Guest

Cisco Services Modules

Configuring IOS Server Load Balancing with HTTP Probes in the Dispatched Mode

Document ID: 15055

Updated: Feb 10, 2006

   Print

Introduction

The Cisco IOS® Server Load Balancing (SLB) feature is a Cisco IOS-based solution that provides server load balancing. This feature allows you to define a virtual server that represents a cluster of real servers, known as a server farm. When a client initiates a connection to the virtual server, the IOS SLB load balances the connection to a chosen real server, depending on the configured load-balance algorithm or predictor.

IOS SLB can be configured to operate in the following two modes.

  • dispatched mode—In this mode, the virtual server address is known to the real servers. You must configure each of the real servers with loopback addresses for their unique loopback interface. This is necessary to give each machine in the server farm the same IP address as the actual virtual server. The destination real server will then be allowed to respond directly to clients using the loopback address, just as it would for its own IP address. IOS SLB redirect packets to the real server at Layer 2 at the media access control (MAC) layer. Since the virtual server IP address is not modified in dispatched mode, the real servers must be Layer 2-adjacent to IOS SLB, or intervening routers might not be able to route to the chosen real server.

  • directed mode—In this mode, the virtual server can be assigned to a IP address that is unknown to the real servers. IOS SLB translates packets exchanged between a client and real server, translating the virtual server IP address to a real server address through Network Address Translation (NAT). To use the directed mode, add the nat server command to the server farm.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

  • Catalyst 6000 family Supervisor IOS Release 12.1(6)E for Supervisor Engine 1 with MSFC1 (c6sup11-jsv-mz.121-6.E1)

  • Microsoft Windows 2000/IIS Web Servers

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to the Cisco Technical Tips Conventions for more information on document conventions.

Configure

HTTP Probes

IOS SLB supports Hypertext Transfer Protocol (HTTP) probes, ping probes, and Wireless Session Protocol (WSP) probes. You can use the HTTP probe method to verify connectivity and to monitor the real servers being load balanced. Probes determine the status of each real server in the server farm. In this example, HTTP probes are configured using TCP port 80. The HTTP probes are configured to connect every eight seconds and to request a method get command, looking for a 200 response code from the server. These configurations are all default values.

Network Diagram

This document uses this network setup:

ios_slb-01.gif

Configurations

IOS SLB Configuration Using Catalyst 6509
Current configuration:

version 12.1

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname cat6

!

boot buffersize 126968

boot system flash slot0:c6sup11-jsv-mz.121-6.E1.bin

!

redundancy

 main-cpu

  auto-sync standard

ip subnet-zero

!

no ip finger

no ip domain-lookup

!

ip slb probe KEEPALIVE http

!

ip slb serverfarm SERVERS

 probe KEEPALIVE

 !

 real 10.1.1.3

  inservice

 !

 real 10.1.1.5

  inservice

!

ip slb vserver WEBSITE

 virtual 172.17.63.215 tcp www

 serverfarm SERVERS

 inservice

!

cns event-service server

!

interface GigabitEthernet1/1

 no ip address

 shutdown

!

interface GigabitEthernet1/2

 no ip address

 shutdown

!

interface FastEthernet2/1

 no ip address

 switchport

 switchport access vlan 100

 switchport mode access

!

interface FastEthernet2/2

 no ip address

 shutdown

!

interface FastEthernet2/3

 no ip address

 switchport

 switchport access vlan 200

 switchport mode access

!

interface FastEthernet2/4

 no ip address

 switchport

 switchport access vlan 200

 switchport mode access

!

interface FastEthernet2/5

 no ip address

 shutdown

!

interface FastEthernet2/48

 no ip address

 shutdown

!         

interface Vlan1

 no ip address

 shutdown

!

interface Vlan100

 ip address 172.17.63.211 255.255.255.192

!

interface Vlan200

 ip address 10.1.1.250 255.255.255.0

!

ip default-gateway 172.17.63.193

ip classless

ip route 0.0.0.0 0.0.0.0 172.17.63.193

no ip http server

!

line con 0

 transport input none

line vty 0 4

 password cisco

 login

!

end

show Commands and Command Summary

show ip slb mode Command

The show ip slb mode command displays the status of the SLB mode.

cat6#show ip slb mode 
     SLB forwarding mode = rp (default) 
     SLB configured mode = rp (default) 

To run Cisco IOS SLB software, you must configure the mode using the show ip slb mode [csm | rp] command before any configuration. In the show ip slb mode command, the rp argument is default. You can only configure csm argument if you have the Content Switching Module (CSM). The CSM provides high-performance connections between network devices server farms based on Layer 4 through 7 information packets. You can represent a group of real servers (server farm) as a single server instance (virtual server), balance the traffic to the server farm by selecting one of the real servers (server load balancing), and limit traffic to individual servers (sticky connections) and server farms (policies). For more information, see Configuring Secure (Router) Mode on the Content Switching Module.

show ip slb vserver Command

The show ip slb vserver command displays the virtual server information. Below you also see the state of the virtual server and how many connections there are:

cat6#show ip slb vserver 

slb vserver      protocol      virtual              state      conns 
------------------------------------------------------------------------ 
WEBSITE         TCP       172.16.63.215/32:80      OPERATIONAL   0 

show ip slb reals Command

The show ip slb reals command displays information for each real server, such as the server farm where each server resides, the servers' states, thresholds, and connections.

cat6#show ip slb reals 

real             server farm      weight     state        conns 
------------------------------------------------------------------- 
10.1.1.5         SERVERS           8        OPERATIONAL     0 
10.1.1.3         SERVERS           8        OPERATIONAL     0 

show ip slb serverfarms Command

The show ip slb serverfarms command displays the server farm information. This command shows the predictor used for load balancing. In this example round robin, which is default, is being used. You will see "none" under NAT because the device is in dispatched mode.

cat6#show ip slb serverfarm 

server farm      predictor    nat        reals    redirect    bind id 
-------------------------------------------------------------------------- 
SERVERS       roundrobin     none         2          0             0 

show ip slb conns Command

The show ip slb conns [vserver virtual_server-name | client ip-address | firewall firewallfarm-name] [detail] command displays the active connections.

