Cisco IOS SLB Features Roadmap
This feature roadmap lists the Cisco IOS features documented in the Cisco IOS Server Load Balancing Configuration Guide and maps them to the sections in which they appear. Only features that were introduced or modified in Cisco IOS Release 12.2(1) or a later release appear in the table.
The roadmap is organized alphabetically by feature name. Find the feature name you are searching for and click the URL in the "Where Documented" column to access the section documenting that feature.
Feature and Release Support
Table 1-1 lists IOS SLB feature support for the following Cisco IOS software release trains:
•
Cisco IOS Release 12.2(1)
•Cisco IOS Release 12.2(14)S
•Cisco IOS Releases 12.2(14)ZA2, 12.2(14)ZA4, 12.2(14)ZA5, 12.2(14)ZA6
•Cisco IOS Releases 12.2(17d)SXB, 12.2(17d)SXB1
•Cisco IOS Release 12.2(17d)SXD
•Cisco IOS Release 12.2(17d)SXE
•Cisco IOS Releases 12.2(18)SXF, 12.2(18)SXF5, 12.2(18)SXF7
•Cisco IOS Release 12.2(33)SRB
•Cisco IOS Releases 12.2(33)SRC, 12.2(33)SRC1
•Cisco IOS Release 12.2(33)SRE
•Cisco IOS Release 15.0(1)S
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 1-1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, refer to the Cisco IOS IP Application Services Command Reference.
|
|
|
|
|
|---|---|---|---|
12.2(1) |
IOS Server Load Balancing (IOS SLB) |
The IOS SLB feature is an IOS-based solution that provides load balancing for a variety of networked devices and services. |
The following section provides information about this feature: |
12.2(14)S |
AAA Load Balancing |
IOS SLB provides RADIUS load-balancing capabilities for RADIUS authentication, authorization, and accounting (AAA) servers. |
The following section provides information about this feature: |
12.2(1) |
Active Standby |
Active standby enables two IOS SLBs to load-balance the same virtual IP address while at the same time acting as backups for each other. |
The following sections provide information about this feature: • |
12.2(1) |
Algorithms for Server Load Balancing |
IOS SLB provides the following load-balancing algorithms: • • |
The following sections provide information about this feature: • |
12.2(1) |
Alternate IP Addresses |
IOS SLB enables you to telnet to the load-balancing device using an alternate IP address. |
The following section provides information about this feature: |
12.2(33)SRC1 |
ASN Load Balancing |
IOS SLB provides load balancing across a set of ASN gateways. The cluster of gateways appears to the base station as one ASN gateway. |
The following sections provide information about this feature: • • The following commands were modified by this feature: debug ip slb, idle (virtual server), show ip slb sessions, show ip slb stats, show ip slb vservers, virtual |
12.2(33)SRE |
ASN Load Balancing: Stateful and Sticky Support |
Access Service Network (ASN) Load Balancing supports stateful redundancy and sticky connections. |
The following sections provide information about this feature: • • The following commands are new for this feature: clear ip slb sticky asn msid, gw port, show ip slb sticky The following commands were modified by this feature: debug ip slb, failaction (server farm), idle (virtual server), show ip slb sticky, sticky (virtual server) |
12.2(1) |
Audio and Video Load Balancing |
IOS SLB can balance RealAudio and RealVideo streams through Real-Time Streaming Protocol (RTSP), for servers running RealNetworks applications. |
The following section provides information about this feature: |
12.2(1) |
Automatic Server Failure Detection |
IOS SLB automatically detects each failed TCP connection attempt to a real server, and increments a failure counter for that server. If a server's failure counter exceeds a configurable failure threshold, the server is considered out of service and is removed from the list of active real servers. |
The following sections provide information about this feature: • |
12.2(14)ZA4 |
Automatic Server Failure Detection: Disabling Automatic Server Failure Detection |
IOS SLB automatically detects each failed TCP connection attempt to a real server, and increments a failure counter for that server. If a server's failure counter exceeds a configurable failure threshold, the server is considered out of service and is removed from the list of active real servers. |
The following sections provide information about this feature: • |
12.2(1) |
Automatic Unfail |
