D-Link DFL-1600 User Manual page 285
Network security firewall
Hide thumbs
Also See for DFL-1600:
- Quick manual (22 pages) ,
- User manual (552 pages) ,
- Log reference manual (476 pages)
Table of Contents
Advertisement
24.2. SLB Implementation
D-Link firewalls offer the following algorithms to accomplish the load
distribution tasks:
1. Round-Robin Algorithm:
The algorithm distributes new coming connections to a list of servers
on a rotating bases. For the first connection, the algorithm picks a
server from the farm randomly, and assigns the connection to it. This
server then goes to the bottom of the list with lowest preference. For
subsequent connections, the algorithm cycles through the server list
and redirects the load to servers in order. Regardless of each server's
capability and other aspects, for instance, the number of existing
connections on a server or its response time, all the available servers
in the farm take turns to be assigned the next new connection.
2. Connection-Rate Algorithm:
This algorithm redirects a connection to the server with the least
number of new connections in a predefined time span. An array inside
the firewall saves the number of new connections per second for each
server. It updates every second to remove old connection counting
values.
If Connection-Rate algorithm is used without stickiness, it will behave as
Round Robin that allocates new connections to servers in an orderly
fashion. It will also behave as Round Robin if there always are clients with
a new IP address that makes one connection. The real benefit is when
using Connection Rate together with stickiness and clients make multiple
connections. Then Connection Rate will take effect so that the distribution
of new connections is as even as possible among the servers. Before the
interval reaches the specified Idle Timeout of stickiness, new coming
connections from the same IP address as a previous connection are assigned
to the same server. The connection with a new address will be redirected to
a server with the lowest connection rate. The algorithm aims to minimize
the new connection load for a server, but the distribution may get uneven if
a client from a single IP is sending lots of new connections in a short time
and the other servers do not get as many new connections.
In the configuration interface, the Window Time is the variable to use for
counting the number of seconds back in time to summarize the number of
new connections for connection-rate algorithm. As default value, 10 is used
so that the number of new connections which were made to each server in
the last 10 seconds will be memorized.
D-Link Firewalls User's Guide
265
Advertisement
Table of Contents
