The difference between four-layer and seven-layer load balancing

A

　　Simple understanding of four-and seven-layer load balancing:

　　① The so-called four layer is based on the ip+ Port load balancing, seven layer is based on the URL and other application layer information load balancing; In the same way, there are two-tier load balancing based on MAC address and three-tier load balancing based on IP address. In other words, a two-tier load balancer receives requests through a virtual MAC address, which is then assigned to a real MAC address, and a three-tiered load balancer receives the request through a virtual IP address, then assigns it to the real IP address, and the four tiers receive the request through the virtual ip+ port before being assigned to the real server Layer seven receives the request through a virtual URL or hostname and then assigns it to the real server.

　　② So-called four to seven load balancing, is in the background of the server load balancing, based on the four layer of information or seven layer of information to determine how to forward traffic. For example, four layer of load balancing, is to publish three layer of IP address (VIP), and then add four layer of port number, to determine which traffic needs to do load balancing, to handle the traffic to the NAT processing, forwarding to the background server, and record the TCP or UDP traffic is from which server processing, All subsequent traffic for this connection is also forwarded to the same server for processing. Seven layer of load balancing, is on the basis of four layer (no four layer is absolutely impossible seven layer), and then consider the characteristics of the application layer, than like a Web server load balancing, in addition to the VIP plus 80 port to identify whether to handle traffic, but also according to the seven layer of the URL, browser category, Language to determine whether to load balance. For example, if your Web server is divided into two groups, one for the Chinese language and one for the English language, the seven-tier load balancer can automatically identify the user's language when the user accesses your domain name, and then select the corresponding language server group for load Balancing.

　　③ load balancers are often referred to as layer four switches or layer seven switches. The four-layer switch mainly analyzes the IP layer and the TCP/UDP layer to achieve four-layer traffic load balancing. In addition to supporting four-tier load balancing, layer seven switches also analyze application layer information, such as HTTP protocol URI or cookie information.

1, load balancing is divided into L4 switch (four-layer switching), that is, the 4th layer of the OSI work, is the TCP layer. This type of load balance does not understand the application protocol (such as Http/ftp/mysql, etc.). Example: Lvs,f5.

2. The other is called L7 switch (seven layer switching), the highest layer of OSI, the application layer. At this point, the load balancer can understand the application protocol. Example: Haproxy,mysql Proxy.

Note: Many of the above load balancer can be exchanged in four layers or seven layers.

Two

Load balancer devices are also often referred to as "four to seven layer switches", so what is the difference between the four and seven tiers?

First, the technical principle of the difference.

The so-called four-layer load balancing , that is, mainly through the message of the destination address and port, coupled with the load Balancer device settings of the server selection method, determine the final choice of internal server.

In the case of common TCP, the load balancer device, when it receives the first SYN request from the client, chooses the best server in the above way and modifies the destination IP address in the message (instead of the backend server IP) and forwards it directly to the server. TCP connection is established, that is, the three-time handshake is established directly between the client and the server, the load balancer device is just a router-like forwarding action. In some deployment situations, in order to ensure that the server back-up can be correctly returned to the load balancer device, while forwarding the message may also be the original source address of the message to modify.

the Called seven-layer load balancing , also known as "content Exchange", that is, mainly through the message of the real meaningful application layer content, coupled with the load Balancer device settings of the server selection method, determine the final choice of internal server.

For example, in the case of TCP, the load balancing device can only accept the message of the real application layer content sent by the client after the server is selected by the actual application layer and then the client must establish a connection (three handshake), and then according to the specific fields in the message, Plus the server selection method of the Load Balancer device setting determines the final selected internal server. Load balancer device In this case, it is more like a proxy server. The load balancer and the front-end clients and the backend servers establish TCP connections separately. So from this point of view, the seven-layer load balancer is significantly more demanding for load balancing devices, and the ability to handle seven layers is bound to be lower than the four-tier mode deployment.

Second, the needs of the application scenario.

The benefit of seven-tier application load is to make the whole network more " intelligent ". For example, access to a Web site user traffic, you can pass the request of the picture class to a specific image server through seven layers, and can use the caching technology, the text class request can be forwarded to a specific word server and can use compression technology. Of course, this is only a small case of seven-tier application, from the technical principle, this way can be the client's request and the response of the server in any sense, greatly improved the application system in the network layer of flexibility. Many of the features deployed in the background, such as Nginx or Apache, can be moved forward to the load balancer device, such as header rewriting in customer requests, keyword filtering in server responses, or content insertion.