When a real server fails and is removed from the list of active servers, it is assigned no new connections for a length of time specified by a configurable retry timer. After that timer expires, the server is again eligible for new virtual server connections and IOS SLB sends the server the next qualifying connection. If the connection is successful, the failed server is placed back on the list of active real servers. If the connection is unsuccessful, the server remains out of service and the retry timer is reset. The unsuccessful connection must have experienced at least one retry, otherwise the next qualifying connection would also be sent to that failed server. |
The following section provides information about this feature: |
12.2(1) |
Avoiding Attacks on Server Farms and Firewall Farms |
A highly secure site can take certain steps to protect its server farms and firewall farms from attacks. |
The following section provides information about this feature: |
12.2(14)S |
Backup Server Farms |
A backup server farm is a server farm that can be used when none of the real servers defined in a primary server farm is available to accept new connections. |
The following sections provide information about this feature: |
12.2(1) |
Bind ID Support |
The bind ID allows one physical server to be bound to multiple virtual servers and report a different weight for each one. Thus, the single real server is represented as multiple instances of itself, each having a different bind ID. Dynamic Feedback Protocol (DFP) uses the bind ID to identify for which instance of the real server a given weight is specified. The bind ID is needed only if you are using DFP. |
The following sections provide information about this feature: |
12.2(1) |
Client-Assigned Load Balancing |
Client-assigned load balancing allows you to limit access to a virtual server by specifying the list of client IP subnets that are permitted to use that virtual server. With this feature, you can assign a set of client IP subnets (such as internal subnets) connecting to a virtual IP address to one server farm or firewall farm, and assign another set of clients (such as external clients) to a different server farm or firewall farm. |
The following section provides information about this feature: |
12.2(33)SRC |
Connection Rate Limiting |
IOS SLB enables you to specify the maximum connection rate allowed for a real server in a server farm. |
The following sections provide information about this feature: |
12.2(1) |
Content Flow Monitor Support |
IOS SLB supports the Cisco Content Flow Monitor (CFM), a web-based status monitoring application within the CiscoWorks2000 product family. You can use CFM to manage Cisco server load-balancing devices. CFM runs on Windows NT and Solaris workstations, and is accessed using a web browser. |
The following section provides information about this feature: |
12.2(1) |
Delayed Removal of TCP Connection Context |
Because of IP packet ordering anomalies, IOS SLB might "see" the end of a TCP connection (a finish [FIN] or reset [RST]) followed by other packets for the connection. This problem usually occurs when there are multiple paths that the TCP connection packets can follow. To correctly redirect the packets that arrive after the connection has ended, IOS SLB retains the TCP connection information, or context, for a specified length of time. The length of time the context is retained after the connection has ended is controlled by a configurable delay timer. |
The following sections provide information about this feature: • |
12.2(1) |
DFP Support |
IOS SLB supports the Dynamic Feedback Protocol (DFP). |
The following sections provide information about this feature: • |
12.2(14)S |
DFP Agent Subsystem Support |
IOS SLB supports the DFP Agent Subsystem feature, also called global load balancing, which enables client subsystems other than IOS SLB to act as DFP agents. With the DFP Agent Subsystem, you can use multiple DFP agents from different client subsystems at the same time. |
The following sections provide information about this feature: • • • |
12.2(17d)SXD |
DFP and the Home Agent Director |
For the Home Agent Director, you can define IOS SLB as a DFP manager and define a DFP agent on each home agent in the server farm, and the DFP agent can report the weights of the home agents. The DFP agents calculate the weight of each home agent based on CPU use, processor memory, and the maximum number of bindings that can be activated for each home agent. |
The following sections provide information about this feature: • • • • |
12.2(14)ZA5 |
Exchange Director Features |
IOS SLB supports the Exchange Director for the mobile Service Exchange Framework (mSEF) for Cisco 7600 series routers. |
The following section provides information about this feature: |
12.2(1) |
Firewall Load Balancing |
