Load Balancing

    Motivation for GSLB

    Domain Name System (DNS) Overview

        DNS Architecture Components

        DNS Resolution Process

        DNS Resource Records and Zones

        Types of DNS Queries

    Global Site Selector

        GSLB Using GSS

        GSS Features and Performance

    Case Study: GSLB Solution Using GSS

        Requirements

        Topology

        GSS Network Setup

        GSS Secondary GSSM Activation

        CSS Setup in Primary Data Center

        CSS Setup in Secondary Data Center

        GSS Setup for the www.roundrobin.com Domain

        GSS Setup for the www.sticky.com Domain

        Configuration Details

    Summary

Chapter 13    IP-Based GSLB Using RHI

    Benefits of Using RHI

    Architecture

    Active/Standby Site-to-Site Recovery

        Autonomous System Prepending

        BGP Conditional Advertisements

        Design Limitations

    Implementation Details for Active/Standby Scenarios

        AS Prepending

        BGP Conditional Advertisement

    Active/Active Site-to-Site Load Distribution

    Implementation Details for Active/Active Scenarios

        OSPF Route Redistribution and Summarization

        BGP Route Redistribution and Route Preference

        Load Balancing Without IGP Between Sites

        Subnet-Based Load Balancing Using IGP Between Sites

        Application-Based Load Balancing Using IGP Between Sites

        Using NAT in Active/Active Load-Balancing Solutions

    Summary

PartIV    DataCenter Designs

Chapter 14    Scaling Server Load Balancing within a Data Center

    Benefits of Scaling Content Switching

        Scalability

        Performance

    Scaling Methodologies

        Distribution of Applications

        Using DNS for Application Scalability

        Using Route Health Injection for Application Scalability

    Application Distribution Approach

    DNS-Based Scaling Approach

        Predictable Traffic Flow

        Ease of Management and Maintenance

    RHI-Based Scaling Approach

        CSM RHI Configuration

        MSFC RHI Configuration and Routes

    Scaling Beyond Server Capacity

    Case Study: Scalable SLB Environment

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        DNS-Based Design

        RHI-Based Design

        Testing Maximum Connections

    Summary

Chapter 15    Integrated Data Center Designs

    Motivations Behind Integrated Data Center Designs

    Data Center Design 1: FWSM in the Core and Layer 3 CSM in Aggregation

        Design 1 Topology Details

        Design 1 Details

        Design 1 Configuration Details

    Data Center Design 2: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 2 Topology Details

        Design 2 Caveats

        Design 2 Configuration Details

    Data Center Design 3: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 3 Topology Details

        Design 3 Caveats

        Design 3 Configuration Details

    Data Center Design 4: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 4 Topology Details

        Design 4 Caveats

        Design 4 Configuration Details

    Case Study: Integrated Data Center Design

        Design Details

        Primary CSS (CSS 11506-1) Configuration Details

        Backup CSS (CSS 11506-2) Configuration Details

        Catalyst 6509 Configuration Details

        FWSM Configuration Details

    Summary

Index