Another feature that is often referred to is security. The most common SYN flood attack in the network, that is, hackers control many source clients, using a false IP address to send SYN attacks to the same target, usually this kind of attack will send a large number of SYN packets, exhausted the relevant resources on the server to achieve denial of Service (DoS ) for the purpose. It can also be seen from the technical principle that these SYN attacks are forwarded to the backend server in the four-layer mode, whereas in the seven-tier mode these SYN attacks are naturally cut off on the load-balanced device without affecting the normal operation of the backend servers. In addition, the load Balancer device can set up various strategies at seven layers, filter specific messages, such as SQL injection and other application-level attack methods, and further improve the overall security of the system from the application level.

Now the 7-layer load balancing, mainly focus on the application of HTTP protocol, so its application is mainly a number of web sites or internal information platform, such as based on B/s development system. The 4-tier load balancer corresponds to other TCP applications, such as ERP systems based on C/s development.

Third, the seven-tier application needs to be considered.

1: Whether it is really necessary , seven-tier applications can indeed improve the flow of intelligence, but also must not avoid the complexity of equipment configuration, load balancing pressure, and troubleshooting problems. In the design of the system you need to consider the four-layer seven-layer simultaneous application of the mixed situation.

2: Is it really possible to improve security ? For example, a SYN flood attack, seven-tier mode does block these traffic from the server, but the load balancer device itself has a strong anti-DDoS capability, or even if the server is functioning as a central dispatch load Balancer device failure can cause the entire application to crash.

3: whether there is sufficient flexibility . The advantage of seven-tier applications is that the flow of the entire application can be intelligent, but the load balancing device needs to provide a complete seven-tier capability to meet the customer's application-based scheduling according to different situations. One of the simplest tests is the ability to replace the scheduler on a server such as a background nginx or Apache. A load balancing device capable of providing a seven-tier application development interface that allows the customer to arbitrarily set functions based on demand, is truly likely to provide great flexibility and intelligence.

(This section is from the "ADC Technology blog" blog, make sure to keep this source http://virtualadc.blog.51cto.com/3027116/591396)

Three

Load Balancer 47 Layer Introduction:

Load balancing, built on the existing network structure, provides an inexpensive and effective way to extend the bandwidth of network devices and servers, increase throughput, enhance network data processing capabilities, and improve network flexibility and availability. Balance

Load balancing has two meanings: first, a large number of concurrent access or data traffic is divided into multiple nodes of the device processing, reduce the time the user waits for response; second, a single heavy load operation is divided into multiple node devices to do parallel processing, each node device processing ends, the results are summarized, returned to the user, System processing capacity has been greatly improved.

The load balancing technology introduced in this paper mainly refers to the application of traffic load between all servers and applications in a balanced server farm, and most of the current load balancing technology is used to improve such as the Web server, Availability and scalability of Internet server programs on FTP servers and other mission-critical servers.

Load Balancing Technology classification

There are many different load balancing techniques to meet different application requirements, categorized by the device objects used in load balancing, the network hierarchy of applications (referred to as the OSI Reference Model), and the geographic structure of the application.

Soft/Hardware load balancing

Software load Balancing solution is to install one or more additional software on one or more servers corresponding operating system to achieve load balancing, such as DNS load Balance,checkpoint Firewall-1 Connectcontrol, etc. Its advantages are based on a specific environment, simple configuration, flexible use, low cost, can meet the general load balancing requirements.

Software solution Disadvantages are also more, because the installation of additional software on each server will consume the system of non-quantitative resources, the more powerful modules, the more consumption, so when the connection request is particularly large, the software itself will become a key to the success of the server; Software extensibility is not very good, is limited by the operating system, and because of the operating system itself, it often causes security problems.

The Hardware load Balancing solution is to install load balancing devices directly between the server and the external network, a device that we often call a load balancer, as a result of specialized equipment dedicated to the task, independent of the operating system, the overall performance of a large number of improvements, coupled with a variety of load balancing strategies, intelligent traffic management, The best load balancing requirements can be achieved.

