Getting Started Guide vA5(1.0), Cisco ACE 4700 Series Application Control Engine Appliance
Configuring Server Load Balancing
Downloads: This chapterpdf (PDF - 177.0KB) The complete bookPDF (PDF - 2.98MB) | Feedback

Configuring Server Load Balancing

Table Of Contents

Configuring Server Load Balancing

Information About Server Load Balancing

Configuring Server Load Balancing

Configuring Layer 7 Server Load Balancing Using the Device Manager GUI

Configuring Layer 7 Server Load Balancing Using the CLI

Configuring Real Servers

Creating a Server Farm

Creating a Virtual Server Traffic Policy

Configuration Example for Configuring Server Load Balancing

Where to Go Next


Configuring Server Load Balancing


This chapter describes how to configure server load balancing on the Cisco 4700 Series Application Control Engine (ACE) appliance. This chapter contains the following sections:

Information About Server Load Balancing

Configuring Server Load Balancing

Configuration Example for Configuring Server Load Balancing

Where to Go Next

Information About Server Load Balancing

After reading this chapter, you should have an understanding of the basic server load-balancing capabilities provided by the ACE appliance. You should also be able to configure a virtual server for Layer 7 load-balancing purposes.

When there is a client request for web services, a load-balancing device decides to which server it should send the request. For example, a client request may consist of an HTTP GET for a web page or an FTP GET to download a file. The ACE, as a server load balancer, selects a server that can successfully fulfill the client request in the shortest amount of time without overloading either the server or the server farm as a whole.

The ACE uses a virtual server to intercept web traffic to a website. A virtual server allows multiple real servers to appear as one for load-balancing purposes. A virtual server, also called a Virtual IP (VIP), is defined by its IP address, the protocol used (for example, UDP or TEC), and the port address.

Multiple servers grouped together in server farms are assigned to each virtual server and the ACE appliance carries out load balancing across them. Real servers are dedicated servers that provide services to clients—for example, delivery of HTTP or XML content. Server farms contain the same content and typically reside in the same physical location in a data center.

This chapter describes how to configure a virtual server using either the Device Manager GUI or the CLI, using the network setup example illustrated in Figure 6-1.

Figure 6-1 Example Server Load-Balancing Setup

The configuration of the example setup is as follows:

A virtual server VS_web is created with a virtual IP address 10.10.40.10 to forward the client traffic from VLAN 400 to the application servers in VLAN 500.

There are four real servers grouped into the server farm SF_web.

The virtual server uses a round-robin predictor to forward the client requests to one of the real servers in the server farm.

For information about implementing server load balancing on the ACE, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine

Configuring Server Load Balancing

To configure server load-balancing, you can use either the ACE Device Manager user interface (GUI) or the CLI.

Configuring Layer 7 Server Load Balancing Using the Device Manager GUI

Configuring Layer 7 Server Load Balancing Using the CLI

Configuring Layer 7 Server Load Balancing Using the Device Manager GUI

You can configure Layer 7 server load balancing using the Device Manager GUI by following these steps:


Step 1 Choose Load Balancing > Virtual Servers. The Virtual Servers pane appears. Choose the user context VC_web.

Step 2 Click Add (+) to add a new virtual server. The Virtual Server configuration window appears.

By default, the Basic View configuration option is selected and the Properties section is open.

Step 3 In Properties, enter the following virtual server attributes. Leave the remaining attributes blank or with their default values.

Virtual Server Name: VIP_web

Virtual IP Address: 10.10.40.10


Note A client request targeted at a website (a URL) is translated to an IP address according to the Domain Name System (DNS). A virtual IP address assigned to a virtual server is the IP address that corresponds to the URL of the website from which the client requests services.


Transport Protocol: TCP

Application Protocol: HTTP

Port: 80

VLAN: 400

Step 4 In the Default L7 Load-Balancing Action section, choose Load Balance from the Primary Action drop-down list.

Step 5 Choose *New* from the Server Farm drop-down list to configure a new server farm.

Step 6 Enter the following server farm attributes. Leave the remaining attributes blank or with their default values.

Name: SF_web

Type: Host

Predictor: Round Robin

Step 7 Click Add (+) to add a new entry to the Real Servers pane. A new entry appears in the Real Servers pane.

Step 8 Enter the following attributes for the first real server to be configured. Leave the remaining attributes blank or with their default values.

Name: RS_web1

IP Address: 10.10.50.10

Port: 80

Weight: 8

State: In Service

Click OK to save the attributes of the first real server.


Note For information on how to configure a health probe, see Chapter , "Configuring Health Monitoring Using Health Probes".


Step 9 Add three more entries to the Real Servers pane by repeating Steps 7 and 8 with the following real server names and corresponding IP addresses. Leave the remaining attributes with their default values.