As its name implies, firewall load balancing enables IOS SLB to balance flows to firewalls. Firewall load balancing uses a load-balancing device on each side of a group of firewalls (called a firewall farm) to ensure that the traffic for each flow travels to the same firewall, ensuring that the security policy is not compromised. |
The following sections provide information about this feature: • • |
12.2(14)S |
Firewall Load Balancing: Multiple Firewall Farm Support |
You can configure more than one firewall farm in each load-balancing device. |
The following sections provide information about this feature: • • • |
12.2(33)SRE |
Firewall Load Balancing: Performance Improvements |
IOS SLB firewall load balancing enables you to avoid certain conditions that can result in high CPU usage. |
The following sections provide information about this feature: • • • • The following commands are new for this feature: purge connection, purge sticky The following command was modified by this feature: access (firewall farm) |
12.2(14)ZA5 |
Flow Persistence |
Flow persistence provides intelligent return routing of load-balanced IP flows to the appropriate node, without the need for coordinated hash mechanisms on both sides of the load-balanced data path, and without using Network Address Translation (NAT) or proxies to change client or server IP addresses. |
The following section provides information about this feature: |
15.0(1)S |
GPRS Load Balancing: Dual-Stack Support for GTP Load Balancing |
IPv6 support enables IOS SLB to manage IPv6 addresses for GTP load balancing, for all versions of GTP (v0, v1, v2). |
The following sections provide information about this feature: • • • The following command is new for this feature: show ip slb wildcard The following commands were modified by this feature: client (virtual server), real (server farm), serverfarm, show ip slb reals, show ip slb serverfarms, show ip slb sessions, show ip slb sticky, show ip slb vservers, show ip slb wildcard. |
12.2(17d)SXB1 |
GPRS Load Balancing: GGSN-IOS SLB Messaging |
This feature enables a GGSN to notify IOS SLB when certain conditions occur. The notifications enable IOS SLB to make intelligent decisions, which in turn improves GPRS load balancing and failure detection. |
The following sections provide information about this feature: |
12.2(14)ZA2 |
GPRS Load Balancing: |
GPRS load balancing with GTP cause code inspection enabled allows IOS SLB to monitor all PDP context signaling flows to and from GGSN server farms. This enables IOS SLB to monitor GTP failure cause codes, detecting system-level problems in both Cisco and non-Cisco GGSNs. |
The following sections provide information about this feature: • • • |
12.2(17d)SXE |
GPRS Load Balancing: |
IOS SLB can select a gateway general packet radio service (GPRS) support node (GGSN) for a given International Mobile Subscriber ID (IMSI), and forward all subsequent Packet Data Protocol (PDP) create requests from the same IMSI to the selected GGSN. |
The following sections provide information about this feature: • |
12.2(33)SRE |
GPRS Load Balancing: |
IOS SLB supports sticky-only for all versions of GTP (v0, v1, v2). |
The following section provides information about this feature: • The following command is new for this feature: gtp session (virtual server) The following command was modified by this feature: show ip slb sticky |
12.2(14)S |
GPRS Load Balancing: GTP v0 Support |
IOS SLB supports GTP Version 0 (GTP v0). Support for GTP enables IOS SLB to become "GTP aware," extending IOS SLB knowledge into Layer 5. |
The following sections provide information about this feature: • • • |
12.2(14)ZA2 |
GPRS Load Balancing: GTP v1 Support |
IOS SLB supports both GTP Version 0 (GTP v0) and GTP Version 1 (GTP v1). Support for GTP enables IOS SLB to become "GTP aware," extending IOS SLB knowledge into Layer 5. |
The following sections provide information about this feature: • • • |
12.2(33)SRE |
GPRS Load Balancing: GTP v2 Support |
IOS SLB supports GTP Version 2 (GTP v2). |
The following sections provide information about this feature: • • |
12.2(33)SRB |
GPRS Load Balancing: Maps |
GPRS load balancing maps enable IOS SLB to categorize and route user traffic based on access point names (APNs). |
The following sections provide information about this feature: • • |
12.2(14)ZA2 |
Home Agent Director |
The Home Agent Director load balances Mobile IP Registration Requests (RRQs) among a set of home agents (configured as real servers in a server farm). Home agents are the anchoring points for mobile nodes. Home agents route flows for a mobile node to its current foreign agent (point of attachment). |
The following sections provide information about this feature: • |
12.2(33)SRE |
