1. Manuals
  2. Brands
  3. Barracuda Networks Manuals
  4. Network Hardware
  5. Load Balancer
  6. Administrator's manual

Barracuda Networks Load Balancer Administrator's Manual

Hide thumbs Also See for Load Balancer:
Table of Contents

Advertisement

Quick Links

B a r r a c u d a L o a d B a l a n c e r A d m i n i s t r a t o r ' s G u i d e
V e r s i o n 2 . 3
Barracuda Networks Inc.
3175 S. Winchester Blvd.
Campbell, CA 95008
http://www.barracuda.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Load Balancer and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Barracuda Networks Load Balancer

Summary of Contents for Barracuda Networks Load Balancer

  • Page 1 B a r r a c u d a L o a d B a l a n c e r A d m i n i s t r a t o r ’ s G u i d e V e r s i o n 2 . 3 Barracuda Networks Inc. 3175 S. Winchester Blvd.

  • Page 2: Copyright Notice

    All rights reserved. Use of this product and this manual is subject to license. Information in this document is subject to change without notice. Trademarks Barracuda Load Balancer is a trademark of Barracuda Networks. All other brand and product names mentioned in this document are registered trademarks or trademarks of their respective holders.

  • Page 3: Table Of Contents

    Powerful Enterprise-Class Solution ......8 Features of the Barracuda Load Balancer ..... . 9 Load balancing for all IP-based applications .
  • Page 4 A p p e n d i x B – B a r r a c u d a L o a d B a l a n c e r H a r d w a r e ..5 7 Front Panel of the Barracuda Load Balancer ....58 Barracuda Load Balancer 240, 340, and 440 .
  • Page 5 Barracuda Load Balancer 640 ......59 Back Panel of the Barracuda Load Balancer ....60 Barracuda Load Balancer, all models .
  • Page 6 Barracuda Load Balancer Administrator’s Guide...
  • Page 7 Chapter 1 Introduction This chapter provides an overview of the Barracuda Load Balancer and includes the following topics: • Overview on page 8 • Features of the Barracuda Load Balancer on page 9 Introduction 7...

  • Page 8: Overview

    Real Server with the lowest CPU load. The Barracuda Load Balancer also makes it easy to scale your network to handle increased traffic because you can simply add a Real Server at any time, and the Barracuda system will automatically detect the new server and add it to the load-balanced farm of servers.

  • Page 9: Features Of The Barracuda Load Balancer

    Other TCP/UDP-based services Easy Setup and Maintenance The Barracuda Load Balancer is extremely easy to deploy, featuring automatic discovery of systems in the server farm and easy-to-use configuration tools through an intuitive Web interface. To minimize ongoing administration associated with security, the Barracuda Load Balancer can automatically receive current intrusion prevention and security updates from Barracuda Central, an advanced technology operations center.

  • Page 10: Intrusion Prevention System

    Intrusion Prevention System (IPS) helps secure your network, even if you may have missed a patch or if an exploit manages to get past your existing security. The Barracuda Load Balancer will automatically block any exploits that are detected across any protocol; no configuration is required.

  • Page 11: Auto-Discover

    Session persistence for many HTTP-based applications can also be tracked by using cookies. The Barracuda Load Balancer supports all cookies that are generated or used by any application, as well as cookie insertion for times when applications do not have or use their own cookies. Persistence in all cases will last for as long as the cookie does unless a period of inactivity exceeds the configured timeout value.

  • Page 12: Session Directory Integration

    This is because the cookie is inserted into the data stream by the Barracuda Load Balancer when the traffic is outbound. In DSR the traffic goes directly to the client, bypassing the Barracuda Load Balancer, so there is no opportunity to insert a cookie.

  • Page 13: High Availability

    Service are not available. This Last Resort Server can be located on a different network, or even across the Internet, so long as the WAN port of the Barracuda Load Balancer has a route to that server. If all Real Servers for a particular Service are unavailable, the Barracuda Load Balancer will route all traffic bound for that Service to the Last Resort Server.
  • Page 14 Barracuda Load Balancer Administrator’s Guide...
  • Page 15 Chapter 2 Load Balancing Concepts This chapter provides an overview of the Barracuda Load Balancer and includes the following topics: • Barracuda Load Balancer Terminology on page 16 • Load Balancer Deployment Options on page 19 Load Balancing Concepts 15...