For RS_web2, enter:

Name: RS_web2

IP Address: 10.10.50.11

Port: 80

For RS_web3, enter:

Name: RS_web3

IP Address: 10.10.50.12

Port: 80

For RS_web4, enter:

Name: RS_web4

IP Address: 10.10.50.13

Port: 80

Step 10 Click Deploy Now at the bottom of the window to save your settings for the virtual server. The Virtual Servers pane reappears. The newly configured virtual server appears in the pane and is in the Inservice state, which means that the virtual server is in use as a destination for server load balancing.


Configuring Layer 7 Server Load Balancing Using the CLI

You can configure Layer 7 server load balancing using the command-line interface (CLI). This section contains the following topics:

Configuring Real Servers

Creating a Server Farm

Creating a Virtual Server Traffic Policy

Configuring Real Servers

Configure real servers on the ACE using the CLI by following these steps:


Step 1 Verify that you are operating in the desired context by checking the CLI prompt. If necessary, change to the correct context.

host1/Admin# changeto VC_web 
host1/VC_web# 
 
   

Step 2 Enter configuration mode.

host1/VC_web# config 
 
   

Step 3 Create a real server named RS_web1 as type host (the default).

host1/VC_web(config)# rserver RS_web1
host1/VC_web(config-rserver-host)#
 
   

Step 4 Enter a description of the real server.

host1/VC_web(config-rserver-host)# description content server web-one
 
   

Step 5 Assign the real server with an IP address of 10.10.50.10.

host1/VC_web(config-rserver-host)# ip address 10.10.50.10
 
   

Step 6 Place the real server in service and exit configuration mode.

host1/VC_web(config-rserver-host)# inservice
host1/VC_web(config-rserver-host)# exit
host1/VC_web(config)#
 
   

Step 7 Add three more real servers by repeating Steps 3 through 6, using the following real server names, descriptions, and IP addresses.

For RS_web2, enter:

Name: RS_web2

Description: content server web-two

IP Address: 10.10.50.11

For RS_web3, enter:

Name: RS_web3

Description: content server web-three

IP Address: 10.10.50.12

For RS_web4, enter:

Name: RS_web4

Description: content server web-four

IP Address: 10.10.50.13

Step 8 Display the configuration of the real servers.

host1/VC_web(config)# do show running-config rserver
 
   

Creating a Server Farm

After you create and configure the real servers, you can create a server farm and associate the real servers with it. Create a server farm by following these steps:


Step 1 Create a server farm of type host (the default) named SF_web.

host1/VC_web(config)# serverfarm SF_web
host1/VC_web(config-sfarm-host)#
 
   

Step 2 Associate real server RS_web1 to the server farm through port 80.

host1/VC_web(config-sfarm-host)# rserver RS_web1 80
host1/VC_web(config-sfarm-host-rs)#
 
   

Step 3 Place the real server in service within the server farm and exit configuration mode.

host1/VC_web(config-sfarm-host-rs)# inservice 
host1/VC_web(config-sfarm-host-rs)# exit
host1/VC_web(config-sfarm-host)#
 
   

Note Before you can start sending connections to a real server in a server farm, you must place it in service. Otherwise, the ACE considers it out of service and the server farm cannot receive or respond to client requests.


Step 4 Similarly, associate the RS_web2, RS_web3, and RS_web4 real servers with the SF_web server farm.

host1/VC_web(config-sfarm-host)# rserver RS_web2 80
host1/VC_web(config-sfarm-host-rs)# inservice
host1/VC_web(config-sfarm-host-rs)# exit
host1/VC_web(config-sfarm-host)# rserver RS_web3 80
host1/VC_web(config-sfarm-host-rs)# inservice
host1/VC_web(config-sfarm-host-rs)# exit
host1/VC_web(config-sfarm-host)# rserver RS_web4 80
host1/VC_web(config-sfarm-host-rs)# inservice
host1/VC_web(config-sfarm-host-rs)# exit
 
   

Step 5 Exit server farm configuration mode.

host1/VC_web(config-sfarm-host)# exit
host1/VC_web(config)#
 
   

Step 6 Display the information for the real servers and verify that the real servers appear as operational (even though network connectivity has not been established).

host1/VC_web(config)# do show rserver RS_web1
host1/VC_web(config)# do show rserver RS_web2
host1/VC_web(config)# do show rserver RS_web3
host1/VC_web(config)# do show rserver RS_web4
 
   

Step 7 Display how the ACE populates the ARP table with the real servers.

host1/VC_web(config)# do show arp
 
   

Creating a Virtual Server Traffic Policy

You can create a virtual server traffic policy on the ACE by following these steps:


Step 1 Create a Layer 7 server load-balancing policy map named PM_LB to match the class maps in the order in which they occur for load balancing.

host1/VC_web(config)# policy-map type loadbalance first-match PM_LB
host1/VC_web(config-pmap-lb)#
 
   

Note The ACE uses a class map to specify a series of flow match criteria (traffic classifications). The ACE uses a policy map to define a series of actions (functions) that you want applied to a set of classified inbound traffic.


