Manual Chapter : BIG-IP Link Controller Solutions Guide v4.5:Configuring Links for Simple ISP Load Balancing

Applies To:

Show Versions Show Versions

Link Controller

  • 4.6.1, 4.6.0, 4.5 PTF-08, 4.5 PTF-07, 4.5 PTF-06, 4.5 PTF-05, 4.5 PTF-04, 4.5 PTF-03, 4.5 PTF-02, 4.5 PTF-01, 4.5.14, 4.5.13, 4.5.12, 4.5.11, 4.5.9, 4.5.0
Manual Chapter

2

Configuring Links for Simple ISP Load Balancing


Introducing simple ISP load balancing

You can configure the Link Controller to provide high availability for incoming and outgoing traffic with multiple Internet service providers (ISPs). This configuration eliminates the possibility that if one ISP connection fails, your entire web site or Internet connectivity fails.

Figure 2.1 An example of simple ISP load balancing.

Note


This type of configuration assumes that you have completed the base configuration created by the Setup utility. For more information, see the BIG-IP Reference Guide, Chapter 2, Using the Setup Utility . To use this configuration, you must configure at least three VLANs when you create the initial configuration: one VLAN for each ISP, and one VLAN for the internal network.
The IP addresses used in this example are for demonstration only. You should substitute IP addresses appropriate for your network.

Configuring ISP load balancing

When you set up ISP, or link, load balancing, you have several tasks to complete on the Link Controller:

  • Configure the links
    Complete the following tasks to configure the links.

    • Verify that the default gateway pool that contains the IP address of each ISP, or link, is configured correctly.
    • Add the links to the configuration.
    • Create transparent monitors to verify that the path to or through ISP is available.
  • Create two load balancing pools
    You must define one pool that load balances the content servers. The other pool, the default_gateway_pool, is created when you add the IP addresses of the links while setting the default gateways in the Setup utility.
  • Configure virtual servers
    You need to configure a virtual server in the network of the link for each ISP to load balance inbound connections across the servers. You also configure one wildcard virtual server (0.0.0.0:0) to load balance outbound connections across the routers.
  • Add a wide IP for inbound load balancing
    Add a wide IP to handle inbound DNS requests for each pair of virtual servers you add for each link.
  • Manage links
    Additional configuration options are available for each link.

Defining the pools for an additional Internet connection

First, define one pool that load balances the content servers, and one pool to load balance the routers. Figure 2.2 is an example of how the network devices and servers are grouped into pools.

Figure 2.2 The pools required for link load balancing

To create the inbound load balancing pool using the Configuration utility
  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses in the Add Pool screen. (For additional information about configuring a pool, click the Help button.)

Configuration notes

For the example in Figure 2.1 :

Create the pool server_pool containing the members 10.1.1.1:80 10.1.1.2:80, and 10.1.1.3:80.

To create the default gateway pool using the Configuration utility

If you configured more than one default gateway in the Setup utility, the Link Controller already created a default_gateway_pool pool. You can skip this step. If you do not have a default_gateway_pool, create one by completing the following task.

  1. In the navigation pane, click Pools.
    The Pools screen opens.
  2. Click the Add button.
    The Add Pool screen opens.
  3. For each pool, enter the pool name and member addresses in the Add Pool screen. (For additional information about configuring a pool, click the Help button.)

Configuration notes

For the example in Figure 2.1 :

Create the pool default_gateway_pool containing the router inside addresses 192.168.100.1:0 and 192.168.200.1:0.

Defining the virtual servers for an additional Internet connection

After you create the pools, you configure the virtual servers, one for each link that load balances inbound connections across the servers. You also configure one wildcard virtual server to load balance outbound connections across the routers. Each of the virtual servers you create references either the default_gateway_pool or the server_pool in the configuration.

To define the virtual servers for inbound traffic using the Configuration utility
  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For each virtual server, enter the virtual server address and pool name. (For additional information about configuring a virtual server, click the Help button.)

Configuration notes

For the example in Figure 2.1 :

Note that you must create a virtual server for each link. For this example, create the virtual servers 192.168.100.20:80 and 192.168.200.20:80, and use pool server_pool.