  • Page 16: Barracuda Load Balancer Terminology

    Barracuda Load Balancer Terminology The following is a list of some of the terms used by the Barracuda Load Balancer. Table 2.1: Barracuda Load Balancer terminology Term Description Service A combination of a Virtual IP (VIP) and one or more TCP/UDP ports that the Service is to listen on.
  • Page 17 See Figure 2.2: A physical network layout using Route-Path on page 18 for an example. WAN IP Address or The IP address assigned to the Barracuda Load Balancer, which is also the IP Management IP address used to access the Web interface.
  • Page 18 Figure 2.2: A physical network layout using Route-Path Barracuda Load Balancer Administrator’s Guide...

  • Page 19: Load Balancer Deployment Options

    All of these deployment modes require specific network configurations. However, the Barracuda Load Balancer must be in either Route-Path or Bridge-Path mode. Direct Server Return is an option that you may choose for each Real Server. Table 2.2 shows the number of logical and physical networks required by each deployment method.

  • Page 20: Deploying Route-Path

    Static routes for incoming and outgoing traffic for each IP address of each Real Server have been defined. Each Real Server must be one hop away from the LAN port on the Barracuda Load Balancer. This means their switch must be directly connected into the LAN port of the Barracuda Load Balancer, or connected to a series of switches that eventually reach the LAN port of the Barracuda Load Balancer without going through any other machines.

  • Page 21: Bridge-Path

    Basic>IP Configuration Bridge-Path Bridge-Path provides an easy configuration scenario. Place the Barracuda Load Balancer inline with your existing IP infrastructure and it can load-balance servers without changing IP addresses. With Bridge-Path deployment, the WAN and LAN interfaces must be on physically separate networks. The LAN interface must be on the same logical switch as the servers being load-balanced.

  • Page 22: Deploying Bridge-Path

    Balancer becomes unavailable (a separate switch is absolutely required for models 440 and below). Each Real Server must be one hop away from the LAN port on the Barracuda Load Balancer. This means their switch must be directly connected into the LAN port of the Barracuda Load Balancer, or connected to a series of switches that eventually reach the LAN port of the Barracuda Load Balancer without going through any other machines.
  • Page 23 DSR. • If the Real Servers cannot be placed on a separate and isolated subnet from the Barracuda Load Balancer, it may be better to use DSR than Route-Path. If the Real Servers are in a Load Balancing Concepts 23...
  • Page 24 Real Servers are on the same subnet as the Barracuda Load Balancer and the configuration cannot be changed, then DSR is recommended. • DSR can assist in optimizing Windows to Windows communication between Real Servers.

  • Page 25: Dsr With Route-Path Or Bridge-Path

    Service. Real Servers that are in DSR mode must be on the same subnet as the WAN. If the Barracuda Load Balancer is in Route-Path mode, then the Real Servers that are not in DSR mode must be on the same subnet as the LAN.

  • Page 26: Deployment Notes

    WAN port of the Load Balancer without going through any other machines. If you specify Route-Path deployment for the Barracuda Load Balancer, but only use Real Servers with Direct Server Return enabled, the physical LAN port is not used by the Barracuda Load Balancer, and the LAN adapter may remain undefined in the Web administration interface.

  • Page 27: Deployment In A Windows Environment

    IIS (Windows) or application has not been associated with the real IP address and the VIP. Note If you have difficulties, check the Barracuda Networks User Support Forum at http://forum.barrracudanetworks.com or call Technical Support. Load Balancing Concepts 27...
  • Page 28 Barracuda Load Balancer Administrator’s Guide...
  • Page 29 Chapter 3 Getting Started This chapter provides general instructions for installing, configuring and maintaining the Barracuda Load Balancer. It includes the following topics: Initial Setup ..................30 Administrative Settings ..............36 Maintaining the Barracuda Load Balancer........38 Getting Started 29...

  • Page 30: Initial Setup

    Initial Setup These are the general steps to set up your Barracuda Load Balancer. For more detailed instructions for each step, see the following reference pages. Preparing for Installation ..............30 Connecting the Barracuda Load Balancer to the Network ....31 Configuring WAN IP Address and Network Settings ......

  • Page 31: Connecting The Barracuda Load Balancer To The Network

    • VGA monitor • PS2 keyboard After you connect the AC power cord, the Barracuda Load Balancer may power on for a few seconds and then power off. This behavior is normal. Press the Power button located on the front of the unit.