Step 2 For a simple load-balancing policy, assign the ACE default class map which contains an implicit match any statement to match any traffic classification.

host1/VC_web(config-pmap-lb)# class class-default
host1/VC_web(config-pmap-lb-c)#
 
   

Step 3 Add the server farm SF_web to the Layer 7 server load-balancing policy map and exit configuration mode.

host1/VC_web(config-pmap-lb-c)# serverfarm SF_web
host1/VC_web(config-pmap-c)# exit
host1/VC_web(config-pmap)# exit
host1/VC_web(config)#
 
   

Step 4 Create a Layer 3 and Layer 4 load-balancing class map VS_web.

host1/VC_web(config)# class-map VS_web
host1/VC_web(config-cmap)# 
 
   

Step 5 Define a match statement for the IP address 10.10.40.10 for any IP protocol and exit configuration mode.

host1/VC_web(config-cmap)# match virtual-address 10.10.40.10 255.255.255.0 tcp eq 80
host1/VC_web(config-cmap)# exit
host1/VC_web(config)#
 
   

Step 6 Create a Layer 3 and Layer 4 multi-match policy map to direct classified incoming requests to the load-balancing policy map.

host1/VC_web(config)# policy-map multi-match PM_multi_match
host1/VC_web(config-pmap)#
 
   

Step 7 Associate the Layer 3 and Layer 4 class map VS_web with the policy map.

host1/VC_web(config-pmap)# class VS_web
host1/VC_web(config-pmap-c)#
 
   

Step 8 Associate the Layer 7 load-balancing policy map PM_LB with the Layer 3 and Layer 4 policy map.

host1/VC_web(config-pmap-c)# loadbalance policy PM_LB
host1/VC_web(config-pmap-lb-c)#
 
   

Step 9 Enable a VIP for load-balancing operations and exit configuration mode.

host1/VC_web(config-pmap-lb-c)# loadbalance vip inservice
host1/VC_web(config-pmap-c)# exit
host1/VC_web(config-pmap)# exit
host1/VC_web(config)#
 
   

Step 10 Access the interface to which you want to apply the multi-match policy map.

host1/VC_web(config)# interface vlan 400
host1/VC_web(config-if)#
 
   

Step 11 Apply the multi-match policy map PM_multi_match.

host1/VC_web(config-if)# service-policy input PM_multi_match
host1/VC_web(config-if)# exit
host1/VC_web(config)#
 
   

Step 12 Save the running configuration to the startup configuration.

host1/VC_web(config)# do copy running-config startup-config
 
   

Step 13 Display the service policy state for the PM_multi_match policy map.

host1/VC_web(config)# do show service-policy PM_multi_match
 
   

Configuration Example for Configuring Server Load Balancing

The following example shows how to configure server load balancing. The commands that you have configured in this chapter appear in bold text.

switch/VC_web(config)# do show running config
Generating configuration....
 
   
access-list INBOUND line 8 extended permit ip any any
 
   
rserver host RS_WEB1
  description content server web-one
  ip address 10.10.50.10
  inservice
rserver host RS_WEB2
  description content server web-two
  ip address 10.10.50.11
  inservice
rserver host RS_WEB3
  description content server web-three
  ip address 10.10.50.12
  inservice
rserver host RS_WEB4
  description content server web-four
  ip address 10.10.50.13
  inservice
 
   
serverfarm host SF_WEB
  rserver RS_WEB1 80
    inservice
  rserver RS_WEB2 80
    inservice
  rserver RS_WEB3 80
    inservice
  rserver RS_WEB4 80
    inservice
 
   
class-map type management match-any REMOTE_ACCESS
  description Remote access traffic match
  2 match protocol ssh any
  3 match protocol telnet any
  4 match protocol icmp any
class-map match-all VS_WEB
  2 match virtual-address 10.10.40.10 tcp eq www
 
   
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
  class REMOTE_ACCESS
    permit
policy-map type loadbalance first-match PM_LB
  class class-default
    serverfarm SF_WEB
policy-map multi-match PM_MULTI_MATCH
  class VS_WEB
    loadbalance vip inservice
    loadbalance policy PM_LB
 
   
service-policy input REMOTE_MGMT_ALLOW_POLICY
 
   
interface vlan 400
  description Client connectivity on VLAN 400
  ip address 10.10.40.1 255.255.255.0
  access-group input INBOUND
  service-policy input PM_MULTI_MATCH
  no shutdown
interface vlan 500
  description Server connectivity on VLAN 500
  ip address 10.10.50.1 255.255.255.0
  no shutdown
 
   
ip route 0.0.0.0 0.0.0.0 172.25.91.1
 
   
domain DOMAIN1
add-object all
 
   
username USER1 password 5 $1$vAN9gQDI$MmbmjQgJPj45lxbtzXPpB1 role SLB-Admin domain DOMAIN1

Where to Go Next

In this chapter, you have configured a virtual server for load-balancing HTTP traffic. In the next chapter, you will configure a load-balancing predictor to forward client requests to the appropriate real servers.