Manual Chapter : BIG-IP Link Controller Solutions Guide v4.5:Configuring Cost-Based ISP Load Balancing

Applies To:

Show Versions Show Versions

Link Controller

  • 4.6.1, 4.6.0, 4.5 PTF-08, 4.5 PTF-07, 4.5 PTF-06, 4.5 PTF-05, 4.5 PTF-04, 4.5 PTF-03, 4.5 PTF-02, 4.5 PTF-01, 4.5.14, 4.5.13, 4.5.12, 4.5.11, 4.5.9, 4.5.0
Manual Chapter

3

Configuring Cost-Based ISP Load Balancing


Introducing cost-based ISP load balancing

You can configure the Link Controller to load balance traffic based on the costs associated with traffic on each link. This configuration provides high availability and helps you control how links are used, based on the pricing structure of each link's bandwidth.

Figure 3.1 An example of cost-based ISP load balancing

In the example in Figure 3.1 , ISP1 handles up to .7 Mbps for $200/Mbps. The second ISP, ISP2, has two pricing tiers. From 0 to 1.54 Mbps, traffic costs $1000/Mbps. From 1.54 to 3 Mbps, traffic costs $2200/Mbps. In this scenario, the Link Controller directs traffic to ISP1 if ISP2 is unavailable, or if traffic spikes above the 3 Mbps level.

Another way to configure the Link Controller in this situation would be to direct traffic to ISP1 if the traffic on ISP2 exceeds 1.54 Mbps. To do this, you could set a cost limit on the ISP2 link.

Note


This type of configuration assumes that you have completed the base configuration created by the Setup utility. For more information, see Chapter 2, Using the Setup Utility , in the BIG-IP Reference Guide. To use this configuration, you must configure at least three VLANs when you create the initial configuration: one VLAN for each ISP, and one VLAN for the internal network. The IP addresses used in this example are for demonstration only. You should substitute IP addresses appropriate for your network.

Configuring cost-based ISP load balancing

When you set up cost-based ISP, or link, load balancing, you have several tasks to complete on the Link Controller:

  • Configure the links
    Complete the following tasks to configure the links.

    • Verify that the default gateway pool that contains the IP address of each ISP, or link, is configured correctly.
    • Add the links to the configuration.
    • Create transparent monitors to verify that the path to or through ISP is available.
  • Create two load balancing pools
    You must define one pool that load balances the content servers. The other pool, the default_gateway_pool, is created when you add the IP addresses of the links while setting the default gateways in the Setup utility.
  • Configure virtual servers
    You need to configure a virtual server in the network of the link for each ISP to load balance inbound connections across the servers. You also configure one wildcard virtual server (0.0.0.0:0) to load balance outbound connections across the routers.
  • Add a wide IP for inbound load balancing
    Add a wide IP to handle inbound DNS requests for each pair of virtual servers you add for each link.
  • Configure the price weighting for each link
    Configure the price weighting you want to associate with each link. The Link Controller uses the price weighting to direct traffic to a particular link.
  • Manage links
    Additional configuration options are available for each link.

Defining the pools for an additional Internet connection

First, define one pool that load balances the content servers, and one pool to load balance the routers. Figure 3.2 is an example of how the network devices and servers are grouped into pools.

Figure 3.2 The pools required for link load balancing

To create the inbound load balancing pool using the Configuration utility
  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses. (For additional information about configuring a pool, click the Help button.)

Configuration notes

For the example in Figure 3.1 :

Create the pool server_pool containing the members 10.1.1.1:80 10.1.1.2:80, and 10.1.1.3:80.

To create the default gateway pool using the Configuration utility

If you configured more than one default gateway in the Setup utility, the Link Controller already created a default_gateway_pool pool. You can skip this step. If you do not have a default_gateway_pool, create one by completing the following task.

  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses. (For additional information about configuring a pool, click the Help button.)

