Network Device Power Consumption:

While Computers, laptops, Servers, UPS and other IT devices consume a large amount of power, Networking equipments like Switches, Network Interface Cards, etc are not really far behind. It is estimated that networking devices consume about 10% of the total power consumed by IT equipments. With more and more switches/ NIC’s being added to the network, the power requirements for network devices are sure to go up.

One more factor that is contributing to the power increase of network devices is increasing capacity. Switches and Network Interface Cards are transitioning from 100 Mbps to 1000 Mbps and the Network Switches at the Data Center is slowly moving towards 10 GE Connections. Higher capacity always comes with higher power requirements, irrespective of whether the devices are used to their full capacity or not.

These were among many factors that led the IEEE to convene and formulate the 802.3az Standard (Energy Efficient Ethernet). If Network devices (from any vendor) comply to this standard, the power consumption per port would decrease significantly.

Before we look at what IEEE 802.3az is, we need to consider two factors that led to the Standard:

i. Bulk of the active circuitry in network devices remains always on and runs using the maximum power irrespective of whether there is data transmission or not.

ii. Typical Ethernet traffic has occasional bursts at full link capacity, but remains idle for most of the time.

What is IEEE 802.3az/ Energy Efficient Ethernet?

IEEE 802.3az/ Energy Efficient Ethernet is a symmetric protocol that enables network ports to switch between higher power state (data mode) / lower power state (LPI mode) in response to whether data is flowing through them (Active state) / Not (Idle state).

IEEE 802.3az/ Energy Efficient Ethernet uses a technology called LPI – Low Power Idle, which is actually a low energy consumption state that can be used during periods where there is no link utilization.

It should be noted that the IEEE standard defines how LPI is communicated between systems and not why or when it is communicated. Those decisions are left to individual systems.

How does IEEE 802.3az/ Energy Efficient Ethernet (EEE) work?

Each PHY (Network Switch port, NIC, etc) advertises its EEE capability during auto negotiation when a link is established. If the device PHY at both sides of the link support EEE, then they operate in the EEE mode. Even if one of them do not support the EEE standard, they operate in the normal/ legacy mode.

EEE compliant devices use a modified static logic design in order to transcend to the Low Power Idle (LPI) mode when no data is flowing through them.

In EEE compliant devices, LPI (Low Power Idle) signaling protocol is used to convey that a particular link needs to go idle as there is no data transfer during a certain period (which produces a gap in the data stream). But once data flow is initiated through the link, LPI enables the link to resume to its normal operation (Data mode).

When there is no data flow, the link is kept in the sleep mode so that the power consumption (of the device ports that connect from either side) is minimized. But the transmitter sends periodic refresh signals to ensure that the link is functioning and higher level systems (like NMS) can see through them. Of course, the link can be re-awakened at any time. This is especially important in face of unpredictable / latency sensitive traffic.

Advantages of IEEE 802.3az/ Energy Efficient Ethernet (EEE):

* EEE is very effective in reducing the total power consumed per port and it saves a lot of energy on the long run for organizations having a large number of network devices.

* EEE is very effective with edge devices (like computers, edge switches, etc) and can save a lot of power when these devices are EEE compliant as their utilization pattern generally consists of long periods of silence and a few traffic bursts at (almost) full capacity.

* EEE standard does not transition to a lower bandwidth / throughput to achieve power savings. So, 1000 Mbps links remain 1000 Mbps links and does not transition to a lower speed.

* EEE standard operates over standard Base-T interfaces on twisted pair copper wiring and supports 10 Mbps/ 100 Mbps/ 1000 Mbps/ 10 GE.

* EEE is backward compatible with legacy interfaces (that don’t support this standard). Of course, with such interfaces it works normally and does not save power. So, organizations can upgrade their networks gradually.

* The EEE standard gives room for some future improvements (without requiring hardware replacements).

excITingIP.com

You could stay updated on the latest computer networking/ enterprise IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’

First of all, this term WAN Virtualization is not any standard and is definitely not as popular as Server Virtualization, at least yet. But there is at least one company which is trying to solve the WAN pipe bottlenecks beyond what is offered by the current generation of the WAN Network Optimization products and I thought, why not represent the highlights of the technology here?

1. When there are multiple WAN Connections (number of links and types of links), one might be able to obtain a higher flow performance by enabling packets (even from within a single flow) to be striped across multiple network paths, based on certain measurements of each network path characteristics.

2. Basically, multiple WAN links are treated as one large pipe and the packets are routed across any link as deemed fit, on a packet by packet basis instead of routing them on a per-flow basis.