To define a wildcard virtual server for outbound traffic using the Configuration utility
  1. In the navigation pane, click Virtual Servers.
    The Virtual Servers Screen opens.
  2. Click the Add button.
    The Add Virtual Server screen opens.
  3. For a wildcard virtual server, use the following settings:

    • For the virtual server address, type 0.0.0.0.
    • For the service, type 0 or select any from the list.
    • For the VLAN, select All.
    • For the pool, select default_gateway_pool.
  4. Click Done.

    Click Help for details on the settings on the Add Virtual Server screens.

Setting the default gateway pool

If a Link Controller does not have a predefined route for network traffic, the unit automatically sends traffic to the pool that you define as the default gateway pool. Think of the default gateway pool as a pool of default routes.

In a Link Controller configuration, the default gateway pool must contain two or more gateway IP addresses, or ISPs. If a gateway in the default gateway pool becomes inactive, existing connections through the inactive gateway are routed through another gateway in the default gateway pool.

Note


If you configure more than one default gateway in the Setup utility, the Link Controller automatically creates a default_gateway_pool pool.

 

To set the default gateway pool from the Configuration utility
  1. In the navigation pane, click System.
    The System screen opens.
  2. Click the Properties tab.
    The Properties screen opens.
  3. From the Default Gateway Pool list, select the pool that contains the internal IP addresses of the gateway routers.
    In the example in this document, this is the default_gateway_pool pool.
  4. Click Apply.

Warning


Default gateway IP addresses must have a corresponding self IP address/netmask combination on the Link Controller.

Using SNAT automap for outbound traffic

Secure network address translation (SNAT) automap is automatically configured for outbound traffic so that clients receive replies through the same ISP that their requests originated from. Figure 2.3 is an example of the SNAT automap configuration for link load balancing.

Figure 2.3 SNAT automap feature on self IP addresses and on internal VLANs.

Adding a wide IP for inbound load balancing

To complete the link load balancing configuration, you must configure a wide IP and wide IP pool for each pair of virtual servers you created for each link. Each wide IP in your configuration has a pool of virtual servers that the Link Controller load balances incoming DNS requests to. The wide IP pool is made up of only virtual servers managed by the Link Controller. When you configure the wide IP pool, you specify the load balancing methods that the Link Controller applies to the incoming DNS requests.

To add a new wide IP for inbound load balancing using the Configuration utility
  1. In the navigation pane, click Link Configuration, and then click Inbound LB.
    The Wide IPs list screen opens.
  2. Click the Add button.
    The Define Wide IP (Step 1 of 2) screen opens.
  3. Add the wide IP name and port settings, and click Next.
    The Define Wide IP (Step 2 of 2) screen opens.
  4. In the Available list, click the virtual servers that you want to add to the pool, and click the Add (-->>) button.
    The virtual servers become part of the Members list for the wide IP.
  5. Click Finish.
    The wide IP is added to your configuration.

Configuring transparent monitors for the links

When you create the default gateway pool, the Link Controller automatically creates simple ICMP monitors that check to make sure the IP addresses in the default gateway pool are available to the Link Controller. In addition to the default ICMP monitors, you can configure transparent monitors that verify the path taken by traffic through each link. You can use transparent monitors to check the availability of a device in an ISP network or on the Internet.

To configure a transparent monitor using the Configuration utility
  1. In the navigation pane, expand the Link Configuration item, and then click Links.
    The Link List screen opens.
  2. Click the name of the link that you want to modify.
    The Link Properties tab opens.
  3. Click the Link Monitor tab.
    The Monitor screen opens.
  4. Type in the name of your monitor, for example LinkMonitor (it must be different from the monitor template name), and select the tcp_echo monitor template.
  5. Click the Next button.
    The Configure Basic Properties screen opens. The default value for interval and timeout should be sufficient.
  6. Check the Transparent box, and click the Next button.
    The Configure Destination IP and Service (Alias) screen opens.
  7. In the Destination IP box, type the IP address of a network device on the other side of the router that you want to monitor.