Configuration notes

For the example in Figure 3.1 :

Create the pool default_gateway_pool containing the router inside addresses 192.168.100.1:0 and 192.168.200.1:0.

Defining the virtual servers for an additional Internet connection

After you create the pools, you configure the virtual servers, one for each link that load balances inbound connections across the servers. You also configure one wildcard virtual server to load balance outbound connections across the routers. Each of the virtual servers you create references either the default_gateway_pool or the server_pool in the configuration.

To define the virtual servers for inbound traffic using the Configuration utility
  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For each virtual server, enter the virtual server address and pool name. (For additional information about configuring a virtual server, click the Help button.)

Configuration notes

For the example in Figure 3.1 :

Note that you must create a virtual server for each link. For this example, create the virtual servers 192.168.100.20:80 and 192.168.200.20:80, and use the pool, server_pool.

To define a wildcard virtual server for outbound traffic using the Configuration utility
  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For a wildcard virtual server, use the following settings:

    • For the virtual server address, type 0.0.0.0.
    • For the service, type 0, or select any from the list.
    • For the VLAN, select All.
    • For the pool, select default_gateway_pool.
  4. Click Done.
    Click Help for details on the settings on the Add Virtual Server screens.

Setting the default gateway pool

If a Link Controller does not have a predefined route for network traffic, the unit automatically sends traffic to the pool that you define as the default gateway pool. Think of the default gateway pool as a pool of default routes. In a Link Controller configuration, the default gateway pool must contain two or more gateway IP addresses, or links. If a gateway in the default gateway pool becomes inactive, existing connections through the inactive gateway are routed through another gateway in the default gateway pool.

Note


If you configure more than one default gateway in the Setup utility, the Link Controller automatically creates a default_gateway_pool pool.
To set the default gateway pool using the Configuration utility
  1. In the navigation pane, click System.
    The System screen opens.
  2. Click the Properties tab.
    The Properties screen opens.
  3. From the Default Gateway Pool list, select the pool that contains the internal IP addresses of the gateway routers.
    In this chapter's example, this is the default_gateway_pool pool.
  4. Click Apply.

Warning


Default gateway IP addresses must have a corresponding self IP address/netmask combination.

Using SNAT automap for outbound traffic

Secure network address translation (SNAT) automap is automatically configured for outbound traffic so that clients receive replies through the same ISP that their requests originated from. Figure 3.3 is an example of the SNAT automap configuration for link load balancing.

Figure 3.3 SNAT automap feature on self IP addresses and on internal VLANs

Adding a wide IP for inbound load balancing

To complete the link load balancing configuration, you must configure a wide IP and wide IP pool for each pair of virtual servers you created for each link. Each wide IP in your configuration has a pool of virtual servers that the Link Controller load balances incoming DNS requests to. Note that the wide IP pool is made up of only virtual servers managed by the Link Controller. When you configure the wide IP pool, you specify the load balancing methods that the Link Controller applies to incoming DNS requests.

To add a new wide IP in the Configuration utility
  1. In the navigation pane, click Link Configuration, and then click Inbound LB.
    The Wide IPs List screen opens.
  2. Click the Add button.
    The Define Wide IP (Step 1 of 2) screen opens, where you add the basic properties for the wide IP.
  3. In the Wide IP Name box, type a name for the wide IP.
  4. In the Wide IP Port box, type a port number to associate with the wide IP. Alternately, you can select a service, or type 0 to indicate any port.
  5. Click Next.
    The Define Wide IP (Step 2 of 2) screen opens, where you add the virtual servers to the wide IP.
  6. In the Available list, click the virtual servers that you want to add to this pool, and click the Add (-->>) button. To select more than one virtual server at a time, hold down the CTRL key on your keyboard. Note that you should include a virtual server for each link in the pool.
  7. Click Finish.
    The Wide IP List screen opens, and you see the newly-created wide IP in the list.