Hot ICE compliance |
All IOS SLB commands are Hot ICE-compliant. Hot ICE is a set of Cisco IOS configuration enhancements designed to increase the operational robustness, scalability, and programmability of Cisco IOS configuration management. |
Cisco IOS Server Load Balancing Command Reference |
12.2(33)SRC |
INOP_REAL State for Virtual Servers |
You can configure a virtual server such that, if all of the real servers that are associated with the virtual server are inactive, the following actions occur: • • • |
The following sections provide information about this feature: • |
12.2(17d)SXE |
Interface Awareness |
Some environments require IOS SLB on both sides of a farm of CSGs, SSGs, or firewalls. For example, you might want IOS SLB to perform RADIUS load balancing on one side of a farm and firewall load balancing on the other, or firewall load balancing on both sides of a firewall farm. Such "sandwich" environments require IOS SLB to take into account the input interface when mapping packets to virtual servers, firewall farms, connections, and sessions. In IOS SLB, this function is called interface awareness. When interface awareness is configured, IOS SLB processes only traffic arriving on configured access interfaces. (An access interface is any Layer 3 interface.) |
The following sections provide information about this feature: • • |
12.2(33)SRC |
KAL-AP Agent Support |
KAL-AP agent support enables IOS SLB to perform load balancing in a global server load balancing (GSLB) environment. KAL-AP provides load information along with its keepalive response message to the KAL-AP manager or GSLB device, such as the Global Site Selector (GSS), and helps the GSLB device load-balance client requests to the least-loaded IOS SLB devices. |
The following sections provide information about this feature: • • |
12.2(1) |
Maximum Connections |
IOS SLB allows you to configure maximum connections for server and firewall load balancing. |
The following sections provide information about this feature: • • |
12.2(1) |
NAT: Client NAT |
If you use more than one load-balancing device in your network, replacing the client IP address with an IP address associated with one of the devices results in proper routing of outbound flows to the correct device. Client NAT also requires that the ephemeral client port be modified since many clients can use the same ephemeral port. Even in cases where multiple load-balancing devices are not used, client NAT can be useful to ensure that packets from load-balanced connections are not routed around the device. |
The following sections provide information about this feature: |
12.2(1) |
NAT: Server NAT |
Server NAT involves replacing the virtual server IP address with the real server IP address (and vice versa). |
The following sections provide information about this feature: |
12.2(14)S |
NAT: Static NAT |
With static NAT, address translations exist in the NAT translation table as soon as you configure static NAT commands, and they remain in the translation table until you delete the static NAT commands. |
The following sections provide information about this feature: |
12.2(1) |
Port-Bound Servers |
When you define a virtual server, you must specify the TCP or UDP port managed by that virtual server. However, if you configure NAT on the server farm, you can also configure port-bound servers. Port-bound servers allow one virtual server IP address to represent one set of real servers for one service, such as HTTP, and a different set of real servers for another service, such as Telnet. |
The following sections provide information about this feature: |
12.2(14)ZA2 |
Probes: Custom UDP Probes |
IOS SLB probes determine the status of each real server in a server farm and of each firewall in a firewall farm. |
The following sections provide information about this feature: |
12.2(14)S |
Probes: DNS, Routed, and TCP Probes |
IOS SLB probes determine the status of each real server in a server farm and of each firewall in a firewall farm. |
The following sections provide information about this feature: |
12.2(1) |
Probes: HTTP, Ping, and WSP Probes |
IOS SLB probes determine the status of each real server in a server farm and of each firewall in a firewall farm. |
The following sections provide information about this feature: |
12.2(1) |
Protocol Support |
IOS SLB supports a fixed set of protocols. |
The following section provides information about this feature: |
12.2(33)SRC |
RADIUS Load Balancing: Accelerated Data Plane Forwarding |