    • If you are monitoring a device at the ISP, you should contact the ISP for more information about how to configure this monitor.
    • If you are monitoring a device in an ISP network, you must configure a separate monitor, with a specific IP and port combination for the device, for each ISP network.
    • If you are monitoring a device on the public Internet, you can create one monitor that is applicable for all links.
  8. In the Destination Service box, type the service number you want to monitor. For example, if Telnet is enabled on the destination device, type 23.
  9. When you have finished configuring the monitor, click Apply.

Note


You can also set up ICMP transparent monitors. When your ISP does not allow TCP monitoring, use ICMP monitoring instead.  
To associate the monitor with the members of the default gateway pool

After you create the monitors to check the availability of the links, you must associate the monitors with the routers in the default gateway pool.

  1. In the navigation pane, click Monitors.
    The Monitors screen opens.
  2. Click the Node Associations tab.
    The Node Association screen opens.
  3. From the Choose Monitor list, select the monitor you created to monitor links.
  4. Click the Add button (>>) to move the monitor into the Monitor Rule box.
  5. In the node list table, in the Associate Current Monitor Rule column, check the check box for each node address that is in the default gateway pool.
  6. Click the Apply button.

Monitoring link performance

After you complete the Link Controller configuration, you can monitor the performance of the links by using one or more of the following tools in the Configuration utility:

  • Internet Link Evaluator
  • Link Statistics screens
  • Link Report screens

You can use the screens to analyze the traffic patterns in your network so that you can adjust the Link Controller configuration to best meet your link management objectives. The following sections describe the screens and how to view them.

Working with the Internet Link Evaluator

The Internet Link Evaluator displays the average round trip times, the average completion rates, and the average router hops for the links in your configuration. You can use the Internet Link Evaluator to compare actual performance between links and between ISPs.

To view the Internet Link Evaluator
  1. In the navigation pane, expand the Link Statistics item, and then click Link Evaluator.
    The Internet Link Evaluator screen opens.
  2. For more information about interpreting the data on this screen, click the Help button.

Note


For additional information on the Link Evaluator, refer to Chapter 15, Internet Link Evaluator , in the BIG-IP Reference Guide.

 

Working with the link statistics screens

The link statistics screens display current data for the physical and logical elements of the configuration. Each link statistics screen displays a particular aspect of your configuration.

To view the Link Statistics screens
  1. In the navigation pane, expand the Link Statistics item, and then click one of the link statistics objects.
    The statistics screen opens for the object you selected.
  2. For more information about a link statistics screen, click the Help button.

Working with the Link Report screen

The Link Report screen displays performance graphs for three time intervals: 30 minutes, 6 hours, and 24 hours. The graphs illustrate the volume of inbound and outbound traffic over a link during the specified time interval. The graphs also indicate any bandwidth pricing levels you have set for a link. You can view a Link Report screen for all the links in the configuration, or for a particular link in the configuration.

To view the Link Report screen for all links
  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Summary button.
    The Link Report for All Links screen opens, where you can review the bandwidth usage for all links in the most recent 30-minute, 6-hour, and 24-hour intervals.
To view the Link Report screen for a particular link
  1. In the navigation pane, expand the Link Statistics item, and then click Links.
    The Link Statistics screen opens.
  2. Click the Graph Link Detail button for the link whose data you want to review.
    The Link Report screen opens, where you can review the bandwidth usage for the particular link in the most recent 30-minute, 6-hour, and 24-hour intervals.

Additional configuration options

Whenever you configure a Link Controller, you have a number of options:

  • You have the option in all configurations to configure a Link Controller redundant system for fail-over. Refer to Chapter 13, Configuring a Redundant System , in the BIG-IP Reference Guide.
  • All configurations have health monitoring options. Refer to Chapter 11, Monitors , in the BIG-IP Reference Guide.
  • When you create a pool, there is an option to set up persistence, and a choice of load balancing methods. Refer to Chapter 4, Pools , in the BIG-IP Reference Guide.
  • When you create a link, you have several advanced configuration options. Refer to Chapter 16, Working with Link Configuration , in the BIG-IP Reference Guide.