larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Designing Content Switching Solutions

eBook (Watermarked)

  • Your Price: $46.39
  • List Price: $57.99
  • About Watermarked eBooks
  • This PDF will be accessible from your Account page after purchase and requires PDF reading software, such as Acrobat® Reader®.

    The eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    Watermarked eBook FAQ

  • Description
  • Sample Content
  • Updates
  • Copyright 2006
  • Dimensions: 7-3/8" x 9-1/8"
  • Edition: 1st
  • eBook (Watermarked)
  • ISBN-10: 1-58705-429-9
  • ISBN-13: 978-1-58705-429-7

A practical guide to the design and deployment of content switching solutions for mission-critical applications in data center environments

  • Design and deploy content switching solutions in the data center using this definitive guide
  • Learn about various content switching design approaches with implementation details, requirements for each solution, and design caveats
  • Examine detailed case studies that include configuration examples based on deployed content switching solutions
  • Explore scaling server load balancing within the data center, integrated data center design, and GSLB using DNS or IP
  • Assists network administrators in managing their content switching solutions

With the advent of e-commerce and Internet-accessible applications, more and more enterprises and service providers rely on data center services to grow their businesses. Content switching solutions, such as load balancing, caching, and disaster recovery for applications, are an essential data center technology and a key to helping businesses run in an efficient and redundant fashion. Understanding content switching solutions is a must for network designers, engineers, and administrators who need to scale their networks to meet the demands of their business.

Designing Content Switching Solutions helps you understand content switching solutions using Cisco® content switching products. You’ll get a thorough grounding in the theories and concepts behind content switching and then examine specific solutions through case studies. The case studies in Designing Content Switching Solutions emulate real-world scenarios for the solutions covering some of the common features and functionality deployed in production networks.

Designing Content Switching Solutions begins by introducing you to server load balancing (SLB), load balancing HTTP, VPNs, firewalls, and migrations between SLB devices. From there, you move to Secure Socket Layer (SSL) using Cisco products, including providing end-to-end encryption from client to server using backend SSL. Later chapters explore advanced techniques, such as how to provide distributed data center solutions using global server load balancing (GSLB) and how to conduct scaling and integration of SLB with SSL and GSLB.

Intended for data center architects and managers, network engineers, network administrators, and project managers, Designing Content Switching Solutions shows you the best practices for each content switching solution, enabling you to design and deploy the most critical content switching solutions in the data center.

Table of Contents

Foreword

Introduction

Part I    Server Load Balancing (SLB)

Chapter 1    Introduction to Server Load Balancing

    Why Load Balance?

        Scalability

        Availability and Redundancy

        Security

        Cost Effectiveness

    History of Server Load Balancing

        First-Generation Load Balancers

        Second-Generation Load Balancers

        Third-Generation Load Balancers

    Characterization of the Application

        Protocol and Port

        Sessions per Second

        Duration of Transaction

        Concurrent Sessions

        Idle Timeout

        Back End Sessions

        Session Stickiness

    SLB and SLB Modes

        Dispatch Mode

        Directed Mode

    SLB Designs

        Layer 2 Design

        Layer 3 Design

        One-Armed Design

        Direct Server Return

    Deciding on a Load Balancer

    Review of Infrastructure Design Concepts

        VLANs

        STP

        Dot1Q Trunking

        Dual Homed Servers

    Summary

Chapter 2    Introduction to the Cisco Content Services Switch

    CSS 11500 Platforms Overview

        CSS 11501

        CSS 11503

        CSS 11506

    CSS 11500 Architecture

        Distributed Architecture

        CSS 11500 Modules

        Switch Control Module for the Cisco 11500

        SSL Module for the Cisco 11500

        I/O Modules for the Cisco 11500

        Session Accelerator Module for the Cisco 11500

    Load Balancing with CSS 11500

        Services, Owners, and Content Rules

        CSS 11500 Flow Overview

    WebNS Software Features

        Infrastructure-Level Features

        Load-Balancing Algorithms

        High Availability

        SSL Integration for Security and Performance

        Local and Global Load Balancing

        Site and System Security

        Summary of WebNS Features

    Case Study: CSS-Based Solution

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        Design Options

        Traffic Flow

        Test and Verification

    Summary

Chapter 3    Introduction to the Cisco Content Switching Module

    Benefits of the Content Switch Module

    CSM Architecture

    Load Balancing with Content Switching Module

        Real Server, Virtual Server, SLB Policy, and More

        Load Balancing Methods

        VLAN Tag

        Client Group (Access Control List)

