Introducing the Global Traffic Manager
Introducing the BIG-IP system
F5 Networks' BIG-IP® system is a port-based, multilayer switch that supports virtual local area network (VLAN) technology. Because hosts within a VLAN can communicate at the data-link layer (Layer 2), a BIG-IP system reduces the need for routers and IP routing on the network. This in turn reduces equipment costs and boosts overall network performance. At the same time, the BIG-IP system's multilayer capabilities enable the system to process traffic at other OSI layers. The BIG-IP system can perform IP routing at Layer 3, as well as manage and secure TCP, UDP, and other application traffic at Layers 4 through 7. The following software modules provide comprehensive traffic management and security for all traffic types. The modules are fully integrated to provide efficient solutions to meet any network, traffic management, and security needs.
- BIG-IP® Local Traffic Manager
The Local Traffic Manager includes local traffic management features that help you make the most of network resources such as web servers. Using the powerful Configuration utility, you can customize the way that the BIG-IP system processes specific types of protocol and application traffic. By using features such as virtual servers, server pools, profiles, and iRulesTM, you ensure that traffic passing through the BIG-IP system is processed quickly and efficiently, while meeting all of your security needs. For more information, see the Configuration Guide for BIG-IP® Local Traffic Management.
- BIG-IP® Global Traffic Manager
The Global Traffic Manager provides intelligent traffic management to your globally available network resources. Through the Global Traffic Manager, you can select from an array of load balancing modes, ensuring that your clients access the most responsive and robust resources at any given time. In addition, the Global Traffic Manager provides extensive monitoring capabilities so the health of any given resource is always available. For more information, see the Configuration Guide for BIG-IP® Global Traffic Management.
- BIG-IP® Link Controller
The Link Controller seamlessly monitors availability and performance of multiple WAN connections to intelligently manage bi-directional traffic flows to a site; providing fault tolerant, optimized Internet access regardless of connection type or provider. The Link Controller ensures that traffic is always sent over the best available link to maximize user performance and minimize bandwidth cost to a data center. For more information, see the Configuration Guide for BIG-IP® Link Controller.
- BIG-IP®Application Security Module
The Application Security Module provides web application protection from application-layer attacks. The Application Security Module protects Web applications from both generalized and targeted application layer attacks including buffer overflow, SQL injection, cross-site scripting, and parameter tampering. For more information, see the Configuration Guide for BIG-IP® Application Security Management.
Introducing the Global Traffic Manager
The Global Traffic Manager is a system that monitors the availability and performance of global resources and uses that information to manage network traffic patterns. The Global Traffic Manager uses load balancing algorithms, topology-based routing, and iRules to control and distribute traffic according to specific policies. The system is highly configurable, and its web-based configuration utility allows for easy system setup and monitoring.
The Global Traffic Manager provides a variety of features that meet special needs. For example, with this product you can:
- Ensure wide-area persistence by maintaining a mapping between a local DNS server and a virtual server in a wide IP pool
- Direct local clients to local servers for globally-distributed sites using Topology load balancing
- Change the load balancing configuration according to current traffic patterns or time of day
- Customize load balancing modes
- Set up global load balancing among Local Traffic Managers and other load-balancing hosts
- Monitor real-time network conditions
- Configure a content delivery network with a CDN provider
- Guarantee multiple port availability for e-commerce sites
Overview of Global Traffic Manager Resources
The Global Traffic Manager manages multiple resources within your network. Each resource represents either a physical presence, such as a server, or a logical presence, such as a wide IP. Effective management of your network traffic requires that you understand and configure these resources correctly.
The following is a list of the resources that the Global Traffic Manager manages:
- Virtual server
A virtual server is a collection of IP addresses and port combinations that, together, provide access to an application or data source on your network. These collections are called virtual servers because they might span more than one physical machine, or might be a subset of available ports on a single machine.
A server is a a physical device that manages one or more virtual servers. An example of a server is the Local Traffic Manager; however, the Global Traffic Manager can manage other server types as well, such as a Windows 2000 Server.
To manage your network traffic, the Global Traffic Manager also requires that you configure an additional resource: a listener. A listener instructs the Global Traffic Manager to listen for network traffic destined for a specific IP address. Listeners are critical for the Global Traffic Manager; without them, the Global Traffic Manager does not know what traffic it must manage and what traffic it can safely ignore.
A link is a physical device that connects your network to the rest of the Internet. Often, links are logically attached to a collection of servers for managing access to your data sources.
- Data center
A data center is a logical collection of both servers and links. Typically, data centers represent devices that reside in a physical location.
