Manual Chapter : BIG-IP Link Controller Solutions Guide v4.3: Configuring Links for Simple ISP Load Balancing

Applies To:

Show Versions Show Versions

Link Controller

  • 4.3 PTF-02, 4.3 PTF-01, 4.3.0
Manual Chapter


3

Configuring Links for Simple ISP Load Balancing



Introducing simple ISP load balancing

You can configure the Link Controller to provide high availability for incoming and outgoing traffic with multiple Internet service providers (ISPs). This configuration eliminates the possibility that if one ISP connection fails, your web site or Internet connectivity fails.

Figure 3.1 An example of simple ISP load balancing.

Note: This type of configuration assumes that you have completed the base configuration created by the Setup utility. For more information, see Creating the initial configuration with the Setup utility, on page 2-1 . To use this configuration, you must configure at least three VLANs when you create the initial configuration: one VLAN for each ISP, and one VLAN for the internal network.
The IP addresses used in this example are for demonstration only. You should substitute IP addresses appropriate for your network.

Configuring ISP load balancing

When you set up ISP, or link, load balancing, you have several tasks to complete on the Link Controller:

  • Create two load balancing pools
    You must define one pool that load balances the content servers. The other pool, the default_gateway_pool, is created when you add the IP addresses of the links when you set the default gateways in the Setup utility.
  • Configure virtual servers
    For each link, you need to configure a pair of virtual servers:

    • One virtual server in the network of the link for each ISP, to load balance inbound connections across the servers.
    • One wildcard virtual server (0.0.0.0:0) to load balance outbound connections across the routers.
  • Verify the default gateway pool
    Verify that the default gateway pool that contains the IP address of each ISP, or link, is configured correctly.
  • Configure SNAT automap
    Configure SNAT automap for outbound traffic so outbound requests can be sent through either link.
  • Add a wide IP for inbound load balancing
    Add a wide IP to handle inbound DNS requests for each pair of virtual servers you add for each link.
  • Create transparent monitors
    Create transparent monitors to verify that the path to or through ISP is available.
  • Manage links
    Additional configuration options are available for each link.

Defining the pools for an additional Internet connection

First, define one pool that load balances the content servers, and one pool to load balance the routers. Figure 3.2 is an example of how the network devices and servers are grouped into pools.

Figure 3.2 The pools required for link load balancing

To create the inbound load balancing pool using the Configuration utility

  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses in the Add Pool screen. (For additional information about configuring a pool, click the Help button.)

    Configuration notes

    For the example in Figure 3.1 :

    Create the pool server_pool containing the members 10.1.1.1:80 10.1.1.2:80, and 10.1.1.3:80.

To create the default gateway pool using the Configuration utility

If you configured more than one default gateway in the Setup utility, the Link Controller already created a default_gateway_pool pool. You can skip this step. If you do not have a default_gateway_pool, create one by completing the following task.

  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses in the Add Pool screen. (For additional information about configuring a pool, click the Help button.)

    Configuration notes

    For the example in Figure 3.1 :

    Create the pool default_gateway_pool containing the router inside addresses 192.168.100.1:0 and 192.168.200.1:0.

Defining the virtual servers for an additional Internet connection

After you create the pools, you configure the virtual servers, one for each link that load balances inbound connections across the servers, and one wildcard virtual server to load balance outbound connections across the routers. Each of the virtual servers you create references either the default_gateway_pool or the server_pool in the configuration.

To define the virtual servers for inbound traffic using the Configuration utility

  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For each virtual server, enter the virtual server address and pool name. (For additional information about configuring a virtual server, click the Help button.)

    Configuration notes

    For the example in Figure 3.1 :

    Note that you must create a virtual server for each link. For this example, create the virtual servers 192.168.100.20:80 and 192.168.200.20:80 use pool server_pool.

To define a wildcard virtual server for outbound traffic using the Configuration utility

  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For each virtual server, enter the virtual server address and pool name. (For additional information about configuring a virtual server, click the Help button.)

    Configuration notes

    For the example in Figure 3.1 :

    For the outbound connections, create a wildcard virtual server 0.0.0.0:0 and use pool default_gateway_pool.

Setting the default gateway pool

If a Link Controller does not have a predefined route for network traffic, the unit automatically sends traffic to the pool that you define as the default gateway pool. Think of the default gateway pool as a pool of default routes.

