Principles and Practices of Server Load balancer Article 5 Detailed description of data packet process during Server Load balancer

Principles and Practices of Server Load balancer Article 5 Detailed description of data packet process during Server Load balancer

SeriesArticle:

Server Load balancer: requirements of Server Load balancer

Server Load balancer details Article 2: Basic concepts of Server Load balancer-Network Basics

Server Load balancer Part 3: basic concepts of Server Load balancer-Server group using Server Load balancer

Server Load balancer details Article 4: basic concepts of Server Load balancer-Data Packet Flow During Server Load balancer

Server Load balancer details Article 5: basic concepts of Server Load balancer-Health Check

Server Load balancer details Article 6: basic concepts of Server Load balancer-Network Address Translation (NAT)

Server Load balancer Article 7: basic concepts of Server Load balancer-Direct server return

Server Load balancer details Article 8: Server Load balancer Advanced Technology-Session persistence (upper)

Server Load balancer (Advanced Server Load balancer Technology)-Session persistence (medium)

Server Load balancer details Article 10: Server Load balancer Advanced Technology-Session persistence (lower)

 

For example, we will discuss the process of data packets after Server Load balancer.

 

 

There are three servers, RS1 to rs3, and three applications are also included: Web (HTTP), FTP, and SMTP, which run on the three servers respectively. In this example, all applications run over TCP, and each application uses different TCP ports. The Web application runs on port 80, FTP runs on port 21, and SMTP runs on port 25. The server Load balancer identifies the applications to be accessed by the client based on the destination port number of the received TCP packet, and selects an appropriate server for each customer request.

 

The process of selecting a service is divided into two steps. First, the Server Load balancer must determine which servers are available for the applications. The availability of servers and applications is determined by health check, which will be discussed in detail in later sections. Second, Server Load balancer uses a Server Load balancerAlgorithmTo select a server. Common complex Server Load balancer algorithms include round robin, least connections, weights, and the fastest response time. Server Load balancer algorithms will be discussed in detail in later sections.

 

Server Load balancer configuration includes the following steps:

1. Define a VIP: VIP = 123.122.121.1;

 

2. Determine which applications require Server Load balancer: Web, FTP, and SMTP;

 

3. for each application, bind the VIP to the corresponding Real Server: bind RS1 and rs2 to the Web VIP; Bind RS1 to the ftp vip; Bind rs2 and rs3 to the smtp vip. That is to say, port 80 of the VIP is bound to port 80 of RS1 and rs2; port 21 of the VIP is bound to port 21 of RS1, and so on, as shown in;

 

4. Set health check to check the health status of servers and applications;

5. Set the Server Load balancer algorithm. By binding the VIP to different TCP ports of the Real Server, we split the server and application, providing powerful flexibility. For example, if the access volume of an FTP application increases, you only need to bind another server to port 21 of the VIP server to increase the FTP service processing capability. If rs2 requires offline maintenance, we can use the Server Load balancer to implement seamless downtime of rs2, that is, to stop sending any new requests to rs2 and wait until all online connections are closed, then stop rs2.

 

Note that all the real servers in this example use private IP addresses. There are two advantages: first, use only one public IP address, that is, VIP, to save IP address space for all Server clusters. Second, this improves security. No client requests can be directly accessed to the server by bypassing the Server Load balancer.

 

Now we know what the Server Load balancer can do. Let's take a look at the packet forwarding process after the Server Load balancer is used.

 

We use a simple example, as shown in, to understand the packet forwarding process in the Request Response Process.

 

 

The client first establishes a TCP connection, sends an HTTP request, receives the server response, and closes the TCP connection. Three handshakes are required to establish a TCP connection. The tcp syn request received by the Server Load balancer includes the following information:

Source IP Address: the IP address of the client;

Source Port: the port number used by the client for the TCP connection;

Destination IP Address: VIP address;

Destination Port: because the request accesses a web application, the destination port is 80.

 

The preceding four factors uniquely identify a TCP session. When the Server Load balancer receives the first tcp syn packet, it is assumed that rs2 is selected to process the request and send the request to rs2. To allow rs2 to receive and process tcp syn packets, you must change the destination address of the packet to the private IP address of rs2. Therefore, the Server Load balancer modifies the destination address to the IP address of rs2 before forwarding data packets. This IP address conversion process is called Network Address Translation (NAT ). Specifically, the Server Load balancer modifies the destination address, which is also called the destination address Nat.

 

When a user clicks www.agilesharp.com, the browser will generate a DNS query request to obtain the IP address corresponding to www.agilesharp.com, that is, VIP. Then, the browser of the client sends a tcp syn packet to establish a new TCP connection. When the Server Load balancer receives a tcp syn packet, it first confirms that this request is a packet for Server Load balancer, because the destination address of the packet is VIP. As this is a new connection, the Server Load balancer cannot find this session in the session table through the source IP address, destination IP address, source port address, and destination port address. Based on the server Load balancer settings and health check results, the Server Load balancer confirms that RS1 and rs2 can receive new connections. According to the predefined load balancing algorithm, the SLB selects rs2 to process the session request. After the server is selected, the Server Load balancer creates a new record in its session table, and changes the destination IP address and destination MAC address of the packet to the IP address and MAC address of the server rs2, then, send the data packet to rs2.

 

After receiving a tcp syn packet, rs2 will respond to the tcp syn ack packet. The source address of the packet is the IP address of rs2. the destination address is the IP address of the client. After the Server Load balancer receives the packet, it changes the IP address of rs2 to the IP address of the VIP, sends the packet to the router, and routes it to the client. All subsequent requests and response packets of this TCP session follow the same process. Eventually, when the connection ends or ends through Fin or reset, the Server Load balancer deletes the session record in its session table.

 

Now let's track the data packet process and see how the IP address and MAC address change. When a router receives a packet, the destination IP address of the packet is VIP, And the destination MAC address is M1, that is, the MAC address of the router.

Step 1, as shown in, the vro changes the target MAC address to M2 and sends the packet to the Server Load balancer. m2 is the MAC address of the Server Load balancer.

 

Step 2: the Server Load balancer changes the destination IP address and destination MAC address to the IP address and MAC address of rs2 and sends them to rs2.

 

Step 3: rs2 responds to the client request. Therefore, the source IP address and the source MAC address are both rs2 addresses, and the destination IP address is the Client IP address. The default gateways of RS1 and rs2 are the IP addresses of the Server Load balancer. Therefore, the target MAC address is the MAC address of the Server Load balancer.

 

Step 4: After the Server Load balancer receives data packets, it changes the source IP address to the VIP address so that the response looks the same as that sent by the VIP. This is very important. The TCP connection is established between the client and the VIP, and is not a real server. Therefore, the response packet must look like it is sent from the VIP. In order for a data packet to reach the client normally, the Load balancer needs to forward the data packet to its next hop, that is, the router. The server Load balancer modifies the source MAC address to its own MAC address m2, the destination MAC address to the MAC address M1 of the router, and then forwards the packets to the router.

 

In this example, the Server Load balancer serves as the default gateway of the Real Server. In fact, you can also use a vro as the default gateway of the server. In this case, the destination MAC address of the packet returned from the Real Server is M1, that is, the MAC address of the router. The Load balancer does not change the source MAC address or the destination MAC address. For other L2 and L3 switches and hosts, the Load balancer is equivalent to a L2 Switch.

 

This article will be discussed here! Next article, let's continue!