Load balancers have a variety of forms, in addition to being a standalone load balancer, some load balancers are integrated in the switching device, placed between the server and Internet links, and some are integrated into the PC with two network adapters, one connected to the Internet, A piece of the internal network connected to the backend server farm.

In general, hardware load balancing is better than software in function and performance, but it is costly.

Local/Global Load Balancing

Load balancing is divided into local load balancing (global load Balance, also called geo-load Balancing) from the geographic structure of its application, and local load balancing is the load balancing on the local server farm, Balance Global load balancing is the load balancing of server groups that are placed in different geographic locations with different network architectures.

Local load balancing can effectively solve the problem of excessive data traffic, overloading the network, and do not need to spend expensive to purchase the performance of the server, make full use of the existing equipment, to avoid the loss of data traffic caused by the server single point of failure. It has a flexible and diverse balance strategy to allocate data traffic reasonably to servers in the server farm burden. Even if you extend the upgrade to an existing server, simply add a new server to the service farm without changing the existing network structure and stopping the existing service.

Global load balancing is primarily used for sites that have their own servers in a multi-region, so that global users can access their closest servers with only one IP address or domain name, thus obtaining the fastest access speed. It can also be used for large companies with dispersed distribution sites to achieve the purpose of uniform and rational distribution of resources through intranet (intra-enterprise Internet).

Load balancing at the network level

Aiming at the different bottleneck of overloading on the network, we can use the corresponding load balancing technology to solve the existing problems from different levels of the network.

With the increase of bandwidth, data traffic increasing, the network core part of the data interface will face bottlenecks, the original single line will be difficult to meet the demand, and the line upgrade is too expensive or even difficult to achieve, then you can consider the use of link aggregation (trunking) technology.

Link Aggregation technology (second load Balancing) uses multiple physical links as a single aggregation logical link, and network traffic is assumed by all the physical links in the aggregation logic link, thereby increasing the capacity of the link logically to meet the demand for increased bandwidth.

Modern load balancing techniques typically operate on the fourth or seventh layer of the network. Layer Fourth load balancing maps a legally registered IP address on the Internet to the IP address of multiple internal servers, and dynamically uses one of the internal IP addresses for each TCP connection request for load balancing purposes. In layer fourth switches, this equalization technology is widely used, a target address is the server group VIP (virtual ip,virtual IP address) connection request packet flow through the switch, the switch based on the source and destination IP addresses, TCP or UDP port number and a certain load balancing policy, Mapping between the server IP and the VIP, select the best server in the server farm to handle the connection request.

The seventh layer load Balancer controls the content of the application Layer service, and provides a high-level control method for access traffic, which is suitable for the application of the HTTP server farm. layer Seven load balancing technology performs load balancing tasks based on the information in the header by examining the HTTP headers that flow through.

The seventh tier load balancing benefits are shown in the following areas:

By checking the HTTP header, you can detect error messages for the HTTP400, 500, and 600 series, and thus transparently redirect connection requests to another server to avoid application layer failures.

It can be processed by the server which directs the data traffic to the corresponding content according to the data type (such as judging the packet is image file, compressed file or multimedia file format, etc.), and increase the system performance.

Can be based on the type of connection request, such as ordinary text, images, such as static document requests, or ASP, CGI and other dynamic document requests, the corresponding request to the corresponding server to deal with, improve the system's performance and security.

The seventh layer load balancer is limited by the protocol it supports (usually only HTTP), which restricts its application, and checking the HTTP header will consume a lot of system resources, which will inevitably affect the performance of the system, in the case of a large number of connection requests, the load balancer device itself can become the bottleneck of overall network performance.

　　Load Balancing Policy

In real-world applications, we may not want to distribute the client's service requests evenly to internal servers, regardless of whether the server is down or not. Instead, to make the Pentium III server accept more service requests than Pentium II, a server with fewer requests for processing services can allocate more service requests, and the failed servers will no longer accept service requests until they fail to recover, and so on.

Select the appropriate load balancing strategy, so that multiple devices can work together to complete the task, eliminate or avoid the existing Network load distribution uneven, data congestion response time long bottleneck. In each load balancing mode, the load balance of the 第二、三、四、七 layer of the OSI Reference Model has a corresponding load balancing strategy for different application requirements.