In a Link Controller configuration, the default gateway pool must contain two or more gateway IP addresses, or ISPs. If a gateway in the default gateway pool becomes inactive, existing connections through the inactive gateway are routed through another gateway in the default gateway pool.

Note: If you configured more than one default gateway in the Setup utility, the Link Controller automatically created a default_gateway_pool pool.

Warning: Default gateway IP addresses must have a corresponding self IP address/netmask combinations on the Link Controller.

To set the default gateway pool from the Configuration utility

  1. In the navigation pane, click System.
    The System screen opens.
  2. Click the Properties tab.
    The Properties screen opens.
  3. From the Default Gateway Pool list, select the pool that contains the internal IP addresses of the gateway routers.
    In the example in this document, this is the default_gateway_pool pool.
  4. Click Apply.

Configuring SNAT automap for outbound traffic

You must now set up secure network address translation (SNAT) automap for outbound traffic so that clients receive replies though the same ISP that their requests originated from. Specifically, you must configure SNAT automap for each self IP address associated with a link on the Link Controller, and on each internal VLAN. Figure 3.3 is an example of the SNAT automap configuration for link load balancing.

Figure 3.3 Enable the SNAT automap feature on self IP addresses and on internal VLANs.

To set up a SNAT automap, you must enable SNAT automap for each of the self IP addresses and on each internal VLAN.

To enable SNAT automap for each self IP address on the Link Controller

  1. In the navigation pane, click Network.
    The Network screen opens.
  2. In the Network screen, click the Self IP Addresses tab.
    The Self IP Addresses screen opens.
  3. In the Self IP address list, click a self IP address.
    The self IP address properties screen for that self IP address opens.
  4. Check the Enable SNAT Automap box.
  5. Click the Apply button.
  6. Repeat steps 3 through 5 for each self IP address.

To enable SNAT automap on the internal VLAN

  1. In the navigation pane, click NATs.
    The NAT configuration screen opens.
  2. Click the SNATs tab.
    The SNAT configuration screen opens.
  3. Click the Add button.
    The Add SNAT screen opens.

    • For the Translation Address, click Automap.
    • In the Origin List section, select the internal VLAN from the Origin VLAN list and click the Add button (>>) to move it to the Current List.
  4. Click the Done button.

Adding a wide IP for inbound load balancing

To complete the link load balancing configuration, you must configure a wide IP and wide IP pool for each pair of virtual servers you created for each link. Each wide IP in your configuration has a pool of virtual servers that the Link Controller load balances incoming DNS requests to. The wide IP pool is made up of only virtual servers managed by the Link Controller. When you configure the wide IP pool, you specify the load balancing methods that the Link Controller applies to the incoming DNS requests.

To add a new wide IP in the Configuration utility

  1. In the navigation pane, click Wide IPs.
    The Wide IP List screen opens.
  2. On the toolbar, click Add Wide IP.
    The Add a New Wide IP screen opens.
  3. Add the settings for the wide IP.
    For information about the specific settings, click Help on the toolbar.
  4. Click Next.
    The Configure Load Balancing for New Pool screen opens.
  5. Add the settings for the wide IP pool. Note that you should set the preferred load balancing mode to Round Robin. For information about the additional settings, click Help on the toolbar.
  6. Click Next.
    The Select Virtual Servers screen opens.
  7. Check all the virtual servers that should be in this wide IP pool. You should include a virtual server for each link in the pool.
  8. Click Finish.
    The Wide IP List screen opens, and you see the newly-created wide IP in the list.

Configuring transparent monitors for the links

When you create the default gateway pool, the Link Controller automatically creates simple ICMP monitors that check to make sure the IP addresses in the default gateway pool are available to the Link Controller. In addition to the default ICMP monitors, you can configure transparent monitors that verify the path taken by traffic through each link. You can use transparent monitors to check the availability of a device in an ISP network or on the Internet.

To configure a transparent monitor using the Configuration utility

  1. In the navigation pane, click Monitors.
    The Monitors screen opens.
  2. Click the Add button.
    The Add Monitor screen opens.
  3. In the Add Monitor screen, type in the name of your monitor, for example LinkMonitor (it must be different from the monitor template name), and select the tcp monitor template.
  4. Click the Next button.
    The Configure Basic Properties screen opens. The default interval and timeout values should be sufficient.
  5. Click the Next button.
  6. Check the Transparent box, and click the Next button.
    The Configure Destination IP and Service (Alias) screen opens.
  7. In the Destination IP box, type the IP address of a network device on the other side of the router that you want to monitor.

