Load balance multiple URLs on single VIP

Answered Question
Apr 5th, 2010
User Badges:

Hello,

I have a fairly typical load balance configuration on a pair of ACE appliances running (A3)2.5 and now I need to load balance multiple URIs to these same servers on port 80 to the one VIP. Can someone direct me to a doc that shows a good example of this, or explain it below?

Thanks,

Dave


serverfarm host application

rserver webserver1 80

probe server-80-PROBE

inservice

rserver webserver2 80

probe server-80-PROBE

inservice


sticky ip-netmask 255.255.255.255 address source application-80-STICKY

replicate sticky

serverfarm application


class-map match-all application-80-CLASS

2 match virtual-address 1.1.1.1.1 tcp eq www


policy-map type loadbalance first-match application-80-POLICY

class class-default

sticky-serverfarm application-80-STICKY

insert-http X-Forwarded-For header-value "%is"


class application-80-CLASS

loadbalance vip inservice

loadbalance policy application-80-POLICY

loadbalance vip icmp-reply

nat dynamic 22 vlan 424

appl-parameter http advanced-options CASE_PARAM

Correct Answer by Sean Merrow about 7 years 3 months ago

Okay, then.  You don't need a separate Layer-7 policy-map then.  You would do it something like this:


serverfarm host application-80
  rserver server1 80
    probe server-80-PROBE
    inservice
  rserver server2 80
    probe server-80-PROBE
    inservice
serverfarm host application-L7
  rserve rserver1 80
    probe server-80-PROBE
    inservice
  rserver server2 80
    probe server-80-PROBE
    inservice


class-map match-all application-80-CLASS
  2 match virtual-address 1.1.1.1 tcp eq www


class-map type http loadbalance match-any application-L7-CLASS
  3 match http url /uri1/
  4 match http url /uri2/uri2
  5 match http url /uri2/uri3.htm


policy-map type loadbalance first-match application-80-POLICY
  class application-L7-CLASS
    serverfarm application-L7

  class class-default
    sticky-serverfarm application-80-STICKY
    insert-http X-Forwarded-For header-value "%is"


policy-map multi-match POLICY-424
  class application-80-CLASS
    loadbalance vip inservice
    loadbalance policy application-80-POLICY
    loadbalance vip icmp-reply
    nat dynamic 22 vlan 424
    appl-parameter http advanced-options CASE_PARAM


This way, your three sites will be load-balanced to one serverfarm, and all the rest of the traffic would be load-balanced to the default serverfarm.


Hope this clears it up.  Let me know if it doesn't.


Sean

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Sean Merrow Mon, 04/05/2010 - 13:42
User Badges:
  • Silver, 250 points or more

Hi Dave,


Yes, you can load balance multiple URLs to the same VIP and serverfarm.  You can see how to configure this in the Defining a URL for HTTP Load Balancing chapter in the configuration guides.  I have also included an example below that may help get the concept across.


In this example, the client will be load balanced to the LOGIN-FARM if they come in requesting the URL /login, /register, or they are connecting to Host login.example.com.  If none of those match, we'll check to see if they have a suggestion by looking to see if they are looking for the /suggestions URL.  If so, they will be load balanced to SUGGESTION-FARM.  Lastly, if they don't match either of the first two, then they will be sent to the WWW-FARM.  I think the LOGIN class-map is what you are looking for where multiple URLs will be sent to the same farm.


serverfarm host WWW-FARM
  probe TCP
  rserver WWW_SERVER_01
    inservice
  rserver WWW_SERVER_02
    inservice
  rserver WWW_SERVER_03
    inservice


serverfarm host LOGIN-FARM
  probe TCP
  rserver LOGIN_SERVER_01
    inservice


serverfarm host SUGGESTION-FARM
  probe TCP
  rserver SUGGESTION_SERVER_01
    inservice

class-map match-all WWW-VIP
  2 match virtual-address 192.168.20.10 tcp eq www


class-map type http loadbalance match-any LOGIN
  2 match http url /login
  3 match http url /register
  4 match http header Host header-value login.example.com


class-map type http loadbalance match-any SUGGESTIONS
  2 match http url /suggestions

policy-map type loadbalance first-match SLB_LOGIC
  class LOGIN
    serverfarm LOGIN-FARM
  class SUGGESTIONS
    serverfarm SUGGESTION-FARM
  class class-default
    serverfarm WWW-FARM


policy-map multi-match CLIENT_VIPS
  class WWW-VIP
    loadbalance vip inservice
    loadbalance policy SLB_LOGIC
    loadbalance vip icmp-reply


Let me know if this answers your question.