3. For this to happen, a WAN Virtualization device (where the multiple WAN links terminate, placed on either side of the WAN connection) has to monitor detailed characteristics of each WAN link connected to it on various parameters like packet loss, latency, jitter, etc. These are measured on a packet by packet basis to continuously monitor the current status of each link and take action on sudden network inconsistencies / bursts of traffic, etc that affect the movement of packets.

4. Even if there is no traffic passing through the links, the device can send some heartbeat packets to monitor the status of the link in real time. This way, it is possible to determine the best links / worst links (perhaps from multiple ISP’s) to send the packets and take packet routing decisions accordingly.

5. This concept not only accounts for bandwidth aggregation, but also provides a way to route packets around network trouble/ sudden traffic bursts as they happen and not just when the whole link is down. When multiple links are available, it chooses the best path with minimum congestion, minimum packet loss, minimum latency, etc to send maximum number of packets.

6. If  high levels of reliability is required, packets are duplicated and sent across two different paths. If one of them fail to reach / reaches late due to sudden network congestion, its still fine as the other stream would reach the destination on time and one stream is sufficient. If both arrive on time, one of the streams is discarded at the destination. Think about an important Video Conference session that your CEO is going to attend – This reliability is perhaps for such situations.

Isn’t this an interesting concept that can be explored more? Real time applications like voice and video might benefit quite a bit from WAN Virtualization, as it is termed. Also, it might enable companies to go with more than one broadband connection at branch offices with primarily download requirements and still get the kind of reliability offered by MPLS / Internet Leased Line connections.

excITingIP.com

You could stay up to date on the various computer networking / related IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’

What are Application Delivery Controllers?

Application Delivery Controllers do a lot of critical functions in a Data Center including Server Load balancing, WAN Connectivity optimization (caching, acceleration, etc), SSL Offloading/acceleration and many other functionalities that are critical for application delivery and performance to the branches from a centralized data center over the WAN network connectivity. You can read more about the role of Application Delivery Controllers from here.

Which parameters of an Application Delivery Controller can be virtualized?

A lot of parameters that can be specified for individual Application Delivery Controllers can be virtualized and dedicated to each instance of a Virtual Application Delivery Controller (VADC). Some of them are,

• Bandwidth
• Processor capacity
• Memory capacity
• Transactions per second
• Compression parameters
• SSL encryption/decryption parameters. etc.

Virtual instances of ADC’s can be specified individually for specific applications, certain departments within an organization, certain services, etc. By partitioning traffic at the ADC, the IT department gains fine grained control over the actual resources delivered to individual applications/ clients.

Each Virtual ADC instance provides a complete set of application delivery functions that can be found on physical ADC devices and individual application SLA’s can be enforced. Each VADC has a dedicated management IP address. Even the network layer can be virtualized by specifying individual ports, VLAN’s, ARP/Routing tables exclusively for Virtual Application Delivery Controller instances.

The Virtual ADC’s can run as individual virtual instances either on an specialized ADC hardware or even on general purpose server virtualization hardware (Soft-ADC’s). Each VADC can have its own management interface and can be independently started, shut-down and restarted.

Advantages of Virtual Application Delivery Controllers (VADC):

• Consolidation & Centralization of ADC infrastructure across multiple departments/ applications.
• Having a single large ADC instead of multiple smaller ADC’s reduces the network ports, DC space, power consumption, etc.
• Some amount of Cap-ex and Op-ex reduction can be realized based on specific customer scenarios.
• VADC allows Data Center service providers and Cloud Service providers to provide differentiated services based on individual requirements.
• Faster deployments of new services / applications/ locations are possible with VADC as it is not required to add new appliances but its enough to just create new virtual instances on the existing ADC.
• Application developers can test the response of their applications with the Application Delivery Controller virtual instances and make any required changes to their applications without disturbing the existing ADC setup and without needing a new appliance for testing.
• One application per individual physical ADC generally results in under-utilization of ADC resources which can be avoided by using Virtual Application Delivery Controllers.
• Fault isolation between the various virtual ADC instances is possible and it can ensure that individual virtual ADC failure / congestion does not affect the other VADC instances.
• The resources allocated for each Virtual ADC can be increased/decreased On-demand and in most cases, dynamically. This enables the optimum utilization of ADC resources.
• Central management of all the VADC instances is possible along with the migration of VADC instances (in case of Soft-ADC) to enable service continuity during planned maintenance.
• Isolation of all management elements like configuration files, user database, logging / reporting, etc for each virtual ADC instance.
• Each Virtual Application Delivery Controller instance can have its own management interface.

excITingIP.com

You could stay up to date on the various computer networking / related IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’

What is a Content Delivery Network?