A pool is a collection of multiple virtual servers. The Global Traffic Manager uses pools to load balance incoming network traffic among multiple virtual servers. Pools differentiate from servers in that a pool can encompass virtual servers on multiple servers on the network. This provides you with more significant load balancing granularity, because you can load balance across multiple pools of virtual servers and then have the appropriate server load balance across the virtual servers themselves.
- Wide IP
A wide IP is a collection of one or more pools. Through the use of wide IPs, you can load balance network traffic between multiple pools.
- Distributed application
A distributed application is a collection of wide IPs, data centers, and links, and is the highest-level component that the Global Traffic Manager supports. You can configure the availability of distributed applications to be dependent on a specific data center, link, or server. For example, if you configure a data center to have its availability depend on a link, and that link goes down, the Global Traffic Manager considers the application to be unavailable.
Through the configuration of wide IPs and pools, you can use the Global Traffic Manager to load balance across a collection of resources, while distributed applications, data centers, and servers give you visibility into the performance and availability of these sources.
Local Traffic Manager resources
If you use the Global Traffic Manager in conjunction with a Local Traffic Manager, you might also want to familiarize yourself with the following additional network resources. These resources are not managed directly through the Global Traffic Manager, but understanding their role in your network configuration can assist you in optimizing your network's availability and performance:
- Self IP address
A self IP is what most people think of when they think of an IP address. In a Global Traffic Manager or Local Traffic Manager environment, the term self IP address helps distinguish actual IP addresses from other types of addresses, such as those that identify a virtual server.
A node is an self IP address combined with a specific port number. For example, 220.127.116.11:443.
Internet protocol and network management support
The Global Traffic Manager supports both the standard DNS protocol and the BIG-IP iQuery protocol (a protocol used for collecting dynamic load balancing information). The Global Traffic Manager also supports administrative protocols, such as Simple Network Management Protocol (SNMP), and Simple Mail Transfer Protocol (SMTP) (outbound only), for performance monitoring and notification of system events. For administrative purposes, you can use SSH, RSH, Telnet, and FTP. The Configuration utility supports HTTPS, for secure web browser connections using SSL, as well as standard HTTP connections.
The proprietary Global Traffic Manager SNMP agent allows you to monitor status and current traffic flow using popular network management tools. This agent provides detailed data such as current connections being handled by each virtual server.
The Global Traffic Manager offers a variety of security features that can help prevent hostile attacks on your site or equipment.
- Secure administrative connections
The Global Traffic Manager supports Secure Shell (SSH) administrative connections for remote administration from the command line. The Global Traffic Manager web server, which hosts the web-based Configuration utility, supports SSL connections as well as user authentication.
- Secure iQuery communications
The Global Traffic Manager also supports Web certificate authentication for iQuery communications between the Global Traffic Manager and other systems running the big3d agent.
- TCP wrappers
TCP wrappers provide an extra layer of security for network connections.
The Global Traffic Manager is a highly scalable and versatile solution. You can configure the Global Traffic Manager to manage up to several hundred domain names, including full support of domain name aliases. The Global Traffic Manager supports a variety of media options, including Fast Ethernet, and Gigabit Ethernet; the Global Traffic Manager also supports multiple network interface cards that can provide redundant or alternate paths to the network.
System synchronization options
The Global Traffic Manager synchronization feature allows you to automatically synchronize configurations from one Global Traffic Manager to any other Global Traffic Manager or Link Controller in the network, simplifying administrative management. The synchronization feature offers a high degree of administrative control. For example, you can set the Global Traffic Manager to synchronize a specific configuration file set, and you can also set which Global Traffic Manager or Link Controller systems in the network receive the synchronized information and which ones do not.
Configuring data collection for server status and network path data
The Global Traffic Manager includes the big3d agent, which is an integral part of its load balancing operations. The big3d agent continually monitors the availability of the servers that the Global Traffic Manager load balances. It also monitors the integrity of the network paths between the servers that host the domain, and the various local DNS servers that attempt to connect to the domain. The big3d agent runs on many of the F5 modules, including Global Traffic Manager, Local Traffic Manager, and Link Controller. Each big3d agent broadcasts its collected data to all of the Global Traffic Managers and Link Controllers in your network, ensuring that all Global Traffic Managers work with the latest information.
The big3d agent offers a variety of configuration options that allow you to choose the data collection methods you want to use. For example, you can configure the big3d agent to track the number of router hops (intermediate system transitions) along a given network path, and you can also set the big3d agent to collect host server performance information using the SNMP protocol. For further details on the big3d agent, refer to Appendix A, Working with the big3d Agent .
Redundant system configurations
A redundant system is a set of two Global Traffic Managers: one operating as the active unit, the other operating as the standby unit. If the active unit goes offline, the standby unit immediately assumes responsibility for managing DNS traffic. The new active unit remains active until another event occurs that causes the unit to go offline, or you manually reset the status of each unit.