Thanks,

Sean

dpastor Mon, 04/05/2010 - 14:44
User Badges:

Sean,


Thanks.


So, if I have three known URIs, am I correct in saying that I should be able to use the one serverfarm and then the one class-map with the IP and then add the multiple uris to it?  Or, do I need to have a second serverfarm and class-map?


Thanks,

Dave


serverfarm host WWW-FARM
  probe TCP
  rserver WWW_SERVER_01
    inservice
  rserver WWW_SERVER_02
    inservice
 

class-map match-all WWW-VIP
  2 match virtual-address 192.168.20.10 tcp eq www

  3 match http url /site1
  4 match http url /site2
  5 match http url /site3

dario.didio Tue, 04/06/2010 - 00:26
User Badges:
  • Silver, 250 points or more

Hi,


your are mixing things up here. You cannot combine the matching of a VIP address with the mathing of an HTTP URI.


The class-map that matches a VIP address is a layer3/4 class-map. It maches IP Address + port numbers.

The class-map that matches HTTP URI or other HTTP headers for example is a layer7 class-map


You will need something like this:



serverfarm host WWW-FARM
  probe TCP
  rserver WWW_SERVER_01
    inservice
  rserver WWW_SERVER_02
    inservice


class-map match-all WWW-VIP-L3
  2 match virtual-address 192.168.20.10 tcp eq www


class-map type http loadbalance match-any WWW-VIP-L7

  3 match http url /site1
  4 match http url /site2
  5 match http url /site3


policy-map type loadbalance first-match WWW-VIP-PM

class  WWW-VIP-L7

serverfarm WWW-FARM


policy-map multi-match VIPS

class WWW-VIP-L3

  loadbalance vip inservice
  loadbalance policy WWW-VIP-PM
  loadbalance vip icmp-reply active


HTH,

Dario

dpastor Tue, 04/06/2010 - 06:08
User Badges:

Dario,


Thanks for straightening me out on that, I see it now.


Dave

Sean Merrow Wed, 04/07/2010 - 05:19
User Badges:
  • Silver, 250 points or more

Hi Dave,


In addition to Dario's comment, you mention multiple sites.  So with the example config you currently have from this thread, it would assume the following:


www.example.com/site1

www.example.com/site2

www.example.com/site3


However, if you truly have multiple sites, and not just multiple URLs representing a different site, such as:


www.site1.com

www.site2.com

www.site3.com


Then your layer-7 class-map might look something more like this:


class-map type http loadbalance match-any MULTI-SITE
  2 match http header Host header-value www.site1.com
  3 match http header Host header-value www.site2.com
  4 match http header Host header-value www.site3.com


HTH,

Sean

dpastor Wed, 04/07/2010 - 07:02
User Badges:

Sean,


I will be using the same FQDM just different /uris, so this is what I am configuring:


class-map type http loadbalance match-any WWW-VIP-L7

  3 match http url /site1
  4 match http url /site2
  5 match http url /site3



I also have a question about the class statement, do I add another class statement the same way you add another when using multplie ports to the same VIP?


class application-URL-80-CLASS

loadbalance vip inservice

loadbalance policy WWW-VIP-L7

loadbalance vip icmp-reply

nat dynamic 22 vlan 424

appl-parameter http advanced-options CASE_PARAM



Thanks again,


Dave

Sean Merrow Wed, 04/07/2010 - 07:09
User Badges:
  • Silver, 250 points or more

Hi Dave,


Your config will look like the one that Dario provided.  The classes added under the multi-match policy are your layer3/4 classes.  Your three sites are within a layer-7 class-map, which is used within a service policy (layer-7 policy-map), which is applied to the layer3/4 class-map.


I hope I haven't just confused you  ;- )


Thanks,

Sean

dpastor Wed, 04/07/2010 - 08:33
User Badges:

Sean,


Maybe a little confused.

