Campus Network Center solution based on Linux cluster technology

With the development of network technology and the further development of network applications, campus networks are undertaking more and more applications from teaching, scientific research and management. As the data storage and publishing, traffic management and control, user management, and internal and external network transfer control center of the local area network, the campus network center must solve a series of problems caused by the increase of traffic. In the traditional network center solution, when the traffic increases, a single server system is generally upgraded, which will lead to high investment and maintenance costs, greatly reducing the performance-to-price ratio. The campus network center solution based on Linux cluster technology can effectively solve this problem.

Architecture of Campus Network Center

The architecture of the campus network center based on the Linux cluster technology is based on the Linux core layer cluster technology and security technology as the cornerstone, constitute a high scalability, high availability and high security operating platform. Its structure 1 is shown in.

Figure 1
In this architecture, the network center configuration can be abstracted into three layers: Server Load balancer, service node pool, and storage system.

1. Server Load balancer
This is the only entry to the cluster, and the campus network is connected to the Internet through this device. From the perspective of a single client on campus, the cluster uses this layer of services as a single IP address-based system image SSI. the whole campus network shares this virtual address, the client can regard the entire cluster as an independent host system with a valid IP address. All access from the client is sent to this virtual IP address, which can effectively solve the shortage of school IP addresses.
If there is only one Server Load balancer, it is easy to cause single point of failure of the Server Load balancer, making it the most vulnerable link in the cluster. Therefore, it is necessary to provide a fault tolerance mechanism to automatically detect and smoothly replace Server Load balancer instances when they fail. This solution provides a Backup Server Load balancer that can monitor the running status of the Server Load balancer in real time and respond to alarms, take over, and recover the Server Load balancer according to the detected status.

2. Service Node pool
The service node pool in the solution refers to the server group that provides the actual service. After the service request sent by the client is processed by the balancer, it is transferred to the service node pool and the server responds to the request and returns data. Generally, WWW, FTP, email, and courseware on-demand services are provided on campus networks. A single server system cannot cope with data access during peak hours, it is economical and feasible to share these loads with multiple servers.
The server node may also be temporarily invalid, especially when the node provides multiple services, random system faults or sudden changes in the external environment may temporarily render a service of the node unavailable. This requires the fault tolerance mechanism extended by the Server Load balancer to identify and handle such errors in a timely manner. After troubleshooting, the cluster can automatically identify the recovery events and re-incorporate the nodes into the cluster for further operation.

3. Storage Service System
The storage service system provides stable and consistent file access services for the entire cluster. The system provides a single file system entry for the cluster node pool, that is, each service node shares the same root; it also automatically completes the underlying functions such as file locking, load balancing, fault tolerance, content consistency, and read/write transactions caused by access to the file system at different nodes, and provides a transparent file access service to the application layer.
This system based on Linux cluster technology is a loosely coupled cluster system. It does not need to deploy a special middleware layer or OS extension in the cluster, so it has better compatibility with the server node OS. In this way, the network center can be compatible with most IP applications without complicated porting and installation. Each specific application can be considered as a relatively independent server system. Even on the server Load balancer, core functions are transparently provided to users without affecting the normal network applications of the local machine.

