Skynet Firewall load Sharing technology

1. Load-sharing solutions for large service nodes

Have a large amount of traffic and the user is the goal of the information service provider, however, a large number of accesses will put a heavy burden on the server, as the number of users of the outstanding Internet application services increases, the server becomes overloaded, and if a large number of user Service requests cannot be processed in time, there will be a service outage. In the past, when solving these problems, only the server with stronger computing power can replace the original server, the old server can only be eliminated. Even so, the load capacity of a single server is limited, it is impossible to expand indefinitely, at the same time, the price of high-end servers with the performance of the server is exponentially rising, therefore, the use of multiple Low-cost server components load sharing system model is becoming mainstream.

2. The principle of load sharing system

The load-sharing system mainly distributes the user Service requests that are concentrated on one server to multiple servers. In the beginning of the load sharing method, there are many network design using domain name rotation method, that is, a domain name corresponding to multiple servers, as a low-cost solution, domain name rotation can solve some of the server load problem, but, There are significant limitations to this load-sharing approach: A User Service request cannot be sent to a different server depending on the load on each server; when one of the servers fails, the system still sends the user access request to the failed server, causing a disruption of the service Because the domain name interpretation generally has a cache presence on every local server, the user access requests in one area will be centralized on the same server. Therefore, in fact, the use of domain name rotation to do the system load sharing, the effect is not obvious.

3. The Load sharing system module of Skynet firewall

With the distributed solution of Skynet Firewall, a large capacity server cluster system with fast response time and high fault tolerance can be built. Skynet firewall load distribution module, can intelligently distribute the user's service request to multiple servers, at the same time, provide fault-tolerant function, can automatically isolate the problem of the server. The specific functions of the system are as follows:

1) Dynamic load Balancing

Skynet firewall load distribution module can be based on the load of the server, including CPU consumption, system load and so on, automatically select the smallest load of the server, the user's service request sent to the machine.

2 Fault-tolerant processing

Skynet firewall load distribution module can automatically detect the availability of the server, when a server fails, the distributed system will automatically bypass the failure of the machine, will not send the user's service request to the machine, to ensure the normal operation of the system.

4. The working principle of the Skynet firewall load sharing module

Skynet firewall load sharing module works mainly in the user's access to a number of algorithms distributed to multiple servers.

Skynet firewall can be used in many different ways to achieve load sharing. Functional can be divided into two categories:

1) Intelligent class

Direct detection

Mode: Skynet Firewall load-sharing module sends service request data directly to the server, according to the server response time, the unresponsive server flag is the problem server, and the priority of User Service request forwarding is established.

Advantages: The system has nothing to do with the server, the user server can take any kind of server.

Disadvantage: The data obtained is inaccurate and can not be fully load-sharing.

Server Agent

Mode: Install Skynet firewall on the server side of the load detection agent software, real-time to Skynet firewall load sharing module send server load, including CPU consumption, system load, network traffic, Skynet firewall based on the comprehensive index of server load, establish User Service request forwarding priority. (Programming Entry Network)

Advantages: Can accurately forward the User Service request to the real idle server, to ensure the quality of service.

Disadvantage: The load detection agent software must be installed for servers with different operating systems, and currently only the load detection agent software of UNIX system.

2) Fixed class

Loops in a fixed order or forwards a user service request to the server. Used on special occasions, such as server-side not responding to incorrect service requests or returning data is not normal.

5. IIDR algorithm

In the practical application, because the server side often exists the CGI program, these programs will save the user's information in the server's memory, if the load-sharing system does not recognize the user source, will distribute the same user's request to the different server, can cause the program not to run normally. And the load burden module of Skynet Firewall uses the unique IIDR (Intelligent identification) algorithm to ensure that the same user's CGI request can be kept on the same server to ensure the normal operation of the service.

6. Skynet Firewall load sharing module

The use of distributed structure to build large-scale Internet applications, can accommodate a large number of users, however, when the user volume increased to a certain extent, the load sharing server in the entire Network center location, it may become a service system bottleneck. Skynet firewall load sharing module in the design of the special hashing algorithm, to ensure that the system even in the processing of huge user (the number of simultaneous connections per second than 30000 users), network efficiency can still reach more than 80%.