KEMP Technologies LoadMaster 1500 Installation And Configuration Manual
  1. Manuals
  2. Brands
  3. KEMP Technologies Manuals
  4. Network Hardware
  5. LoadMaster 1500
  6. Installation and configuration manual

KEMP Technologies LoadMaster 1500 Installation And Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

LoadMaster 1500

Installation and Configuration

Guide
Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
1

Advertisement

Table of Contents
loading

Related Manuals for KEMP Technologies LoadMaster 1500

Summary of Contents for KEMP Technologies LoadMaster 1500

  • Page 1: Installation And Configuration

    LoadMaster 1500 Installation and Configuration Guide Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 2 Copyright © 2000 - 2005 KEMP Technologies, Inc. All rights reserved. KEMP Technologies, Inc. reserves all ownership rights for the LoadMaster product line including software and documentation. The use of the LoadMaster Load Balancer is subject to the license agreement.

  • Page 3: Table Of Contents

    3. Least Connection ........................20 4. Weighted Least Connection....................... 20 5. Agent Based Adaptive Balancing....................20 G. Layer 4 Persistency ........................21 1. Source IP Address Based Persistency ..................21 Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 4 2.4. Upgrading the evaluation license to a full single or HA license ............31 3. Backup and Restore ........................ 31 4. System recovery ........................31 5. Interoperability between L4 / L7 Virtual Services ................. 32 O. Appendix I..........................32 Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 5 5. Extended Configuration......................41 5.1. Interface Control ........................41 5.2. Enable/Disable S-NAT ......................41 5.3. Syslogd Configuration ......................42 5.4. SNMP metrics ........................42 5.5. SNMP traps ......................... 42 Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 6 4. Create an SSL accelerated Virtual Service................... 63 C. Full Menu Tree ...........................64 1. Home ............................ 65 2. Virtual Services ........................65 2.1. Add Virtual Service ....................... 65 2.2. Virtual Service Properties ...................... 65 Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 7 6.2.3. Access control Lists......................71 6.2.4. Add Address ........................71 6.3. Miscellaneous ........................71 6.3.1. SNAT Control ........................71 6.3.2. Set Transfer Protocol......................71 6.3.3. Set HA Timeout ......................... 71 Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 8: Section I. Application Guide

    Access Code: An Access Code will be generated during the initial setup of the LoadMaster. You must contact your KEMP Technologies representative for your 60-day evaluation or your full purchased license key. Balancer: A network device or logic that distributes inbound connections with a common source address across a farm of server machines.

  • Page 9: Overview Of The Loadmaster

    Scalability of server machines – can be achieved by simply adding server machines to the farm as demand for services increases. Upfront investments in server capacity, which may go unused, can be avoided. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 10: Considerations In Getting Started

    Do I wish to integrate the LoadMaster into my current SNMP environment? [See section J of this guide] Which forms of real server health checking will best suite my application? [See section K of this guide] Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 11: A Simple Balancer Configuration

    Do I require remote access to the CLI? [See section E of the Installation and Configuration Guide] Do I wish to allow my balancer to be accessed by KEMP Technologies for maintenance purposes? [See section E of the Installation and Configuration Guide] 3.

  • Page 12: Loadmaster Load Balancer Features

    5. A performance benchmark report is available from KEMP Technologies. Scheduling and L4 / L7 Persistency Four static load-balancing methods Agent based automatic adaptive balancing with real server API Connection persistency based on: - Source IP address Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 13 SNMP support for event traps SNMP for performance metrics Miscellaneous Support of Time Zones Change password function for administrative login “bal” Password recovery mechanism for login “bal” Multi-language keyboard support Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 14: Loadmaster Network Topologies

    The server farm(s) may make use of non-routable IP addresses S-NAT may be useful in such a configuration Clients may be on the same logical network as the LoadMaster Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 15: Direct Server Return - Dsr Example

    1 – incoming request intercepted by LoadMaster 2 – routed to Test Server 1 3 – response from Test Server 1 4 – Response goes directly to Client without LoadMaster Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 16: Miscellaneous Networking Issues