RADIUS load balancing accelerated data plane forwarding, also known as Turbo RADIUS load balancing, is a high-performance solution that uses basic policy-based routing (PBR) route maps to manage subscriber data-plane traffic in a CSG environment. When Turbo RADIUS load balancing receives a RADIUS payload, it inspects the payload, extracts the framed-IP attribute, applies a route map to the IP address, and then determines which CSG is to manage the subscriber. |
The following sections provide information about this feature: • • • |
12.2(14)S |
RADIUS Load Balancing: CDMA2000 |
IOS SLB provides RADIUS load balancing in mobile wireless networks that use service gateways, such as the Cisco Service Selection Gateway (SSG) or the Cisco Content Services Gateway (CSG). IOS SLB supports RADIUS load balancing for the following CDMA2000 mobile wireless networks: • • |
The following sections provide information about this feature: • • • |
12.2(14)S |
RADIUS Load Balancing: GPRS Networks |
IOS SLB provides RADIUS load balancing in mobile wireless networks that use service gateways, such as the Cisco Service Selection Gateway (SSG) or the Cisco Content Services Gateway (CSG). IOS SLB supports RADIUS load balancing for GPRS networks. In a GPRS mobile wireless network, the RADIUS client is typically a GGSN. |
The following sections provide information about this feature: • • |
12.2(33)SRB |
RADIUS Load Balancing: Maps |
RADIUS load balancing maps enable IOS SLB to categorize and route user traffic based on RADIUS calling station IDs and usernames. RADIUS load balancing maps is mutually exclusive with Turbo RADIUS load balancing and RADIUS load balancing accounting local acknowledgement. |
The following sections provide information about this feature: • • |
12.2(14)S |
RADIUS Load Balancing: Multiple Service Gateway Server Farms |
IOS SLB provides RADIUS load balancing in mobile wireless networks that use service gateways, such as the Cisco Service Selection Gateway (SSG) or the Cisco Content Services Gateway (CSG). IOS SLB supports RADIUS load balancing for multiple service gateway server farms (for example, one farm of SSGs and another of CSGs). |
The following sections provide information about this feature: • • |
12.2(17d)SXE |
RADIUS Load Balancing: RADIUS IMSI Sticky Database |
The IOS SLB RADIUS International Mobile Subscriber ID (IMSI) sticky database maps the IMSI address for each user to the corresponding gateway. This enables IOS SLB to forward all subsequent flows for the same user to the same gateway. |
The following sections provide information about this feature: |
12.2(14)S |
Route Health Injection |
By default, a virtual server's IP address is advertised (added to the routing table) when you bring the virtual server into service (using the inservice command). If you have a preferred host route to a website's virtual IP address, you can advertise that host route, but you have no guarantee that the IP address is available. However, you can use the advertise command to configure IOS SLB to advertise the host route only when IOS SLB has verified that the IP address is available. IOS SLB withdraws the advertisement when the IP address is no longer available. This function is known as route health injection. |
The following sections provide information about this feature: • • |
12.2(1) |
Slow Start |
In an environment that uses weighted least connections load balancing, a real server that is placed in service initially has no connections, and could therefore be assigned so many new connections that it becomes overloaded. To prevent such an overload, slow start controls the number of new connections that are directed to a real server that has just been placed in service. |
The following section provides information about this feature: |
12.2(1) |
Stateful Backup |
Stateful backup enables IOS SLB to incrementally backup its load-balancing decisions, or "keep state," between primary and backup switches. The backup switch keeps its virtual servers in a dormant state until HSRP detects failover; then the backup (now primary) switch begins advertising virtual addresses and processing flows. |
The following sections provide information about this feature: • • • |
12.2(14)ZA5 |
Stateful Backup: |
When used with RPR+, IOS SLB supports the stateful backup of redundant route processors for mSEF for Cisco 7600 series routers. This enables you to deploy Cisco Multiprocessor WAN Application Modules (MWAMs) in the same chassis as IOS SLB, while maintaining high availability of load-balancing assignments. |
The following sections provide information about this feature: • • • |
12.2(1) |
Stateless Backup |