  • vserver - Displays only those connections connected to a particular virtual server.

  • virtualserver-name - Name of the virtual server.

  • client - Displays connections with a particular client IP address.

  • ip-address - IP address of the client.

  • detail - Displays detailed connection information.

If no options are specified, the show ip slb conns command displays the output for all active IOS SLB connections.

cat6#show ip slb conns 

vserver         prot    client             real                state            nat 
----------------------------------------------------------------------- --------------- 
WEBSITE         TCP  10.21.188.123:2187    10.1.1.5            ESTAB            none 
WEBSITE         TCP  10.21.188.123:2190    10.1.1.5            CLOSING       	none 
WEBSITE         TCP  10.21.188.123:2192    10.1.1.3            ESTAB            none 
WEBSITE         TCP  10.21.188.123:2197    10.1.1.3            CLOSING       	none 
WEBSITE         TCP  10.21.188.123:2200    10.1.1.5            SYNCLIENT        none 
WEBSITE         TCP  10.21.188.123:2201    10.1.1.5            SYNCLIENT        none 

cat6#show ip slb conns detail 

WEBSITE, client = 10.21.188.123:2187 state = ESTAB, real = 10.1.1.5, 
nat = none  v_ip = 172.17.63.215:80, TCP, service = NONE 
  client_syns = 1, sticky = FALSE, flows attached = 0 
WEBSITE, client = 10.21.188.123:2205 state = CLOSING, real = 10.1.1.5, 
nat = none v_ip = 172.17.63.215:80, TCP, service = NONE 
  client_syns = 3, sticky = FALSE, flows attached = 0 
WEBSITE, client = 10.21.188.123:2206 state = ESTAB, real = 10.1.1.5, 
nat = none v_ip = 172.17.63.215:80, TCP, service = NONE 
  client_syns = 2, sticky = FALSE, flows attached = 0 

show ip slb probe Command

The show ip slb probe command displays information about an IOS SLB.

There are three operational states of the probe:

  • FAILED - The probe has currently failed.

  • OPERATIONAL - The probe is functioning normally.

  • TESTING - The probe never succeeded, due to no response. IOS SLB keeps no counters or timers for this state.

The other information displayed is the following:

  • Outages - The number of intervals between successful probes.

  • Current - The time since the last probe success. That is, the duration (so far) of the current outage.

  • Cumulative - The total time the real server has been under the probe test and has failed. This value is the sum of the Current time plus the total time of all previous Outages.

cat6#show ip slb probe 

Server:Port          	State        Outages  	Current    Cumulative 
----------------------------------------------------------------------- 
10.1.1.3:80             OPERATIONAL    1        never         00:05:22 
10.1.1.5:80             OPERATIONAL    0        never         00:00:00 

Dispatched Mode Loopback

After you have configured the SLB feature on the Catalyst 6500, you must configure each real server with a loopback device/interface. Configure the virtual server's IP address as the loopback IP address, with a netmask of 255.0.0.0.

Route Table 
======================================================================= ==== 
Interface List 
0x1 ........................... MS TCP Loopback interface 
0x2 ...00 60 b0 87 dc 1a ...... AMD PCNET Family Ethernet Adapter 
0x1000004 ...02 00 4c 4f 4f 50 ...... MS LoopBack Driver 
======================================================================= ==== 
Active Routes: 
Network	        Destination         Netmask         Gateway     Interface   Metric 
0.0.0.0         0.0.0.0             10.1.1.250      10.1.1.3        1 
10.1.1.0        255.255.255.0       10.1.1.3        10.1.1.3        1 
10.1.1.3        255.255.255.255     127.0.0.1       127.0.0.1       1 
10.255.255.255  255.255.255.255     10.1.1.3        10.1.1.3        1 
127.0.0.0       255.0.0.0           127.0.0.1       127.0.0.1       1 
172.17.63.215   255.255.255.255     127.0.0.1       127.0.0.1       1 
224.0.0.0       224.0.0.0           10.1.1.3        10.1.1.3        1 
224.0.0.0       224.0.0.0           172.17.63.215   172.17.63.215   1 
255.255.255.255 255.255.255.255     10.1.1.3        10.1.1.3        1 
======================================================================= ==== 

Examine the network address in each row of the table, where you see the loopback address appears. For the servers to communicate properly, you need a reference to a well-known multicast network address. This is in the eighth row of the example, so you need to delete the extra default-route. This is the one whose network address begins with the same first digit as the cluster address, and is followed by three zeroes. In the example above, the extra route is in the second row.

The following are well-known multicast network addresses:

224.0.0.0      224.0.0.0    172.17.63.215      172.17.63.215       1 

The following are automatically-installed default routes removed from the above table:

0.0.0.0          0.0.0.0    172.17.63.193   172.17.63.215       1

You must delete the extra route to allow proper communication with the SLB virtual server.

Verify

There is currently no verification procedure available for this configuration.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Feb 10, 2006
Document ID: 15055