The advantages and disadvantages of load balancing strategy and its implementation are two key factors: first, load balancing algorithm, second, the detection mode and ability of network system condition.

Considering the different types of service requests, the different processing ability of the server and the uneven load distribution caused by random selection, in order to allocate the load to the internal servers more reasonably, we need to apply the corresponding load balancing algorithm which can correctly reflect the processing ability and network state of each server:

Round robin (Round Robin): Every request from the network is assigned to an internal server in turn, starting from 1 to N and then restarting. This equalization algorithm is suitable for all servers in the server group with the same hardware and software configuration and the average service request is relatively balanced.

Weighted round robin (Weighted Round Robin): Depending on the processing power of the server, assign different weights to each server so that it can accept service requests for the corresponding number of weights. For example: The weight of server A is designed to 1,b the weight of 3,c is 6, then server A, B, and C will receive service requests of 10%, 30%, 60% respectively. This equalization algorithm ensures that the high-performance server gets more usage and avoids overloading the server with low performance.

Random equalization: Randomly distributes requests from the network to multiple servers in the interior.

Weighted stochastic equalization (Weighted Random): This equalization algorithm is similar to the weighted round robin algorithm, but it is a random selection process when processing request sharing.

Response Speed Equalization (Response time): The Load Balancer device issues a probe request (such as ping) to the internal servers, and then determines which server responds to the client's service request based on the fastest response time of the internal servers to the probe request. This equalization algorithm can better reflect the current running state of the server, but the fastest response time is simply the fastest response time between the load balancer device and the server, not the fastest response time between the client and the server.

Minimum number of connections (Least Connection): The client's request service at the time of the server can be significantly different, with longer working hours, if the use of a simple round robin or random equalization algorithm, the connection process on each server may produce a great difference, Does not achieve true load balancing. The least Connection equalization algorithm has a data record for each server in the internal load, records the number of connections currently being processed by the server, and, when there is a new service connection request, assigns the current request to the server with the least number of connections, making the balance more realistic and load balanced. This equalization algorithm is suitable for long-time processing of request services, such as FTP.

Processing capacity equalization: This equalization algorithm allocates service requests to the lightest servers in the internal processing load (based on server CPU model, number of CPUs, memory size and current number of connections), due to the processing power of the internal server and the current network health, So this equalization algorithm is relatively more accurate, especially suitable for use in the case of the seventh Layer (application layer) load balancing.

DNS Response equalization (Flash DNS): On the Internet, whether it is HTTP, FTP, or other service requests, clients typically find the exact IP address of the server through domain name resolution. Under this equalization algorithm, the load balancer device in different geographic locations receives the domain name resolution request from the same client and resolves the domain name to the IP address of the corresponding server (that is, the IP address of the server with the load balancer in the same location) and returns it to the client at the same time. The client will continue to request the service by resolving the IP address of the first received domain name, ignoring other IP address responses. It is meaningless for local load balancing when the equilibrium strategy is suitable for global load balancing.

Although there are a variety of load balancing algorithms can be better to allocate data traffic to the server to load, but if the load balancing policy does not have the network system condition detection mode and ability, once in a server or a load balancing device and server network failure between the case, The Load Balancer device still directs a portion of the data traffic to that server, which is bound to cause a large number of service requests to be lost, without the need for uninterrupted availability. Therefore, a good load balancing strategy should have the ability to detect network failure, server system failure and application service failure:

Ping detection: By pinging the server and network system status, this method is simple and fast, but can only roughly detect the network and the operating system on the server is normal, the application service detection on the server is powerless.

TCP Open Detection: Each service will open a TCP connection to detect whether a TCP port on the server (such as 23 port of Telnet, HTTP 80 port, etc.) is open to determine whether the service is normal.

HTTP URL detection: For example, to send an HTTP server access to the main.html file, if you receive an error message, the server is considered to be faulty.

The pros and cons of a load balancing strategy, in addition to the two factors mentioned above, in some applications, we need to assign all requests from the same client to the same server, for example, when the server stores the client registration, shopping and other service request information to save the local database, Assigning a client's child requests to the same server for processing is critical. There are two ways to solve this problem, one is to assign multiple requests from the same client to the same server according to the IP address, the client IP address and the server's corresponding information is stored on the load Balancer device, and the second is in the client browser The cookie makes a unique identifier to assign multiple requests to the same server, which is suitable for clients that are connected to the Internet through a proxy server.