        IP Protocol Support

        High Availability

        Connection Redundancy

        User Session Persistence

    A Typical CSM Traffic Flow

    Routing with CSM

    CSM Network Integration Options

        CSM Layer 2 Design—Bridged Mode

        CSM Layer 3 Design I—Routed Mode with MSFC on the Client Side

        CSM Layer 3 Design II—Routed Mode with MSFC on the Server Side

        CSM Layer 3 Design III—One-Armed CSM Design

        CSM Layer 3 Design IV—Direct Server Return

    Case Study: CSM-Based Solution

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        Design Options

        Traffic Flow

        Test and Verification

    Summary

Chapter 4    Layer 7 Load Balancing and Content Customization

    Benefits of Layer 7 Load Balancing

        Scalability and Application Acceleration

        Session Persistence

        Content Customization

    Introduction to TCP

        Data Segments

        TCP Headers

        TCP Connection Establishment and Termination

        TCP Flow Control

    Introduction to HTTP

        Protocol Details

        HTTP Header Fields

        Differences Between HTTP Versions 1.0 and 1.1

    Layer 7 Load Balancing Mechanisms

        HTTP Methods-Based Load Balancing

        HTTP URL-Based Load Balancing

        HTTP Cookie-Based Load Balancing

        HTTP Cookie Passive-Based Persistence

        HTTP Cookie Learn-Based Persistence

        HTTP Cookie Insert-Based Persistence

    Case Study: Layer 7–Based Solution

        Server and Application Requirements

        Infrastructure Configuration

        Probe Configuration

        Online Download Application

        Online Shop Application

        Online User Profile Application

        Maximum HTTP Request Parse Length

        CSM Configuration

        Test and Verification

    Summary

Chapter 5    Firewall Load Balancing

    Reasons for and Benefits of FWLB

        Scalability

        Redundancy

        Manageability

    Types of Firewalls

        Packet-Based Firewalls

        Application-Based Firewalls

        Application Gateway or Proxy Firewalls

        Layer 2 or Stealth Firewalls

    Case Study: Firewall Load Balancing

        Server and Application Requirements

        Security Requirements

        Infrastructure Requirements

        FWLB Design Considerations

        FWLB Probes

        Traffic to the Firewalls

        Traffic from the Firewalls

        Router or Secure Mode

        Bridge Mode

        FWLB Algorithms

        Configuration Details of the INET Segment

        Configuration Details of the DMZ Segment

        Configuration Details of the LAN Segment

        Test and Verification

    Summary

Chapter 6    Transparent and Proxy Cache Load Balancing

    Benefits of Caching

    Caching Overview

    Mechanics of HTTP Caching

        HTTP Response Status Code

        HTTP Request Methods

        HTTP Cache-Control Directives

        Expiration and Validation

        Request Authentication

    Cisco Application Content Networking and Caching

        ACNS Roles

        ACNS Content Types

        Content Engine Architecture

    Transparent Caching Modes

        WCCP Protocols

        Redirection with the CSS

        IP Spoofing

    Proxy Caching Overview

    Server Proxy (Reverse Proxy Caching)

    Supported Protocols on the Content Engine

    Authentication and Management on the Content Engine

    Content Engine Models

    Case Study: Content Engine in a Transparent Caching-Based Solution

        Design Requirements

        Design Options

        Configuration Details

    Summary

Chapter 7    Load Balancing Streaming Video Servers

    Benefits of Load Balancing Streaming Video Servers

        Scalability

        Redundancy

    Introduction to Streaming

        Video Streaming Clients and Protocols

        Methods of Video Stream Initiation

    Types of Streaming Video Servers

        Apple QuickTime

        RealMedia

        Windows Media Technology

    Streaming Video Protocols

        Microsoft Media Server (MMS)

        RTP and RTSP

    Case Study: Load-Balancing Solution for Video Streaming

        CSS-Based Solution

        CSM-Based Solution

    Summary

Chapter 8    Virtual Private Network Load Balancing

    Benefits of VPN Load Balancing

    Introduction to Virtual Private Networks

    Virtual Private Network Protocols

        Internet Key Exchange Protocol (IKE)

