Cisco Catalyst 6500 Series Content Switching Module with SSL
PDF(104.5 KB) View with Adobe Reader on a variety of devices
Updated:November 29, 2004
The Cisco® Content Switching Module (CSM) is a line card for the Cisco Catalyst® 6500 Series Switch that enhances the experience and response for client traffic to end points, such as groups of servers, caches, firewalls, Secure Sockets Layer (SSL) devices, and VPN termination devices. The Cisco CSM provides a high-performance, cost-effective load-balancing solution for enterprise and Internet service provider networks, allowing these organizations to provide customers, employees, and business partners with the best possible online experience. The Cisco CSM meets the demands of high-speed content delivery networks, tracking network sessions and server load conditions in real time and directing client requests to the appropriate device. Fault-tolerant Cisco CSM configurations maintain full state information and provide true transparent failover required for mission-critical applications.
The Cisco CSM provides the following benefits:
• Market-leading performance-The Cisco CSM establishes up to 165,000 connections per second and provides high-speed content switching while maintaining 1 million concurrent connections.
• Outstanding price-performance value-The Cisco CSM features a low connection cost and occupies a small footprint, sliding into a slot in a new or existing Cisco Catalyst 6500 Series chassis.
• Optimized data center performance-The Cisco CSM allows organizations to increase the scalability and performance of server farms, cache clusters, and groups of VPN, SSL, and firewall devices. In addition, the Cisco CSM provides organizations with the highest level of device redundancy for business-critical applications and services.
• High scalability-Multiple Cisco CSMs can be installed in the same Cisco Catalyst 6500 Series chassis to provide scalable performance as well as redundancy.
• Easy configuration-The Cisco CSM uses the same Cisco IOS® Software command-line interface (CLI) that is used to configure the Cisco Catalyst 6500 Series Switch.
• Enhancement of existing infrastructure-By adding a Cisco CSM to a new or existing Cisco Catalyst 6500 Series Switch, customers can set every port in the Cisco Catalyst Switch to perform Layer 2 to Layer 7 services, providing the capability to intelligently switch traffic.
Figure 1 shows a Cisco Catalyst 6500 Series CSM configuration.
Figure 1. Cisco Catalyst 6500 Series CSM Configuration
Cisco CSM Features
The Cisco CSM performs up to 165,000 new Layer 4 TCP connection setups per second and up to one million concurrent connections. These connections can be sent to 4000 virtual servers through any available switch ports to up to 16,000 real servers or devices. The capability to use one or any switch port provides an advantage over products that use distributed architectures requiring the use of all ports to gain maximum performance.
The Cisco CSM supports many different network topology types. The Cisco CSM can operate in a mixed bridged and routed configuration, allowing traffic to flow from the client side to the server side on the same or different IP subnets.
IP Protocol Support
The Cisco CSM accommodates a wide range of common IP protocols, including TCP and User Datagram Protocol (UDP). Additionally, the Cisco CSM supports higher-level protocols, including HTTP, FTP, Telnet, Real Time Streaming Protocol (RTSP), Domain Name System (DNS), and Simple Mail Transfer Protocol (SMTP).
The Cisco CSM supports the following load-balancing algorithms:
• Round Robin
• Weighted Round Robin
• Least Connections
• Weighted Least Connections
• Source and Destination IP Hash (subnet mask also configurable)
• URL Hashing
URL and Cookie-Based Load Balancing
The Cisco CSM allows full regular expression pattern matching for policies based on URLs, cookies, and HTTP header fields. The Cisco CSM supports any URL or cookie format-allowing it to load balance existing Web content without requiring URL or cookie format changes.
The Cisco CSM continuously monitors server and application availability using a variety of probes, in-band health monitoring, return-code checking, and the Dynamic Feedback Protocol (DFP). When a real server or gateway failure occurs, the Cisco CSM redirects traffic to a different location. Servers are added and removed without disrupting service-systems easily can be scaled up or down.
Two Cisco CSMs can be configured in a fault-tolerant configuration to share state information about user sessions and provide transparent connection redundancy-an important requirement for e-commerce sites and sites where encryption is used. If an active Cisco CSM fails, open connections quickly are switched to a standby Cisco CSM without interruption, providing failover that is transparent to the user.
Often it is important that an end user consistently be directed to the same end device for the duration of a session, particularly when SSL is employed for data encryption or shopping carts are used, as in e-commerce environments. The Cisco CSM offers the following solutions to provide session persistence to help ensure that a client request goes to the correct end device:
• Stickiness based on SSL session ID, source IP address, cookie, or HTTP redirection
• Cookie offset and length, allowing an administrator to define the static portion of a dynamic cookie to use for persistence
The Cisco CSM synchronizes persistence information from an active Cisco CSM to a backup Cisco CSM to provide failover that is transparent to a user.
The Cisco CSM provides a last line of defense for a data center with the capability to fend off malicious traffic, such as that typical of a SYN distributed-denial-of-service (DDoS) attack. In addition to protecting a data center from malicious traffic, the Cisco CSM continues to operate and to forward valid client requests to help ensure that services are not interrupted.
Firewall Load Balancing
The Cisco CSM allows organizations to scale firewall protection by distributing traffic across multiple firewall devices while helping ensure that all packets belonging to a particular connection go through the same firewall. Both stealth and regular firewalls are supported.
Quality of Service
Using the robust quality-of-service (QoS) capabilities of the Cisco Catalyst 6500 Series, the Cisco CSM provides the right level of service to customers, adding the capability to do the following:
• Correctly prioritize mission-critical packets based on Layer 7 rules
• Direct higher-priority customers to faster or less-loaded servers
• Total VLANs (client and server): 512
• Virtual servers: 4000
• Server farms: 4000
• Real servers: 16,000
• Probes: 4000
• Access control list (ACL) items: 16,000
Table 1 summarizes performance data for the Cisco Catalyst 6500 Series CSM.
Table 1. Performance Summary
• One million concurrent TCP connections
• 165,000 connection setups per second-Layer 4
• Total combined throughput of 4 Gbps (client-to-server and server-to-client)
• 1.25 million packets per second
Cisco Catalyst 6500 Series Switch Platform Requirements
• Switches running only Cisco IOS software
• Switches running a combination of Cisco ISO software and Cisco Catalyst operating system
• Functions as a bus-enabled line card
• Supervisor Engine 1A
• Supervisor Engine 2
• Supervisor Engine 720
• Multilayer Switch Feature Card (MSFC) or MSFC2
• Occupies slot in the Cisco Catalyst 6500 Series chassis
• Dimensions (H x W x D): 1.2 x 14.4 x 16 inches (3.0 x 35.6 x 40.6 centimeters)
• Weight: 5 pounds (2.27 kilograms)
• Operating temperature: 32 to 104.5ºF (0 to 40ºC)
• Non-operating temperature: -40 to 158ºF (-40 to 70ºC)
• Operating relative humidity: 10 to 90 percent (non-condensing)
• Non-operating relative humidity: 5 to 95 percent (non-condensing)
• Operating and non-operating altitude: sea level to 10,000 feet (3,050 meters)
• Emissions: FCC Part 15 (CFR 47) Class A, ICES-003 Class A, EN55022 Class A, CISPR22 Class A, and AS NZS 3548 Class A
• Safety: CE Marking according to UL 1950, CSA 22.2 No. 950, EN 60950, IEC 60950, TS 001, and AS/NZS 3260
Cisco Catalyst 6500 Series CSM Ordering Information