Various Web 2.0 technologies have transformed the Internet and the Internet is now enabling content to be delivered in various forms – Text, Images, Flash, Audio, Video, etc. When companies need to serve such diverse forms of content, most of the time, they distribute them by hosting them in servers in their data center(s). But the consumer pattern is not always uniform. There may be sudden bursts of traffic requesting web based content from consumers located around the globe. To accommodate for the demand, companies need to estimate and provision additional servers in quantities enough for handling peak loads. More over, on the Internet, there is always a factor of RTT (Round Trip Time) and Packet Loss that needs to be considered, and these parameters have a higher effect on the consumers who are located at greater distances from the servers.

It is to accommodate for these limitations, that Content Delivery Networks were created. A Content Delivery Network is a network of servers hosted by a service provider in multiple locations of the world (usually shared with multiple customers) so that the content could always be served from a server that is nearest to the consumer requesting for it. And besides, since multiple servers are used, the load is distributed and consumers get better quality content, faster. There are many more advantages to a CDN, which we will see in the final section of this article.

A Content Delivery Network (CDN) consists of two components: The Origin Server(s) – where the content to be distributed over Internet is originally stored & Cache Server(s) – where the content is duplicated. There is generally one Origin Server (either in the customer’s data center or in the cloud, with the content delivery network service provider – for example) and many cache servers (in multiple locations across the globe) so that, when a consumer is requesting a particular content on the Internet, it can be served by a cache server nearest to the consumer’s geographical location if the content is available there. Other wise, cache server fetches the content quickly from the origin server after protocol/route optimizations.

Content Delivery Networks provide the following (at a glance):

• Serving the content from the closest possible geographic location to minimize network latency.
• Replication (Caching) and deployment of large number of servers to minimize the server latency.
• Capacity On Demand.
• Monthly charges as per the content delivery (without high initial investments).
• Application Acceleration, Compression, Protocol optimization, etc.
• Route optimization (to identify and route traffic through the best/shortest/least congested route between origin server and cache servers.
• Static/ Dynamic/ Encrypted content optimization and faster delivery.

Some technologies used by Content Delivery Network (CDN):

Apart from Caching and geographically accessible placement of servers, content delivery networks employ many more technologies to make sure that the content is delivered faster and more efficiently to the consumers. Some of the common technologies employed by CDN are given below to get an idea.

• While the static content can be cached on the cache servers to be served immediately to the consumers, dynamic content/ embedded objects etc, cannot. So, CDN takes advantage of the http request procedure: When a website is requested, the html is served first, and the embedded objects are served on the subsequent round trips/ requests. So, cache servers store the html parts of frequently accessed content and that is served first, while the embedded objects are requested from the Origin server simultaneously by the cache servers so that by the time the request from the consumer comes for embedded objects, they are already present, and can be served immediately.
• The fastest and the least congested route (between the cache server and the origin server) is estimated continuously, and the traffic is sent in that route. The communications between the various servers in the CDN are always optimized for performance.
• The geographically nearest cache server is chosen by the CDN for serving requests. But, if those servers are being utilized to their full capacity, the users are automatically re-routed to the best cache server (irrespective of the distance) that can serve the consumer at that point of time.
• Some CDN’s can prioritize the Interactive/ multimedia traffic in their networks to improve their performance.
• CDN can use Pull or Push technologies, or both. A pull technology requests for content from the origin server on the receipt of a request from  consumers, and also saves it in the process. A push technology involves origin server pushing out all content to cache servers before hand.
• Some CDN’s send multi-cast streams from the origin server to the cache servers and there-on send uni-cast streams to individual users. This can save a lot of bandwidth and processing resources for the origin server.
• Protocol optimization is used extensively in CDN. For example, multiple handshakes required for establishing / tearing down web connection with http is replaced with a set of long lived and persistent connections (for connections between cache servers and origin servers). This also allows for multiple http requests to be sent using a singe connection, all of which reduce the tame taken for serving requests.
• Data can be compressed en-route, saving bandwidth and enabling faster responses.

Advantages of Content Delivery Network (CDN):

• Some CDN’s are large enough to accommodate thousands of servers across many networks in multiple countries. This gives a good reach and ensures that users from many countries get fast and reliable access to content.
• Content Delivery Networks allow for monitoring (and proactive fault rectification) of various parameters like successful delivery of content, traffic patterns/ peak times etc. Some of them even allow for real time notifications of threshold values set by the customers.
• When compared to in-house hosting, content delivery networks are advantageous because there is no high initial investment in hardware/ bandwidth/network required as most CDN’s charge per month and only for the amount of content delivered.
• CDN’s are the best way to serve a large number of random users across the globe through the Internet. Alternative technologies like application delivery controllers can accelerate applications over WAN but require that these hardware devices be present in sending as well as receiving locations.
• Reduced content delivery latency/ reduced load on origin server.
• Easy, fast and on-demand scalability.
• Best technology to handle unexpected peaks in web traffic.
• CDN’s are highly redundant as requests can always be transferred to other servers (if one of them is down) and hence they almost provide 100% availability.
• Integration with authentication/ encryption systems are supported by CDN.
• Few CDN’s also distribute content using Peer to Peer technology where a large number of user PC’s are used to deliver content to nearby users. These networks can expand to support virtually unlimited users especially with the latest developments in P2P like ‘Peer Assignment Algorithms’ that distribute the traffic more efficiently between peers.
• CDN’s reduce RTT (Round Trip Time) between the users and servers as servers are located near the users.