I have built the new serverfarm, policy-map and class-map in bold, I am just not sure how it gets referenced. Do I add it to the multi-match class statement?  My complete config for this particular app is below.


Thanks,

Dave


serverfarm host application-80

  rserver server1 80

    probe server-80-PROBE

    inservice

  rserver server2 80

    probe server-80-PROBE

    inservice

serverfarm host application-L7

  rserve rserver1 80

    probe server-80-PROBE

    inservice

  rserver server2 80

    probe server-80-PROBE

    inservice

class-map match-all application-80-CLASS

  2 match virtual-address 1.1.1.1 tcp eq www

class-map type http loadbalance match-any application-L7-CLASS

  3 match http url /uri1/

  4 match http url /uri2/uri2

  5 match http url /uri2/uri3.htm

policy-map type loadbalance first-match application-80-POLICY

  class class-default

    sticky-serverfarm application-80-STICKY

    insert-http X-Forwarded-For header-value "%is"

policy-map type loadbalance first-match application-L7-POLICY

  class application-L7-CLASS

    serverfarm application-L7

policy-map multi-match POLICY-424

class application-80-CLASS

    loadbalance vip inservice

    loadbalance policy application-80-POLICY

    loadbalance vip icmp-reply

    nat dynamic 22 vlan 424

    appl-parameter http advanced-options CASE_PARAM




Sean Merrow Wed, 04/07/2010 - 08:51
User Badges:
  • Silver, 250 points or more

Hi Dave,


Is your newly added config going to the same VIP 1.1.1.1:80  ?


Sean

Correct Answer
Sean Merrow Wed, 04/07/2010 - 09:21
User Badges:
  • Silver, 250 points or more

Okay, then.  You don't need a separate Layer-7 policy-map then.  You would do it something like this:


serverfarm host application-80
  rserver server1 80
    probe server-80-PROBE
    inservice
  rserver server2 80
    probe server-80-PROBE
    inservice
serverfarm host application-L7
  rserve rserver1 80
    probe server-80-PROBE
    inservice
  rserver server2 80
    probe server-80-PROBE
    inservice


class-map match-all application-80-CLASS
  2 match virtual-address 1.1.1.1 tcp eq www


class-map type http loadbalance match-any application-L7-CLASS
  3 match http url /uri1/
  4 match http url /uri2/uri2
  5 match http url /uri2/uri3.htm


policy-map type loadbalance first-match application-80-POLICY
  class application-L7-CLASS
    serverfarm application-L7

  class class-default
    sticky-serverfarm application-80-STICKY
    insert-http X-Forwarded-For header-value "%is"


policy-map multi-match POLICY-424
  class application-80-CLASS
    loadbalance vip inservice
    loadbalance policy application-80-POLICY
    loadbalance vip icmp-reply
    nat dynamic 22 vlan 424
    appl-parameter http advanced-options CASE_PARAM


This way, your three sites will be load-balanced to one serverfarm, and all the rest of the traffic would be load-balanced to the default serverfarm.


Hope this clears it up.  Let me know if it doesn't.


Sean

dpastor Wed, 04/07/2010 - 09:31
User Badges:

Sean,


That definitely clears it up, I will add it to the ACEs and test it later today.  Thanks for all your help.


Dave

Sean Merrow Wed, 04/07/2010 - 09:34
User Badges:
  • Silver, 250 points or more

Additionally,  your URLs will only be matched if they are exactly what you have:


class-map type http loadbalance match-any application-L7-CLASS
  3 match http url /uri1/
  4 match http url /uri2/uri2
  5 match http url /uri2/uri3.htm


If your clients may start their connection to a URL that only begins with those listed above, then you may want to add wildcards to the end using regular expressions, as such:


class-map type http loadbalance match-any application-L7-CLASS
  3 match http url /uri1/.*
  4 match http url /uri2/uri2.*
  5 match http url /uri2/uri3\.htm


HTH,

Sean

dpastor Wed, 04/07/2010 - 10:57
User Badges:

Sean,


That does help, thanks again.  The app is very specific on the /uri, but that is a good tip and I will keep the wildcard in mind should we need it.


Dave

Actions

This Discussion