Configuring price weighting for each link

After you configure the wide IP, you can set the price weighting that you want the Link Controller to use when load balancing traffic for the links, based on the billing structure that your ISP uses. The Link Controller load balances traffic to another link if the lowest cost link reaches a threshold that you have set. This helps you control traffic based on the cost the ISP is charging for the bandwidth. The following tasks describe how to configure the cost values for the scenario shown in Figure 3.1 .

To configure the price weighting for a link
  1. In the navigation pane, expand the Link Configuration item, and then click Links.
    The Link List screen opens.
  2. Click the name of one of the links in the link list.
    The Link Properties screen for that link opens.
  3. Click the Link Weighting tab.
    The Link Weighting screen opens.
  4. Click the Use Price Weighting option.
  5. Next, you configure the following cost elements associated with the link:

    • In the Prepaid Segment box, you can type the maximum bandwidth usage you pay for each month, regardless of how much you use. In the example in this document, ISP2 charges $1000 for bandwidth usage in the 0 to 1.54 Mbps range. That means that you pay every month for up to 1.54 Mbps even if you do not use the link at all. So, using the example, you would type 1540 in the Prepaid Segment, Up to Kbps box.
    • In the Incremental Segment box, type the bandwidth (in Kbps) and the associated cost of the next pricing tier. Based on the example, ISP2 charges $2200 for bandwidth usage in the 1.54 to 3 Mbps range. Using this example, type 3000 in the Up to Kbps box and 2200 in the Cost box. Click the Add button (>>) to add the new cost tier to the configuration. You can add additional cost tiers to the configuration if required.
  6. After you complete the configuration, click the Apply button.

    If you configure price weighting for one link on the Link Controller, you must configure price weighting for all of the remaining links in the configuration. If you do not, the Link Controller load balances only to the link for which price weighting is defined.

Configuring link capacity limits for load balancing

In addition to setting cost values for the bandwidth usage on a link, you can set link capacity limits for the actual traffic on the link. When you set limits on the link bandwidth capacity, you can set independent thresholds for inbound, outbound, and concurrent total traffic. There are several configuration details to consider:

  • You can moderate the volume of bandwidth used for outbound requests, that is, the traffic generated by users inside the firewall, by setting a limit on outbound traffic.
  • If you purchase bandwidth based on tiered pricing, you may want to limit the total traffic to a data transfer rate that keeps the volume of bandwidth used at or below a certain level of the pricing tier.
  • By setting link capacity limits, you can ensure that a link does not become completely saturated before the Link Controller marks the link as unavailable for new traffic.
To set link capacity limits using the Configuration utility
  1. In the navigation pane, expand the Link Configuration item, and then click Links.
    The Link List screen opens.
  2. Click the name of one of the links in the link list.
    The Link Properties screen for that link opens.
  3. Add any limit settings that you want to configure.
  4. Click Apply to add your changes to the configuration.
    For details on the specific settings on the Link Properties screen, click the Help button.

Configuring transparent monitors for the links

When you create the default gateway pool, the Link Controller automatically creates simple ICMP monitors that check to make sure the IP addresses in the default gateway pool are available to the Link Controller. In addition to the default ICMP monitors, you can configure transparent monitors that verify the path taken by traffic through each link. You can use transparent monitors to check the availability of a device in an ISP network or on the Internet.

To configure a transparent monitor using the Configuration utility
  1. In the navigation pane, expand the Link Configuration item, and then click Links.
    The Link List screen opens.
  2. Click the name of the link that you want to modify.
    The Link Properties screen opens.
  3. Click the Link Monitor tab.
    The Monitor screen opens.
  4. Type in the name of your monitor, for example LinkMonitor (it must be different from the monitor template name), and select the tcp_echo monitor template.
  5. Click the Next button.
    The Configure Basic Properties screen opens. The default interval and timeout values should be sufficient.
  6. Check the Transparent box, and click the Next button.
    The Configure Destination IP and Service (Alias) screen opens.
  7. In the Destination IP box, type the IP address of a network device on the other side of the router that you want to monitor.