excITingIP.com

In case you want to add any points or have any questions you can use the comment form below or contact us using the contact form. You could also keep yourself updated with the various technologies in the computer networking domain by subscribing with your email address in the sidebar box mentioned as “Get Email Updates When New Articles are Published”.

]]> http://www.excitingip.com/1028/cdn-content-delivery-networks-technology-advantages/feed/ 0 http://www.excitingip.com/909/why-ddi-dns-dhcp-and-ip-address-management-is-critical-for-distributed-organizations/ http://www.excitingip.com/909/why-ddi-dns-dhcp-and-ip-address-management-is-critical-for-distributed-organizations/#comments Fri, 26 Nov 2010 20:22:29 +0000 admin http://www.excitingip.com/?p=909 With multiple branches and thousands of IP addresses, centralized management of critical network services like DNS, DHCP and IP Addresses are catching up with bigger and distributed organizations. Read on to understand how the DDI – DNS, DHCP and IP Address Management appliances can help and the advantages of centralizing these critical network services.

The critical network services like DNS and DHCP have been managed by Unix based Open Source platforms like the BIND DNS or ISC DHCP or Microsoft AD – Windows Server 2003/ 2008. But when organizations grow and spread across multiple locations with thousands of IP addresses, the number of servers deployed for providing DNS/ DHCP services might also be large and similarly distributed among multiple branches.

The DDI – DNS, DHCP and IP Address Management services help to have an eagle eye’s view on such networks and enable centralized management, as well as introduce redundancy at every level for the high availability of the critical DNS and DHCP services.

An Overview of the DDI – DNS, DHCP and IP Address Management appliances:

First, the DDI appliances can themselves provide DNS, DHCP, IP Address Management functionalities as well as provide centralized management for third party services like Microsoft Server 2003/2008 and Unix based DNS/DHCP servers across multiple locations.

The DDI solutions can be appliance based (most popular), software based or even managed services based. They can also integrate with a few virtual service platforms. The most useful functionality of these DDI services is that they give a full fledged web based GUI (Graphical User Interface) through which administrators can control almost every aspect of their DNS, DHCP and IP address management servcies.

Another important reason why they are popular is their ability to give total redundancy (High Availability) at every level – there can be two DDI appliances directly connected at the HO which can provide appliance level fail-over, there can be a master appliance at HO and multiple slaves at branch location/ Data Center anywhere to provide appliance level as well as network level fail-over. Even the databases (used for DNS, DHCP) are unified and updated simultaneously across the network, providing for their efficiency and redundancy. The upgrades, patches and even configurations (sometimes) to these services can be done centrally and it automatically gets pushed across to all the DDI appliances across the network, minimizing downtime and ensuring uniformity.

The administration can be centralized or split zone-wise enabling different administrators to manage different zones. All the logs (including administrative changes) can be exported to a Syslog server from the central location for the entire network. Some solutions support pre-configured event notification via SNMP traps and emails.

DNS/ DHCP:

As mentioned earlier, DDI solutions consolidate and centralize DNS/DHCP services across multiple branches and provide HIgh Availability of these services. Many DDI solutions enable DNS and DHCP services to share a single database in order for tighter integration between these two services.

Multiple appliances can be load-balanced to provide DNS services to clients while still advertising a single DNS address. Handy tools like templates enables companies to automate and standardize the creation of DHCP configurations across the network (for example, each new branch could be served with a ready made template which has all the common configurations already applied to it).

Some DDI solutions offer import tools which enable users to migrate from Windows / Unix based solutions to the DDI appliances with automated checks for data corruption.

Most importantly, the appliance based purpose built DDI solutions offer a great deal of security to the DNS/ DHCP services by,

• Opening only those network ports required for DNS/ DHCP management, while all the other ports operate in the Stealth mode.
• Implementing a controlled and uninterrupted boot process and Kernel that does not support file systems other than the ones already used by it.
• Running the applications in ‘Jailed’ mode, wherein even if a hacker manages to get in to the appliance, the access is highly restricted and new binaries cannot be run.
• Employing techniques that prevent Cache poisoning and numerous other attacks like Denial of Service attacks etc that target the DNS and DHCP services in an organization.