        ESP and AH

    Case Study: VPN Load-Balanced Solution

        IKE Requirements

        ESP Requirements

        IPsec over UDP Requirements

        Design Options

        Directed Mode Solution

        Dispatch Mode Solution

    Summary

Chapter 9    Content Switching Device Migrations

    Motivation Behind Migration

        Evolution of Load Balancing

        Advanced Load-Balancing Methods

        Scalability and Performance

        Software Features and Functionality

    Migration Planning

        Migration Team

        Fallback Plan

        Methods and Procedures for the Maintenance Window

        Application Testing

    Case Study: Migration from CSS to CSM

        Infrastructure Requirements

        Server and Application Requirements

        Migration Configuration and Design Details

    Summary

Part II    Secure Socket Layer

Chapter 10    SSL Offloading

    Introduction to SSL

        Public Key Cryptography

        SSL Protocol Communication

        SSL Protocol Structure

        SSL Protocol Versions

    Introduction to SSLMs

        SSLM for the Catalyst 6500

        SSLM Deployments

        SSLM on the CSS

    Case Study: CSM and SSLM–Based Solution

        Design Requirements

        Design Details of a CSM and an SSLM–Based Solution

        Configuration Details

    Summary

Chapter 11    Back-End SSL Offloading

    Back-End SSL on Modules

        Back-End SSL on the SSLM for the Catalyst 6500

        Back-End SSL on the SSLM on the CSS

    Case Study: Back-End SSL Solution

        Requirements

        Design Options

        Configuration Details

Summary

Part III    Distributed Data Centers

Chapter 12    Global Server Load Balancing

    Motivation for GSLB

    Domain Name System (DNS) Overview

        DNS Architecture Components

        DNS Resolution Process

        DNS Resource Records and Zones

        Types of DNS Queries

    Global Site Selector

        GSLB Using GSS

        GSS Features and Performance

    Case Study: GSLB Solution Using GSS

        Requirements

        Topology

        GSS Network Setup

        GSS Secondary GSSM Activation

        CSS Setup in Primary Data Center

        CSS Setup in Secondary Data Center

        GSS Setup for the www.roundrobin.com Domain

        GSS Setup for the www.sticky.com Domain

        Configuration Details

    Summary

Chapter 13    IP-Based GSLB Using RHI

    Benefits of Using RHI

    Architecture

    Active/Standby Site-to-Site Recovery

        Autonomous System Prepending

        BGP Conditional Advertisements

        Design Limitations

    Implementation Details for Active/Standby Scenarios

        AS Prepending

        BGP Conditional Advertisement

    Active/Active Site-to-Site Load Distribution

    Implementation Details for Active/Active Scenarios

        OSPF Route Redistribution and Summarization

        BGP Route Redistribution and Route Preference

        Load Balancing Without IGP Between Sites

        Subnet-Based Load Balancing Using IGP Between Sites

        Application-Based Load Balancing Using IGP Between Sites

        Using NAT in Active/Active Load-Balancing Solutions

    Summary

PartIV    DataCenter Designs

Chapter 14    Scaling Server Load Balancing within a Data Center

    Benefits of Scaling Content Switching

        Scalability

        Performance

    Scaling Methodologies

        Distribution of Applications

        Using DNS for Application Scalability

        Using Route Health Injection for Application Scalability

    Application Distribution Approach

    DNS-Based Scaling Approach

        Predictable Traffic Flow

        Ease of Management and Maintenance

    RHI-Based Scaling Approach

        CSM RHI Configuration

        MSFC RHI Configuration and Routes

    Scaling Beyond Server Capacity

    Case Study: Scalable SLB Environment

        Server and Application Requirements

        Management and Security Requirements

        Infrastructure Requirements

        DNS-Based Design

        RHI-Based Design

        Testing Maximum Connections

    Summary

Chapter 15    Integrated Data Center Designs

    Motivations Behind Integrated Data Center Designs

    Data Center Design 1: FWSM in the Core and Layer 3 CSM in Aggregation

        Design 1 Topology Details

        Design 1 Details

        Design 1 Configuration Details

    Data Center Design 2: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 2 Topology Details

        Design 2 Caveats

        Design 2 Configuration Details

    Data Center Design 3: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 3 Topology Details

        Design 3 Caveats

        Design 3 Configuration Details

    Data Center Design 4: Layer 3 FWSM and Layer 2 CSM in Aggregation

        Design 4 Topology Details

        Design 4 Caveats

        Design 4 Configuration Details

    Case Study: Integrated Data Center Design

        Design Details

        Primary CSS (CSS 11506-1) Configuration Details

        Backup CSS (CSS 11506-2) Configuration Details

        Catalyst 6509 Configuration Details

        FWSM Configuration Details

    Summary

Index

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.

Overview

Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security

Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children

This site is not directed to children under the age of 13.

Marketing

Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out

Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020