The Global Traffic Manager actually supports two methods of checking the status of the peer system in a redundant system:
- Hardware-based fail-over
In a redundant system that has been set up with hardware-based fail-over, the two units in the system are connected to each other directly using a fail-over cable attached to the serial ports. The standby unit checks on the status of the active unit once every second using this serial link.
- Network-based fail-over
In a redundant system that has been set up with network-based fail-over, the two units in the system communicate with each other across an Ethernet network instead of going across a dedicated fail-over serial cable. The standby unit checks on the status of the active unit once every second using the Ethernet.
In a network-based fail-over configuration, the standby Global Traffic Manager immediately takes over if the active unit fails. If a client has queried the failed Global Traffic Manager, and has not received an answer, it automatically re-issues the request (after five seconds) and the standby unit, functioning as the active unit, responds.
Monitoring the Global Traffic Manager and the network
The Global Traffic Manager includes sophisticated monitoring tools to help you monitor the Global Traffic Manager and the traffic it manages. See Chapter 10, Configuring Monitors for more information.
Using the Configuration Guide
The Configuration Guide for BIG-IP® Global Traffic Management is designed to help you understand how you can use the features of the Global Traffic Manager to accomplish the tasks associated with managing name resolution request on a global level. These tasks include tracking the performance of different servers and services and identifying the load balancing methods that best suit the needs of your company.
We highly recommend that you first review the BIG-IP® Network and System Management Guide to familiarize yourself with the basic functionality of BIG-IP systems, which include Global Traffic Manager systems.
The configuration guide contains the following chapters:
- Introducing the Global Traffic Manager
This chapter provides an overview of the Global Traffic Manager and this guide.
- Setting up the Global Traffic Manager
This chapter describes the basic tasks associated with setting up a Global Traffic Manager on the network.
- Reviewing Global Traffic Manager Components
This chapter describes the physical and logical components you can use to manage your global DNS traffic.
- Working with Listeners
This chapter describes how to configure listeners for the Global Traffic Manager. A listener instructs the Global Traffic Manager to listen for network traffic destined for a specific IP address.
- Defining the Physical Network
This chapter describes how to define the physical components of your network, such as servers and data centers. You can use these components to determine load balancing modes and track traffic statistics.
- Defining the Logical Network
This chapter describes how to define the logical components of your network, such as pools and wide IPs. These components determine how the Global Traffic Manager load balances requests.
- Load Balancing with the Global Traffic Manager
This chapter describes the load balancing modes that the Global Traffic Manager supports, and how to apply those modes to your pools and wide IPs.
- Managing Connections
This chapter describes how to use features such as connection persistence with the Global Traffic Manager.
- Working with Topologies
This chapter describes topologies, which allow you to define load balancing modes and resolution controls based on the origin or destination of a given name resolution request.
- Configuring Monitors
This chapter describes how to use monitors to track the components of your network. Monitors are components of the Global Traffic Manager that perform specific tests to see if a given component is available for load balancing.
- Viewing Statistics
This chapter describes how to use the Global Traffic Manager to view statistics on the different physical and logical network components.
- Collecting Metrics
This chapter describes how to use the Global Traffic Manager to gather metrics on the different physical and logical network components.
- Managing iRules
This chapter describes how to write iRules; scripts that allow you to fully customize the load balancing capabilities of the Global Traffic Manager.
- Managing DNS Files with ZoneRunner
This chapter describes how to use ZoneRunner, a BIG-IP utility, to manage and maintain your DNS zone files.
In addition to the preceding list of chapters, this guide contains the following appendices:
- Working with the big3d Agent
This appendix describes the big3d agent, a utility that is responsible for much of the communication between different BIG-IP systems.
- Understanding Probes
This appendix describes how the Global Traffic Manager queries other network resources for statistical data.
In addition to this guide, there are other sources of documentation you can use in order to work with the BIG-IP system. The information is contained in the guides and documents described below. The following printed documentation is included with the BIG-IP system.
- Configuration Worksheet
This worksheet provides you with a place to plan the basic configuration for the BIG-IP system.
- BIG-IP Quick Start Instructions
This pamphlet provides you with the basic configuration steps required to get the BIG-IP system up and running in the network.
The following guides are available in PDF format from the AskF5SM web site, http://tech.f5.com. These guides are also available from the first Web page you see when you log in to the administrative web server on the BIG-IP system.
- Platform Guide
This guide includes information about the BIG-IP hardware. It also contains important environmental warnings.
- Installation, Licensing, and Upgrades for BIG-IP Systems
This guide provides detailed information about installing upgrades to the BIG-IP system. It also provides information about licensing the BIG-IP system software and connecting the system to a management workstation or network.