  • Page 32: Configuring Your Corporate Firewall

    The new IP address and network settings are applied to your Barracuda Load Balancer. Configuring Your Corporate Firewall If your Barracuda Load Balancer is located behind a corporate firewall, refer to Table 3.1 for the ports that need to be opened on your corporate firewall to allow communication between the Barracuda Load Balancer, Virtual IP(s) and remote servers.
  • Page 33 To configure the Barracuda Load Balancer: From a Web browser, enter the IP address of the Barracuda Load Balancer followed by a colon and port 8000. For example: http://192.168.200.200:8000 To log into the administration interface, enter admin for the username and admin for the password.

  • Page 34: Updating The Barracuda Load Balancer Firmware

    However, it is important for you to verify the subscription status so that your Barracuda Load Balancer can continue to receive the latest updates to the Intrusion Prevention System from Barracuda Central. The Energize Update service is responsible for downloading these updates to your Barracuda Load Balancer.

  • Page 35: Updating The Ips Definitions

    Traffic arriving over the designated port(s) to the specified VIP is directed to one of the Real Servers that are associated with a particular Service. The Barracuda Load Balancer determines the order in which the traffic is distributed to the Real Servers based on the policy type for the Service.

  • Page 36: Administrative Settings

    Basic > Administration The current time on the system is automatically updated via Network Time Protocol (NTP). When the Barracuda Load Balancer resides behind a firewall, NTP requires port 123 to be opened for outbound UDP traffic. It is important that the time zone is set correctly because this information is used to coordinate traffic distribution and in all logs and reports.
  • Page 37 In order to only allow secured connections when accessing the Web administration interface, you need to supply a digital SSL certificate which will be stored on the Barracuda Load Balancer. This certificate is used as part of the connection process between client and server (in this case, a browser and the Web administration interface on the Barracuda Load Balancer).

  • Page 38: Maintaining The Barracuda Load Balancer

    Barracuda Load Balancer or in the event your current system data becomes corrupt. If you are restoring a backup file on a new Barracuda Load Balancer that is not configured, you need to assign your new system an IP address and DNS information on the page.

  • Page 39: Updating The Intrusion Prevention Rules Using Energize Updates

    Campbell, CA 95008 Note To set up the new Barracuda Load Balancer so it has the same configuration as your old failed system, restore the backup file from the old system onto the new system, and then manually configure the new system’s IP information on the Basic >...

  • Page 40: Using The Built-In Troubleshooting Tools

    • Contact Barracuda Networks Technical Support for additional troubleshooting tips. As a last resort, you can reboot your Barracuda Load Balancer and run a memory test or perform a complete system recovery, as described in this section. To perform a system recovery or hardware test: Connect a monitor and keyboard directly to your Barracuda Load Balancer.

  • Page 41: Reboot Options

    Table 3.2: Reboot Options Reboot Options Description Barracuda Starts the Barracuda Load Balancer in the normal (default) mode. This option is automatically selected if no other option is specified within the first three (3) seconds of the splash screen appearing. Recovery...
  • Page 42 Barracuda Load Balancer Administrator’s Guide...
  • Page 43 Web interface. For more detailed information about a specific page in the Web interface, view the online help by clicking the question mark icon on the right side of the page. The following topics are covered: Configuring the Barracuda Load Balancer........44 Monitoring the Barracuda Load Balancer ........53 Managing the Barracuda Load Balancer 43...

  • Page 44: Configuring The Barracuda Load Balancer

    Barracuda Load Balancer. When you click Auto-Discover the Barracuda Load Balancer pings all devices on the same class C network and displays a list of all responding Real Servers. Checkmark the Real Server(s) that you want bound to the Service you are...
  • Page 45 Basic > Services with a green, orange, or red health indicator next to it. If you have a Service that uses SSL but you do not want the Barracuda Load Balancer to perform SSL offloading, then you must either: Create a Service with Port ALL, or Create two Services, one with Port 80 (HTTP port) and the other with Port 443 (SSL port).

  • Page 46: Enabling Persistence

    Service on port 3389. Basic > Services Set the Enable Session Directory Integration option to Click Save Changes Note that Session Directory Integration does not work if the Barracuda Load Balancer is in Bridge- Path mode. Barracuda Load Balancer Administrator’s Guide...