    • If you are monitoring a device at the ISP, you should contact the ISP for more information about how to configure this monitor.
    • If you are monitoring a device in an ISP network, you must configure a separate monitor, with a specific IP and port combination for the device, for each ISP network.
    • If you are monitoring a device on the public Internet, you can create one monitor that is applicable for all links.
  8. In the Destination Service box, type the service number you want to monitor. For example, if Telnet is enabled on the destination device, type 23.
  9. When you have finished configuring the monitor, click Apply.

Note


You can also set up ICMP transparent monitors. When your ISP does not allow TCP monitoring, use ICMP monitoring instead.
To associate the monitor with the members of the default gateway pool

After you create the monitors to check the availability of the links, you must associate the monitors with the routers in the default gateway pool.

  1. In the navigation pane, click Monitors.
    The Monitors screen opens.
  2. Click the Node Associations tab.
    The Node Association screen opens.
  3. From the Choose Monitor list, select the monitor you created to monitor links.
  4. Click the Add button (>>) to move the monitor into the Monitor Rule box.
  5. In the node list table, in the Associate Current Monitor Rule column, check the box for each node address that is in the default gateway pool.
  6. Click the Apply button.

Monitoring link performance

After you complete the Link Controller configuration, you can monitor the performance of the links by using one or more of the following tools in the Configuration utility:

  • Internet Link Evaluator
  • Link Statistics screens
  • Link Report screens

    You can use the screens to analyze the traffic patterns in your network so that you can adjust the Link Controller configuration to best meet your link management objectives. The following sections describe the screens and how to view them.

Working with the Internet Link Evaluator

The Internet Link Evaluator displays the average round trip times, the average completion rates, and the average router hops for the links in your configuration. You can use the Internet Link Evaluator to compare actual performance between links and between ISPs.

To view the Internet Link Evaluator
  1. In the navigation pane, expand the Link Statistics item, and then click Link Evaluator.
    The Internet Link Evaluator screen opens.
  2. For more information about interpreting the data on this screen, click the Help button.

Note


For additional information on the Link Evaluator, refer to Chapter 15, Internet Link Evaluator, in the BIG-IP Reference Guide.

Working with the link statistics screens

The link statistics screens display current data for the physical and logical elements of the configuration. Each link statistics screen displays a particular aspect of your configuration.

To view the Link Statistics screens
  1. In the navigation pane, expand the Link Statistics item, and then click one of the link statistics objects.
    The statistics screen for the object you selected opens.
  2. For more information about a link statistics screen, click the Help button.

Working with the Link Report screen

The Link Report screen displays performance graphs for three time intervals: 30 minutes, 6 hours, and 24 hours. The graphs illustrate the volume of inbound and outbound traffic over a link during the specified time interval. The graphs also indicate any bandwidth pricing levels you have set for a link. You can view a Link Report screen for all the links in the configuration, or for a particular link in the configuration.

To view the Link Report screen for all links
  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Summary button.
    The Link Report for All Links screen opens, where you can review the bandwidth usage for all links in the most recent 30-minute, 6-hour, and 24-hour intervals.
To view the Link Report screen for a particular link
  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Detail button for the link whose data you want to review.
    The Link Report screen opens, where you can review the bandwidth usage for the particular link in the most recent 30-minute, 6-hour, and 24-hour intervals.

Additional configuration options

Whenever you configure a Link Controller, you have a number of options:

  • You have the option in all configurations to configure a Link Controller redundant system for fail-over. Refer to Chapter 13, Configuring a Redundant System , in the BIG-IP Reference Guide.
  • All configurations have health monitoring options. Refer to Chapter 11, Monitors , in the BIG-IP Reference Guide.
  • When you create a pool, there is an option to set up persistence, and a choice of load balancing methods. Refer to Chapter 4, Pools , in the BIG-IP Reference Guide.
  • When you create a link, you have several advanced configuration options. Refer to Chapter 16, Working with Link Configuration , in the BIG-IP Reference Guide.