IP Address Management:

Most of the DDI Solutions provide you with a nice GUI that gives a visual representation of all the IP addresses in the network with real time IP address allocation data by zones/ subnets. This enables the administrators to discover IP enabled devices anywhere in their network. It also becomes easier to discover who did what and when if such unified and centralized IP address management tool is available. The IP address details are hierarchically arranged (mostly with graphical representation) and some of them even offer API’s that integrate with external applications like Google Maps to view where exactly any IP address is located!

For every IP address, the IPAM (IP Address Management) module maintains individual records which include information like host-names, MAC addresses, associated switch ports, device info, date and time of device assignment, etc.

IPAM module checks for IP address inconsistencies and overlap and hence identifies IP address conflicts, which can be corrected by the administrator. They also help identify and reclaim unused IP addresses in the network.

IPAM module gives alerts when the IP address ranges are nearing their full utilization in any sub-network. Administrators can partition, re-size and re-allocate the IP address space without worrying about any IP address conflicts.

As network transition to IPv6 addressing is inevitable, the IPAM module allows organizations to have both IPv4 and IPv6 addresses during the transition period, as a single step transition to IPv6 would be very difficult.

excITingIP.com

In case you want to add any additional points or have any questions, you can use the comment form below or you can contact us using the contact form. You can stay up to date on the various computer networking technologies by subscribing with your email address in the box mentioned as “Get Email Updates when new articles are published”.

What is an Electronic Document Management System and why is it required?

A document is any readable material that is used for business processes. Documents can be in multiple formats – printed pages, word processing documents, spread sheet, fax, presentation documents, photos, internet pages, medical images, AutoCAD drawings etc. We are handling more of electronic documents these days and then converting it to paper based documents, where required, by printing them. What if the entire process can be handled electronically without having to use papers at all? Then comes the storage and retrieval of such printed documents – it always happens that the most important file we are looking for is always not available (like a copy of a purchase order/ invoice etc). So, if all the important documents are stored electronically, it would be much easier to locate an important document that we may want to reference at that instant. And then comes the electronic documents (like word documents, power point files, auto cad files, emails etc) – If the critical electronic documents are also indexed by a central document management system, they could also be searched using some keywords in their contents, tags like date of creation, person who saved etc.

So, basically an electronic document management system refers to the creation, capture, organization, storage, retrieval, manipulation and controlled circulation of documents in electronic format.

The advantages of electronic document management systems are numerous. Some of them are given below:

¤ The documents stored in EDMS can be easily searched and viewed from any computers ensuring their instant and fast access/availability.
¤ As the printed documents are scanned, they would retain their original look, colour etc.
¤ Optical Character Recognition technology is useful to digitize the entire text of a document and allows the users to search using any textual term contained in them.
¤ Documents can be quickly shared for collaboration on the network.
¤ Electronic documents can be stored in multiple places (useful for disaster recovery).
¤ The real estate costs of storing paper based documents is reduced.
¤ Internal processes like approvals etc. can be done faster as most of the companies are multi-location based and it would take a long time to send and get back individual documents.

Creation/Capture/Organization:

A document management system consists of an imaging server which contains the EDMS software that allows to store, retrieve and access documents based on any combination of indexes, text (if the scanned documents have gone through an Optical Character Recognition process). EDMS generally use database management systems like MySQL, Oracle etc to store and organize the documents. Some EDMS can be integrated with the existing database system used by the company.

People are also an integral part of the Document Management System as they have the knowledge about the type of documents, how to segregate them in to various groups, how the communication lines flow and take decisions as to which processes/work-flows need to be automated. Equally important is the business processes which define the organization and the flow of documented information between people within and outside the organization.

Printed documents are generally scanned by using specialized high volume scanners or certain Multi-Function Printers/Copier’s etc which can be integrated with the document management systems. These documents are indexed using certain parameters like date of creation, person who created, time of creation etc, and they can be organized in to related groups of folders.

Some EDMS allow automated capture and storage of incoming/ outgoing email messages and their attachments in to the document management system folders so that they can be stored and accessed whenever required.

Storage and Retrieval:

The electronic documents are generally stored in servers and other permanent storage. The current documents (that are used frequently or recently at that point of time) can be stored in a server/ hard disks and the archived documents can be kept on tape drives, CD’s, DVD’s, Storage Area Networks, CD/Optical Jukeboxes etc. Mostly the documents are stored in pdf format (scanned ones) so that they can be instantly accessed, viewed and searched from any PC/workstation.

Generally, some security features are applied to the accessing of the documents to control which users can access which documents at what times. And only one user is allowed to modify a given document at a point of time (as the documents can be accessed by multiple users at the same time).