There is also an out-of-Path return mode (out of Path return), when the client connection request is sent to the load balancer device, the central Load Balancer device directs the request to a server, and the server's response request is no longer returned to the central load balancer device, which bypasses the traffic allocator and returns it directly to the client. The central load Balancer is therefore only responsible for accepting and forwarding requests, and its network burden is much reduced, and the client is provided with faster response times. This mode is typically used for the HTTP server farm, to install a virtual network adapter on each server and to set its IP address as the VIP of the server farm, so that the server directly responds to client requests to achieve a smooth three handshake.

　　Load Balancing Implementation Elements

The load balancing scheme should be an issue to be considered in the early days of website construction, but sometimes it becomes an issue that has to be faced as the explosive growth in traffic flows exceeds the expectations of policymakers. When we introduce some kind of load-balancing scheme or even implement it, like many other scenarios, the first is to identify current and future application requirements, and then weigh the costs against the results.

In view of the current and future application requirements, analysis of the different network bottlenecks, we need to establish what kind of load balancing technology, what kind of balanced strategy, in terms of usability, compatibility, security and so on to meet the needs, and so on.

Whether the load-balancing scheme is using less expensive software, or buying expensive hardware such as a fourth-layer switch, load balancer, or other different kinds of equalization technologies that are costly in performance, these are some of the things we might consider when introducing a balanced solution:

Performance: Performance is an issue we need to focus on when we introduce a balanced solution, but it's also one of the hardest issues to grasp. Performance can be measured by the number of packets per second across the network as one parameter, and the other is the maximum number of concurrent connections that the server farm can handle in a balanced scheme, but assuming that a balanced system can handle millions of concurrent connections but only at 2 packets per second, it is obviously not useful. The performance of the advantages and disadvantages of load-balancing equipment processing capacity, the use of balanced strategy is closely related, and there are two points to note: First, the balance of the overall performance of the server cluster, which is the response to the client connection request speed of the key; second, the performance of the load balancer device itself, Avoid a large number of connection requests when their own performance is not enough to become a service bottleneck. Sometimes we can also consider a hybrid load balancing strategy to improve the overall performance of the server farm, such as DNS load balancing combined with NAT load balancing. In addition, for sites with a large number of static document requests, you can also consider the use of caching technology, relatively more cost-saving, better response performance, for sites with a large number of ssl/xml content transmission, should consider the use of ssl/xml acceleration technology.

Scalability: It technology is changing rapidly, a year ago the latest products, now perhaps the network is the lowest performance of the product; The rapid rise in traffic, a year ago the network, now requires a new round of expansion. The right equalization solution should meet these needs, balancing the load between different operating systems and hardware platforms, balancing the load of different servers such as HTTP, Mail, news, proxies, databases, firewalls, and caches, and dynamically adding or removing certain resources in a way that is completely transparent to the client.

Flexibility: The balanced solution should be flexible enough to provide different application requirements to meet the changing needs of the application. When different server groups have different application requirements, there should be a variety of balanced strategies to provide a broader choice.

Reliability: In sites with high quality of service requirements, the load balancing solution should provide complete fault tolerance and high availability for the server farm. However, when the load balancer device itself fails, there should be a good redundancy solution to improve the reliability. With redundancy, multiple load balancer devices in the same redundant unit must have an effective way to monitor each other, protecting the system from the loss of significant failures as much as possible.

Manageability: Whether it's a balanced solution through software or hardware, we want it to be flexible, intuitive and safe to manage, so it's easy to install, configure, maintain and monitor, improve productivity and avoid mistakes. On the hardware load balancing device, there are currently three kinds of management methods to choose from: First, command line interface (Cli:command lines Interface), can be managed by HyperTerminal connection load Balancer device serial interface, also telnet remote login management, when initializing configuration, The former is often used; second, the graphical user interface (gui:graphical users Interfaces), based on the management of ordinary Web pages, but also through the Java Applet for security management, generally requires the management side installed a version of the browser; SNMP (Simple network Management Protocol), supported by third-party network management software, manages SNMP-compliant devices.

The difference between four-layer and seven-layer load balancing