  • Page 47: Ssl Offloading

    These two tasks are described in the following sections. Uploading SSL Certificates One SSL certificate for each Service to be offloaded must be stored on the Barracuda Load Balancer. If the Service has never used SSL before, then a certificate has to be ordered from a trusted Certificate Authority such as Verisign.

  • Page 48: Pre-Assigned Weight

    Click Save Changes Scheduling Policies The Barracuda Load Balancer considers the weight values for the Real Servers and then applies a scheduling algorithm, either Weighted Round-Robin or Weighted Least Connections, to determine which Real Server gets the next connection. In Weighted Round-Robin, Real Servers with higher weights get more connections than those with lower weights and Real Servers with equal weights get equal connections.

  • Page 49: Configuring Intrusion Prevention

    Prevention To test if the IPS is working on the Barracuda Load Balancer, there is a simple URL that will generate a test IPS catch. To test with this URL, create or locate a Web Service (with at least one Real Server) on port 80 from the page.

  • Page 50: Operation Of Ha

    • Barracuda Load Balancer models 340 or higher. • Be the same model as the other Barracuda Load Balancer and on the same version of firmware. • Be able to access all Real Servers. • Be installed on a unique management IP address. The Barracuda Load Balancers use the management IP address (over SNMP ports) to communicate for high availability.
  • Page 51 Barracuda Load Balancer, verify that no Advanced > Task Manager processes are running. Complete this step on the backup Barracuda Load Balancer as well. No processes should be running when you add systems to the cluster.

  • Page 52: Data Propagated To Clustered Systems

    However, if this is a Route-Path deployment, the LAN IP • Any SSL Certificates that have been configuration will be propagated. installed. • System password and time zone as configured on the Basic > page. Administration Barracuda Load Balancer Administrator’s Guide...

  • Page 53: Monitoring The Barracuda Load Balancer

    Monitoring the Barracuda Load Balancer This section describes the monitoring tasks you can perform from the Web administration interface of the Barracuda Load Balancer. This section covers the following topics: Monitoring the Health of Services............. 53 Viewing Performance Statistics ............54 Viewing the Event Log ...............

  • Page 54: Viewing Performance Statistics

    Advanced > Task Manager and also displays any errors encountered when performing these tasks. Some of the tasks that the Barracuda Load Balancer tracks include: • Cluster setup •...

  • Page 55: Appendix A - S N M P M I

    Appendix A SNMP MIB The Barracuda Load Balancer supports SNMP version 1. Barracuda-REF DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, enterprises FROM SNMPv2-SMI; barracuda MODULE-IDENTITY LAST-UPDATED "200705080000Z" -- August 24, 1999 ORGANIZATION "Barracuda Networks, Inc." CONTACT-INFO " Barracuda Networks Inc. 3175 S. Winchester Blvd.
  • Page 56 "The Barracuda Load Balancer's operating servers." ::= { blb 3 } systemConnections OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The Barracuda Load Balancer's current open connections." ::= { blb 4 } systemConnectionRate OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The Barracuda Load Balancer's current connections per...
  • Page 57 Appendix B Barracuda Load Balancer Hardware This appendix provides hardware information for the Barracuda Load Balancer. The following topics are covered: Front Panel of the Barracuda Load Balancer........58 Back Panel of the Barracuda Load Balancer........60 Hardware Compliance ............... 61...

  • Page 58: Front Panel Of The Barracuda Load Balancer

    Figure B.1: Barracuda Load Balancer Front Panel for models 240, 340, and 440 3 4 5 6 7 8 9 Table B.1 describes the front components on the Barracuda Load Balancer 240, 340, and 440. Table B.1: Front Panel Descriptions for Barracuda Load Balancer 240, 340, and 440...

  • Page 59: Barracuda Load Balancer 640

    Figure B.2: Barracuda Load Balancer Front Panel for model 640 3 4 5 6 7 8 9 Table B.2 describes the front components on the Barracuda Load Balancer 640. Table B.2: Front Panel Descriptions for Barracuda Load Balancer 640 Diagram Location...

  • Page 60: Back Panel Of The Barracuda Load Balancer

    Figure B.3 shows the back components as described in Table B.3. Figure B.3: Barracuda Load Balancer Back Panel Table B.3 describes the back components on all models of the Barracuda Load Balancer. Table B.3: Barracuda Load Balancer Back Component Descriptions...