EDMS allow locating/searching documents based on the text they contain (if the scanned pages have gone through an OCR) or through any of the indexed parameters. Some times, compression mechanisms are applied to images before storing them in order to reduce the disk space required for storing them.

Some EDMS softwares allow the search module can be integrated in to the existing software applications that the employees use on a daily basis like CRM/ERP modules etc.

Manipulation and Controlled Circulation:

The EDMS check if the stored documents have undergone any changes and intimate to the respective personnel concerned when some changes happen to important documents before saving them. Some times, approvals might be needed to be obtained before saving the changes to the saved documents, and EDMS allow to do the same.

One of the biggest advantages of EDMS is to quickly share the documents over the network (Internet/Intranet). Another important function of EDMS is to apply work-flow routing to the documents. All companies have some processes where important tasks are required to go through multiple approvals. An Electronic Document Management System automates this process and lets the  personnel to give approvals over the network. You could imagine how much time a manual system of approvals would have consumed with printed paper and multi-location offices.

Some EDMS can also be integrated with the web and the documents can be presented to the user via a normal browser and displayed as dynamically generated HTML pages.

excITingIP.com

In case you have any questions, you can contact us using the contact form or leave a comment below. You can also subscribe with your email address (on the right side of this site) to get intimated when a new article is published on this site.

Load Balancing: The primary function of an Application Delivery Controller (ADC) is to load balance the requests from the clients to appropriate servers by directing the incoming requests to the best performing and most accessible servers (by using various load balancing algorithms). It can determine the key elements of servers like number of concurrent connections and memory utilization. So, using an ADC is one way of expanding the number of servers for demanding web based applications and still ensure that the traffic is distributed across all the available servers. ADC’s can also determine if a particular server has a higher configuration (Dual Core Processors compared to Pentium III ones) and hence handle more requests, and accommodate such factors while distributing load. Click here to read more about application load balancing, in WAN optimization.

Fail-Over: If one of the servers is inaccessible (or down), the Application Delivery Controller can take that server off-line and re-route users to other functioning servers till the same is up and running.

Caching: Application Delivery Controllers can index frequently sent chunks of data streams and substitute them with shorter codes while sending them again. This helps reduce bandwidth especially for recurring/ frequently sent data. You can click this link to read a detailed account on types of Cashing for WAN optimization.

Protocol Substitution and Compression: Certain chatty protocols like TCP (which require frequent acknowledgements) are encapsulated and repackaged in to UDP packets and sent across the link in order to speed up the process, and hence optimize the WAN delivery. A variety of compression techniques are used to compress the data sent across the WAN. They are often encrypted while sending. Click here for reading a detailed account on Protocol Substitution and Compression.

Application Layer operation: ADC can operate on Application layer (Layer 7) of the OSI stack. So, they can take certain decision based on application layer criteria. For example, certain type of client requests (like video playback etc) can be selectively sent to a particular physical server optimized to perform such service.

High Availability: It is possible, and recommended to configure a couple of Application Delivery Controllers in High Availability mode in order to make sure that the application/website is not totally down due to the failure of an ADC.

SSL Offload: To enable the servers hosting applications to dedicate their hardware processors to process the requests related to the applications, SSL handshake and encryption/decryption processes are offloaded from the servers to the ADC’s. The ADC does the same by using certain ASIC chips which are tailor made to handle such operations. This would also enable the management of SSL certificates from a single place (ADC) rather than multiple servers. Some ADC’s would also offload processes like XML normalization.

Security: Since clients interface with ADC’s (rather than the host servers directly), certain basic security processes are also handled by some Application Delivery Controllers. They can check if the protocol messages are well formed, apply policies, discard DOS attacks, filter out attack signatures etc.

Network Link Optimization: Since many applications perform poorly when talking to slow, remote clients over unreliable networks, it is better that they speak to the application delivery controllers (which invariably happens when ADC is present), so that the applications perform their best believing that they are talking to fast local clients.

Connection Pooling: Opening a single web-page opens multiple TCP connections, which are generally short-lived. So, an Application Delivery Controller maintains a pool of open connections at all times, and when a client makes a request for new TCP connections, the ADC uses such already opened TCP connections instead of incurring the overhead and time associated with opening new connections.

Software based ADC/Virtualization: There are certain software based ADC’s (instead of appliance based) that can be loaded on generic computer servers and employed for the same WAN optimization applications. They might have an advantage over the generic appliance based ADC for cloud/virtualized server environments and better optimized for certain applications. But the appliance based ADC’s can also handle virtual server environments.