Key Technologies of Campus Network Center

The technology used by this network solution is actually based on the server Load balancer technology at the network access protocol layer, which converts network requests to zero and is shared by a large number of cluster service nodes, A cluster technology that maximizes performance. Therefore, the key technology of this solution is the Server Load balancer technology at the network access protocol layer. This server Load balancer technology has the following features:
1. High execution efficiency. Because the underlying protocol can be deployed through the hardware system or at the OS core layer.
2. Strong compatibility. The access protocol is often compatible with most existing mainstream network applications, such as the IP layer in the IPv4 system.
3. System implementation is relatively simple. Compared with content-based high-level exchange, it does not need a complex pattern matching mechanism, mainly through port ing for data exchange, the rule is simple.
Basically, the implementation of this Server Load balancer technology is based on IP exchange, but IP exchange on the Linux platform is scalable, it can achieve high performance, high scalability, easy management, and many other features, and become a truly meaningful Cluster System with load balancing as the core. The Linux Server Load balancer supports three load balancing models: address translation NAT, IP tunneling IPIP, and direct routing DR.
NAT isolates the service node pool from the Internet through an internal IP address. Service nodes and clients cannot communicate directly. Both request data and response data must be processed by IP packets through the Server Load balancer.
The IP address adopts an open network structure, and the service node has a valid Internet IP address. You can directly return the response packet to the client through the routing path. After receiving the request packet from the client, the Server Load balancer reprocesses the IP packet through the IPIP protocol to form a new IP packet with the selected service node as the destination IP address, the original IP package data is encapsulated in the new IP package. After receiving the IPIP data from the balancer, the service node unpacks the packet and returns the processing result to the client based on the source address of the client address, the source address of the response packet becomes the virtual address VIP of the cluster.
In DR mode, the Server Load balancer selects an appropriate service node after receiving the client request, and then modifies the MAC address of the request packet to make it the MAC address of the target service node, then broadcast the package to the network segment of the balancer. Since each service node has a virtual network device, these devices are bound with the same VIP as the balancer, but the device does not respond to the RAP resolution of the VIP, it does not conflict with the Vip address of the balancer. After the Server Load balancer receives an IP packet that matches its MAC, it directly returns the response data to the customer after processing, and the source address is still VIP. In this way, the Client Always accesses and receives the response from the cluster's VIP address.
Among the three load balancing models, NAT is a duplex connection processing model. You need to rewrite the packet header address for the network packets that enter and exit the cluster, when the load is heavy, it will affect the performance of the entire cluster, and the Load balancer is easy to become a bottleneck. IPIP and DR are a standalone model. The Load balancer only processes the IP request packets that enter the cluster, the response data to IP addresses is not processed. For a large amount of returned data, service nodes directly return data to the client through routers, switches, and other devices, which is highly scalable. However, the use of the NAT model has a strong advantage in terms of network security.
In the campus network, the Server Load balancer model should be selected based on the network traffic and specific applications. If you only have a valid IP address, or you need to construct a secure cluster without worrying about performance issues, you can use the NAT mode. Generally, on campus networks, most network requests are relatively small. They are nothing more than URL page requests, GET or POST forms, or some commands, the data is basically several hundred to several thousand bytes. On the contrary, the response data in the Web is usually large, and a common Web page requires dozens of KB. What's more, many of the content returned on the campus network is video and audio streams, coupled with the increasingly "crazy" Network downloads, the traffic for responding to data is greatly increased. In this case, using IPIP or DR mode is a good choice.

Advantages of Campus Network Center Based on Linux cluster technology

This Linux cluster-based campus network center solution has the following advantages over the traditional single server solution:
1. good scalability
The Application of campus network is based on the development of computer network technology and the improvement of teachers' application ability. Any network center solution is impossible and does not need to take all applications into account at once. Therefore, system scalability becomes very important. The network system formed by this solution can easily expand the system functions. When the number of applications on campus networks increases, the system's personality will decrease. By adding service nodes, you can easily improve the system performance and ensure that the system performance grows linearly with the increase in costs.
2. Around-the-clock availability support
After the campus network provides WWW, FTP, email, on-demand courseware and remote teaching services, the availability of the entire day becomes critical. This solution can provide transparent and automatic availability support for network applications. This unique dual-Machine backup structure can automatically switch or repair the system after the service node fails, ensure that the 24x7 system runs normally.
3. Good manageability
With the deepening of campus network applications, the scale of network systems is getting bigger and bigger, and the task of system management is getting heavier and heavier. This solution can effectively simplify system management, mainly reflected in the following: You can use the HTTPS-based Web management interface and secure command line interface to manage the network; you can configure and monitor all nodes in the system on a single control point. You can monitor the status of each server remotely in real time.
4. Good Security
This network solution can provide protection at the core layer for the server. The firewall cluster system built on this basis can effectively improve the performance and scalability of the firewall, thus ensuring the security of campus network applications.
5. Relative Cost/performance advantages
The construction of such a campus network system is economical in terms of investment costs, and it is easy to customize a target system at a proper price based on specific needs.