    • If you are monitoring a device at the ISP, you should contact the ISP for more information about how to configure this monitor.
    • If you are monitoring a device in an ISP network, you must configure a separate monitor, with a specific IP and port combination for the device, for each ISP network.
    • If you are monitoring a device on the public Internet, you can create one monitor that is applicable for all links.
  8. In the Destination Service box, type the service number you want to monitor. For example, if Telnet is enabled on the destination device, type 23.
  9. When you have finished configuring the monitor, click Done.

Note: You can also set up ICMP transparent monitors. When your ISP does not allow TCP monitoring, use ICMP monitoring instead.

To associate the monitor with the members of the default gateway pool

After you create the monitors to check the availability of the links, you must associate the monitors with the routers in the default gateway pool.

  1. In the navigation pane, click Monitors.
    The Monitors screen opens.
  2. Click the Node Associations tab.
    The Node Association screen opens.
  3. From the Choose Monitor list, select the monitor you created to monitor links.
  4. Click the Add button (>>) to move the monitor into the Monitor Rule box.
  5. In the node list table, in the Associate Current Monitor Rule column, check the check box for each node address that is in the default gateway pool.
  6. Click the Apply button.

Monitoring link performance

After you complete the Link Controller configuration, you can monitor the performance of the links by using one or more of the following tools in the Configuration utility:

  • Internet Link Evaluator
  • Link Statistics screens
  • Link Report screens

You can use the screens to analyze the traffic patterns in your network so that you can adjust the Link Controller configuration to best meet your link management objectives. The following sections describe the screens and how to view them.

Working with the Internet Link Evaluator

The Internet Link Evaluator displays the average round trip times, the average completion rates, and the average router hops for the links in your configuration. You can use the Internet Link Evaluator to compare actual performance between links and between ISPs.

To view the Internet Link Evaluator

  1. In the navigation pane, expand the Link Statistics item, and then click Link Evaluator.
    The Internet Link Evaluator screen opens.
  2. For more information about interpreting the data on this screen, click the Help button on the toolbar.

Working with the link statistics screens

The link statistics screens display current data for the physical and logical elements of the configuration. Each link statistics screen displays a particular aspect of your configuration.

To view the Link Statistics screens

  1. In the navigation pane, expand the Link Statistics item, and then click one of the link statistics objects.
    The statistics screen for the object you selected opens.
  2. For more information about a link statistics screen, click the Help button on the toolbar.

Working with the Link Report screen

The Link Report screen displays performance graphs for three time intervals: 30 minutes, 6 hours, and 24 hours. The graphs illustrate the volume of inbound and outbound traffic over a link during the specified time interval. The graphs also indicate any bandwidth pricing levels you have set for a link. You can view a Link Report screen for all the links in the configuration, or for a particular link in the configuration.

To view the Link Report screen for all links

  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Summary button.
    The Link Report for All Links screen opens, where you can review the bandwidth usage for all links in the most recent 30-minute, 6-hour, and 24-hour intervals.

To view the Link Report screen for a particular link

  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Detail button for the link whose data you want to review.
    The Link Report screen opens, where you can review the bandwidth usage for the particular link in the most recent 30-minute, 6-hour, and 24-hour intervals.

Additional configuration options

Whenever a Link Controller is configured, you have a number of options:

  • You have the option in all configurations to configure a Link Controller redundant system for fail-over. Refer to Chapter 8, Configuring a Redundant System, in the BIG-IP Link Controller Reference Guide.
  • All configurations have health monitoring options. Refer to Health Monitors in Chapter 2, Configuring the High-Level Network, in the BIG-IP Link Controller Reference Guide.
  • When you create a pool, there is an option to set up persistence, and a choice of load balancing methods. Refer to Pools in the Chapter 2, Configuring the High-Level Network, in the BIG-IP Link Controller Reference Guide.
  • When you create a wide IP, you have a choice of load balancing modes. Refer to Chapter 5, Inbound Load Balancing, in the BIG-IP Link Controller Reference Guide.