Connection Persistence: This is a method used by Application Delivery Controllers to ensure that for a prescribed duration, the user always comes back to the same server (as there is a chance that the ADC might push them to a different server each time they connect to) where they were previously associated with. This is critical for applications like e-commerce performing multiple transactions (through a web based ‘cart’ etc) as the first server ‘needs’ to remember all the previous transactions to complete the purchase procedure.

This can be done based on the source IP address, but with the advent of proxies and NAT mechanisms, this becomes ineffective. To solve this problem, cookie persistence was introduced, which uses browser cookies to identify users. The ADC or application can serve cookies to users at the start of a session and the user’s browser would automatically return the cookie during each return hit, which helps the ADC to identify that the user needs to be sent to the same server during the subsequent visits too. In a SSL based transaction, such cookie persistence is hard to achieve. But with SSLv3, there is a unique session ID (SSL session ID which is a 32 bit session identifier) which is used by the ADC to identify and balance the user to the appropriate server.

Direct Server Interface: In some applications, it may be required for the real servers to interface directly to the client requests (instead of going through the ADC). This becomes important especially in certain applications like transferring large payloads of video traffic etc (to avoid latency by interfacing with one more device like ADC), and hence certain ADC’s provision and allow the same, selectively.

Transparency: Certain Application Delivery Controllers can allow to preserve the client’s original IP address while sending requests to the server (normally IP address is changed by ADC as it acts like a NAT here). This is required for maintaining client IP address logs etc directly in the host servers, which are required for some applications.

excITingIP.com

You could stay up to date on the various computer networking technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’.

Application load balancers are hardware devices that sit in between a bunch of servers in the data centre and the outside world (people requesting access to the servers). They balance the load (traffic, sessions) across a bunch of servers (applications actually) and make those multiple servers (and applications) look like one big server to the outside world. Actually the applications are replicated across multiple servers and the incoming requests are routed to any of them, based on multiple parameters. This is required for multiple reasons, chief of them given below.

Why are Application Load Balancers required?

Scalability: Suppose a single server is used to host a website or has some application that is frequently used by large number of users. There would come a point when the servers maximum capacity (concurrent connections, processor speed, bandwidth limit etc) is reached and multiple servers are required to be used. So, an application load balancer decides which user goes to which server. In other words, it distributes and balances the load (incoming process requests) across multiple servers and more importantly allows the addition of multiple servers.

High Availability: Suppose you are running a very critical application (like an ecommerce website) on a single server, there is always a possibility that there could be an application failure or server hardware failure. In those cases, it is better to run the same application in multiple servers – both for load balancing purposes and to avoid complete disruption of services in case a server/application fails as the load balancer can automatically identify if a server/application is down and not route any connection requests to it, until it is up and running once again.

Control: Load balancers not only determine if a server is available or not, but they also predict the approximate usage levels of each server/ application. This is required to decide where to forward the incoming requests – it is better to forward them to the server that is being least used at that point of time, for example.

A little History about Application Load Balancers:

Before we go in to the features of application load balancers, we would see a little history to understand the current implementations better.

Initially methods like DNS Round Robin was used to distribute the load across servers. It was a simple method where, if three servers are present, the connections would be sent first to one server, then the second and then third – one after another and the next time the order could differ. While this method was good at distributing load across servers, it was not actually load balancing. There was also no way of determining if a server was down so Availability was not always 100% as it depended on manual methods to determine that. There was another problem: Clients tend to cache the server information (including IP address) and go back to the same server they used before.

Then load balancing was built into the application software. Here, all the client requests go to the cluster IP first and then it is distributed to one of the available and the most suitable physical IP address (of the server/ application port). The problem of High Availability and load balancing is solved as the application developers would know the health of an application (if it is down) and can determine the connection density based on real time parameters to apply load balancing algorithms that is best for the particular application. But the problem is the fact that load balancing is entirely dependant on the application vendors (which might not be provided at all by some of them) and it needs to be done separately for each application. It becomes complex in a virtual server environment.

Network based Application Load Balancing Hardware:

The following steps are performed by network based application load balancing hardware devices which sit in between the leased lines (users) and the host servers to do load balancing of applications.

¤ When the user attempts to connect to the servers, the load balancer accepts the connections on behalf of the server (through a virtual IP address), changes the destination IP address to the physical server IP address and port numbers and forwards the request to the appropriate server.
¤ The server accepts the request, processes it and replies back to the load balancer.
¤ The load balancer now forwards this reply after changing the virtual IP address to the actual user IP address in the destination field so that the user thinks that the reply has come directly from the server.

Application level load balancing: A load balancer can make a distinction between a physical server and the application services running on it. It individually interacts with the applications instead of the underlying hardware, giving the load balancer the ability to load balance at application level instead of server level. Load balancers can balance the load of multiple applications, uniformly.