Stateless backup provides high network availability by routing IP flows from hosts on Ethernet networks without relying on the availability of one Layer 3 switch. Stateless backup is particularly useful for hosts that do not support a router discovery protocol (such as the Intermediate System-to-Intermediate System [IS-IS] Interdomain Routing Protocol [IDRP]) and do not have the functionality to shift to a new Layer 3 switch when their selected Layer 3 switch reloads or loses power. |
The following sections provide information about this feature: • |
12.2(1) |
Sticky Connections |
Sometimes, a client transaction can require multiple consecutive connections, which means new connections from the same client IP address or subnet must be assigned to the same real server. You can use the optional sticky command to enable IOS SLB to force connections from the same client to the same load-balanced server within a server farm. For firewall load balancing, the connections between the same client-server pair are assigned to the same firewall. |
The following sections provide information about this feature: • • • |
12.2(33)SRE |
Sub-Interface Support |
IOS SLB provides subinterface support for access commands. |
The following sections provide information about this feature: • • • The following commands were modified by this feature: access (firewall farm), access (server farm), access (virtual server) |
12.2(1) |
Supported Platforms for 12.2(1) and 12.2(14)S |
IOS SLB for the listed releases included support for only the following platform: • |
— |
12.2(14)ZA2 |
Supported Platforms for 12.2(14)ZA2, 12.2(14)ZA2, 12.2(14)ZA4, 12.2(14)ZA5, 12.2(14)ZA6 |
IOS SLB for the listed releases included support for only the following platform: • • • • • • |
— |
12.2(17d)SXB |
Supported Platforms for 12.2(17d)SXB and 12.2(17d)SXB1 |
IOS SLB for the listed releases included support for only the following platform: • • |
— |
12.2(17d)SXD |
Supported Platforms for 12.2(17d)SXD, 12.2(17d)SXE, and 12.2(18)SXF |
IOS SLB for the listed releases included support for only the following platform: • • • • |
— |
12.2(18)SXF5 |
Supported Platforms for 12.2(17d)SXF5 and 12.2(18)SXF7 |
IOS SLB for the listed releases included support for only the following platform: • • • • • • |
— |
12.2(33)SRB |
Supported Platforms for 12.2(33)SRB |
IOS SLB for the listed release included support for only the following platform: • • |
— |
12.2(33)SRC |
Supported Platforms for 12.2(33)SRC, 12.2(33)SRC1. 12.2(33)SRE, and 15.0(1)S |
IOS SLB for the listed releases included support for only the following platform: • • • |
— |
12.2(1) |
SynGuard |
SynGuard limits the rate of TCP start-of-connection packets (SYNchronize sequence numbers, or SYNs) managed by a virtual server to prevent a type of network problem known as a SYN flood denial-of-service attack. A user might send a large number of SYNs to a server, which could overwhelm or crash the server, denying service to other users. SynGuard prevents such an attack from bringing down IOS SLB or a real server. SynGuard monitors the number of SYNs managed by a virtual server at specific intervals and does not allow the number to exceed a configured SYN threshold. If the threshold is reached, any new SYNs are dropped. |
The following sections provide information about this feature: • |
12.2(1) |
TCP Session Reassignment |
IOS SLB tracks each TCP SYN sent to a real server by a client attempting to open a new connection. If several consecutive SYNs are not answered, or if a SYN is replied to with an RST, the TCP session is reassigned to a new real server. The number of SYN attempts is controlled by a configurable reassign threshold. |
The following sections provide information about this feature: • |
12.2(1) |
Transparent Web Cache Load Balancing |
IOS SLB can load-balance HTTP flows across a cluster of transparent web caches. To set up this function, configure the subnet IP addresses served by the transparent web caches, or some common subset of them, as virtual servers. Virtual servers used for transparent web cache load balancing do not answer pings on behalf of the subnet IP addresses, and they do not affect traceroute. |
The following sections provide information about this feature: • • • |
12.2(14)S |
VPN Server Load Balancing |
IOS SLB can balance Virtual Private Network (VPN) flows. |
The following sections provide information about this feature: • • |
12.2(1) |
WAP Load Balancing |
You can use IOS SLB to load-balance Wireless Session Protocol (WSP) sessions among a group of WAP gateways or servers on an IP bearer network. |
The following sections provide information about this feature: • • |
12.2(14)ZA6 |
— |
These releases incorporated only minor corrections and clarifications. No new features were introduced in these releases. |
— |
Feedback