Introducing the Configuration utility
The Configuration utility is a browser-based application that you use to configure and monitor the Global Traffic Manager. Using the Configuration utility, you can define the load balancing configuration along with the network setup, including data centers, synchronization groups, and servers used for load balancing and path probing. In addition, you can configure advanced features such as topology settings and SNMP agents. The Configuration utility also monitors network traffic, current connections, load balancing statistics, performance metrics, and the operating system itself. The home screen of the Configuration utility provides convenient access to downloads such as the SNMP MIB, and documentation for third-party applications such as ZebOS.
Configuration utility components
The Configuration utility consists of three main components:
- The navigation pane
This component is the left vertical pane of the Configuration utility. It contains the following tabs: the Main tab, which allows you to select the area of your network (global, local, and so on); the Help tab, which displays online help relevant to the main screen; and the Search tab, which allows you to search for specific pools and virtual servers.
- The menu bar
This component runs horizantally across the top of the Configuration utility. The content of this component changes depending on what you select on the Main tab in the navigation section. Through the menu bar, you can access into more detailed aspects of a given network component.
- The active screen
The main component of the Configuration utilty is the active screen. The active screen changes depending on what you select on the Main tab in the navigation section. Through the active screen you configure the different aspects of the Global Traffic Manager.
It is important to note that the Global Traffic Manager often co-exists with other BIG-IP system modules, such as a Local Traffic Manager or a Link Controller. Consequently, you might see features in the Configuration utility that are not described in this guide. See Finding help and technical support resources for a list of other guides that will help you learn about the BIG-IP system.
The Configuration utility, which provides web-based access to the Global Traffic Manager configuration and features, supports the following browser versions:
- Netscape Navigator 7.1, and other browsers built on the same engine, such as Mozilla™, FireFox™, and Camino™.
- Microsoft® Internet Explorer®, version 6.x
Stylistic conventions in this document
To help you easily identify and understand certain types of information, this documentation uses the following stylistic conventions.
Using the solution examples
All examples in this documentation use only private IP addresses. When you set up the solutions we describe, you must use IP addresses suitable to your own network in place of our sample IP addresses.
Identifying new terms
When we first define a new term, the term is shown in bold italic text. For example, a wide IP is a mapping of a fully-qualified domain name to one or more pools of virtual servers that host the domain's content.
Identifying references to products
We refer to all products in the BIG-IP product family as BIG-IP systems. We refer to the software modules by their name; for example, we refer to the Global Traffic Manager module as simply the Global Traffic Manager. If configuration information relates to a specific hardware platform, we note the platform.
Identifying references to objects, names, and commands
We apply bold formatting to a variety of items to help you easily pick them out of a block of text. These items include web addresses, IP addresses, utility names, and portions of commands, such as variables and keywords. For example, the nslookup command requires that you include at least one <ip_address> variable.
Identifying references to other documents
We use italic text to denote a reference to another document. In references where we provide the name of a book as well as a specific chapter or section in the book, we show the book name in bold, italic text, and the chapter/section name in italic text to help quickly differentiate the two. For example, you can find information about the Local Traffic Manager in Chapter 1, Introducing the Global Traffic Manager, in the Configuration Guide for BIG-IP ® Local Traffic Management.
Identifying command syntax
We show actual, complete commands in bold Courier text. Note that we do not include the corresponding screen prompt, unless the command is shown in a figure that depicts an entire command line screen. For example, the following command sets the Global Traffic Manager load balancing mode to Round Robin:
Table 1.1 explains additional special conventions used in command line syntax.
Table 1.1 Command line conventions used in this manual
Item in text
Continue to the next line without typing a line break.
You enter text for the enclosed item. For example, if the command has <your name>, type in your name.
Separates parts of a command.
Syntax inside the brackets is optional.
Indicates that you can type a series of items.
Finding help and technical support resources
You can find additional technical documentation and product information using the following resources:
- Online help for the Global Traffic Manager
The Configuration utility has online help for each screen. The online help contains descriptions of each control and setting on the screen. Click the Help tab in the left navigation pane to view the online help for a screen.
- Welcome screen in the Configuration utility
The Welcome screen in the Configuration utility contains links to many useful web sites and resources, including:
- The F5 Networks Technical Support web site
- The F5 Solution Center
- The F5 DevCentral web site
- F5 Networks Technical Support web site
The F5 Networks Technical Support web site, http://tech.f5.com, provides the latest documentation for the product, including:
- Release notes for the Global Traffic Manager, current and past
- Updates for guides (in PDF form)
- Technical notes
- Answers to frequently asked questions
- The AskF5SM natural language question and answer engine.
To access this site, you need to register at http://tech.f5.com.