Health Monitoring for HA: Load balancers can individually verify if a server is working or not. They do this by conducting multiple tests (with increasing complexity) on the servers like Pinging etc. Generally this is done regularly and before the packets are sent to the server in order to ensure HA.

Load balancing parameters: The decision to route a connection request to a particular server over the other servers is taken based on a lot of real time parameters that are measured by application load balancers like load, response times, usage and utilization statistics, current connection counts, host utilization monitors, and a lot more based on the vendor. They also enable dynamic load balancing – sending more traffic to bigger servers (having more processing power) than smaller servers.

Connection persistence: After deciding to connect a particular user to a particular server , the load balancer still ought to determine if the traffic that follows afterwards from that user needs to be load balanced or not. It the session is a longer TCP connection (like FTP), then it should not get load balanced. If the session consists of multiple short lived TCP connections (like http) then it could be load balanced. But for certain http sessions like e-commerce applications, it is important that the users need to be connected to the same server. In such cases, first the applications need to be identified, and the decision to load balance or not, could be taken based on parameters like user name etc (instead of IP address as the proxy servers and NAT gives same IP address for multiple users) which are more permanent and can be read from the incoming packets.

excITingIP.com

You could stay up to date on the various computer networking technologies by subscribing to this blog with your email address in the sidebar box that says ‘Get email updates when new articles are published’.

]]> http://www.excitingip.com/516/basics-of-application-load-balancers/feed/ 2 http://www.excitingip.com/510/write-with-a-digital-pen/ http://www.excitingip.com/510/write-with-a-digital-pen/#comments Tue, 18 Aug 2009 11:36:33 +0000 admin http://www.excitingip.com/510/write-with-a-digital-pen/ With everything else becoming digital, the pen doesn’t want to be left out. There are even digital papers which help the digital pen! This article enables what exactly can be done by the digital pen and the digital paper and some of their applications.

Think of this situation: You are working for a Government Census department. As a part of the job, you are expected to manage a group of employees to collect the data, fill up their entry sheets and another group of employees to enter all that data in to the computer. It takes quite some time to complete the process. Now, if the employees collecting the data could use digital pens and digital papers, the data in the filled up forms could directly be uploaded in to the computers. It can even happen in real time via blue tooth connectivity to their cell phones. No, this is not science fiction

Digital Pen:

¤ Digital Pen looks, feels and writes like a normal ball point pen.
¤ But the difference with a digital pen is: It has inbuilt digital camera, microprocessor and memory.
¤ The digital camera takes pictures of what ever is being written (more than 50 pictures per second) to determine the exact position of the pen – what it writes, draws etc and it records such data.
¤ The digital pen even stores the time when each particular stroke was made and can determine which paper the pen was writing on.
¤ There is an inbuilt microprocessor to do complex operations and coordinate the collected data while the inbuilt memory is used to store up to 50 pages of data.
¤ Image processing techniques are used to recreate the characters and digits that are written by the pen, in digital format.
¤ The end result looks like a scanned copy of the original document, with all the hand written markings on it or the hand written data can be extracted and sent for further processing.
¤ The digital pen also has an inbuilt battery, that can be charged.

Connectivity:

¤ The digital pen comes with a direct USB connectivity to PC to transfer all the pages with data that is already stored in the memory of the pen. There is a software that needs to be installed on the PC to receive and convert this data in to user readable format like pdf files etc.
¤ Alternately, the digital pen can communicate with a cell phone via bluetooth technology and instantly transfer data to the cell phone which can be transferred to the PC through GPRS/EDGE or any other data connectivity mode.

Digital Paper:

¤ A digital paper helps the digital pen in recognizing the pen strokes.
¤ It requires a pattern of dots, almost invisible to human eye, to be printed on it (along with the form content or separately) to aid in recording and reproduction of pen strokes.
¤ The pattern on each page has a unique identity so that the identity of any page can be established by the document interface software application.
¤ There is a limitation to the number of pages in which such patterns can be printed on normal papers by some vendors. This is limited by a software license that can be upgraded.

Applications:

The digital pen and digital paper can be applied for the automation of filling up forms and entering the data in the computers, on a large scale. The patient records, which needs to be updated frequently could be done by the digital pen and digital paper so that it could be automatically uploaded in the computers. Surveys and customer feedback forms could be automated. A lot of Government processes could be automated. The applications are virtually unlimited. But the precision of automating such processes is quite vital as is the acceptance of the technology by the users. Probably companies could verify the technology against manual processes in their environments and then take it up if they find a good cost/time reduction and more importantly, high levels of accuracy.

excITingIP.com

You could stay up to date on the various computer networking technologies by subscribing to this blog with your email address in the sidebar box that says ‘Get email updates when a new article is published’