  • Page 61: Hardware Compliance

    Hardware Compliance This section contains compliance information for the Barracuda Load Balancer hardware. Notice for the USA Compliance Information Statement (Declaration of Conformity Procedure) DoC FCC Part 15: This device complies with part 15 of the FCC Rules. Operation is subject to the following conditions:...
  • Page 62 Barracuda Load Balancer Administrator’s Guide...

  • Page 63: Limited Warranty

    Except for the foregoing, the software is provided as is. In no event does Barracuda Networks warrant that the software is error free or that Customer will be able to operate the software without problems or interruptions. In addition, due to...

  • Page 64: Exclusions And Restrictions

    Exclusions and Restrictions This limited warranty does not apply to Barracuda Networks products that are or have been (a) marked or identified as "sample" or "beta," (b) loaned or provided to you at no cost, (c) sold "as is," (d) repaired, altered or modified except by Barracuda Networks, (e) not installed, operated or maintained in accordance with instructions supplied by Barracuda Networks, or (f) subjected to abnormal physical or electrical stress, misuse, negligence or to an accident.

  • Page 65: Energize Update Software License

    Energize Update Software License PLEASE READ THIS ENERGIZE UPDATE SOFTWARE LICENSE CAREFULLY BEFORE DOWNLOADING, INSTALLING OR USING BARRACUDA NETWORKS OR BARRACUDA NETWORKS-SUPPLIED ENERGIZE UPDATE SOFTWARE. BY DOWNLOADING OR INSTALLING THE ENERGIZE UPDATE SOFTWARE, OR USING THE EQUIPMENT THAT CONTAINS THIS SOFTWARE, YOU ARE CONSENTING TO BE BOUND BY THIS LICENSE.
  • Page 66 The following terms govern your use of the Energize Update Software except to the extent a particular program (a) is the subject of a separate written agreement with Barracuda Networks or (b) includes a separate "click-on" license agreement as part of the installation and/or download process. To the...
  • Page 67 THE ENERGIZE UPDATE SOFTWARE WHICH IS BEING UPGRADED; AND (3) USE OF ADDITIONAL COPIES IS LIMITED TO BACKUP PURPOSES ONLY. Energize Update Changes. Barracuda Networks reserves the right at any time not to release or to discontinue release of any Energize Update Software and to alter prices, features, specifications, capabilities, functions, licensing terms, release dates, general availability or other characteristics of any future releases of the Energize Update Software.
  • Page 68 In no event does Barracuda Networks warrant that the Energize Update Software is error free or that Customer will be able to operate the Energize Update Software without problems or interruptions. In...

  • Page 69: Open Source Licensing

    These programs are copyrighted by their authors or other parties, and the authors and copyright holders disclaim any warranty for such programs. Other programs are copyright by Barracuda Networks. GNU GENERAL PUBLIC LICENSE, (GPL) Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
  • Page 70 Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide Barracuda Load Balancer Administrator’s Guide...
  • Page 71 if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8.
  • Page 72 Barracuda products may include programs that are covered by the Apache License or other Open Source license agreements. The Apache license is re- printed below for you reference. These programs are copyrighted by their authors or other parties, and the authors and copyright holders disclaim any warranty for such programs. Other programs are copyright by Barracuda Networks. Apache License Version 2.0, January 2004...
  • Page 73 means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."...
  • Page 74 Barracuda Networks at no charge. If you would like a copy of the source code or the changes to a particular program we will gladly provide them, on a CD, for a fee of $100.00. This fee is to pay for the time for a Barracuda Networks engineer to assemble the changes and source code, create the media, package the media, and mail the media.
  • Page 75 IP Configuration page Backup page Barracuda Load Balancer configuring managing Last Resort Server monitoring Logical Network Barracuda Load Balancer Terminology Bridge-Path Management IP Address monitoring caching ARP requests Services character tags cluster configuring, Barracuda Load Balancer network time protocol...
  • Page 76 replacing failed system RESET button, using restarting the system restoring configuration Route-Path Scheduling policy Server Farm Service Service Monitor Services, monitoring Session shutting down the system SSL Certificates SSL Offloading SSL Offloading, configuring Status page subscription activating status Task Manager page TCP ports testing memory time zone, setting...

Table of Contents