    The real servers can thus use the Internet as if directly connected but with the extra security protection that they cannot be addressed directly from the Internet. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 17: Default Gateway And Routes

    Only static routes can be set up on the LoadMaster (see the Installation and Configuration Guide in this handbook). The balancer does not currently support external routing protocols. Figure A. Figure B. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 18: Single/Dual Unit Configurations

    In the unlikely event that a LoadMaster should fail, the standby machine will become active and take over the task of balancing. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 19: Balancing Methods

    However, if the servers have different capacities, the use of the round robin system can mean that a less powerful server receives the next inquiry even though it has not yet been able to process the current one. This could cause a weaker server to become overloaded. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 20: Weighted Round Robin

    If the load rises above the limit the balancer switches back to the adaptive method. (See also section O.1: API for Agent Based Adaptive Balancing) Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 21: Layer 4 Persistency

    2. URL Based Persistency Using this method, the LoadMaster will direct requests for the same URL to the same real server as long as the persistency duration is valid. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 22: Url Host Based Persistency

    SSL session will be directed to the same real server as the original HTTP service. Note: This only works correctly if both services have the same set of real servers. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 23: Ssl Acceleration

    A postfix string: The rule will match if the end of the URL matches the given string. I.e. If a rule has the value “.gif”, then all requests for “XXX.gif” will be matched by the rule. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 24: Special Characters

    The host part of a HTTP/1.1 URI can be prepended to the request URL before any matching is attempted. This means that the complete string between the protocol definition and the end of the URL is used for the matching. http://www.a-host.com/content/example/request.cgi?value=”hello” Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 25: Health Checking

    It sends a TCP SYN packet to the server on the service port. The server passes the check if it responds with a TCP SYN ACK in the response time interval. In Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 26 If the server fails to respond within the configured response time for the configured number of times or if it responds with a different status code, it is assumed dead. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 27: Snmp Support

    .1.3.6.1.4.1.12196.12.2.1.12 RSConns OBJECT-TYPE -- FROM IPVS-MIB SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "the total number of connections for this RS" ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 28: Loadmaster Event Traps Via Snmp

    Introduction to Version 3 of the Internet-standard Network Management Framework RFC 2571 An Architecture for Describing SNMP Management Frameworks RFC 2572 Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 29: Loadmaster Software Upgrades

    1. Online Upgrades The LoadMaster provides the ability to perform online software updates and upgrades. Patches will be made available by KEMP Technologies, these patches should be installed on a machine which supports an FTP, a HTTP or an SSH daemon.

  • Page 30: How To Get A License

    ‘bal’ (password ‘1fourall’), and your Access Code will be displayed on the screen. 2. If not already provided contact your KEMP Technologies Representative to obtain evaluation license. Be sure to provide the Access Code (or codes if HA), so the evaluation license can be “mapped” to the unit(s).

  • Page 31: Upgrading The Evaluation License To A Full Single Or Ha License

    ‘bal’ (password ‘1fourall’), and your Access Code will be displayed on the screen. 3. If not already provided contact your KEMP Technologies Representative to obtain evaluation license. Be sure to provide the Access Code (or codes if HA), so the evaluation license can be “mapped” to the unit(s).

  • Page 32: Interoperability Between L4 / L7 Virtual Services

    The following is an example script to determine and present the load information on a LINUX server: Here is an example of a C program to determine and present the load information on a MS Windows NT or 2000 server: Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 33: Http Server Configuration For Cookie Support

    Modify the counter paths for Windows 2000 dependent on the installed language. 2. Http Server Configuration for Cookie Support This short example shows how a cookie may be set on a real server. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 34: Mib-Tree

    Using a null modem cable connect a PC using terminal emulation software from its COM+ port to the LoadMaster COM port (COM+ settings should 115200,8,N,1). After boot, a login prompt appears; login as ‘bal’ (password ‘1fourall’), and your Access Code will be displayed on the screen. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 35: The Loadmaster Appliance

    During Quick Setup, you will be given the opportunity to change this setting to correctly reflect the actual keyboard layout being used. Hint: You must have a service agreement or an evaluation window with KEMP Technologies to receive the Access Code of the LoadMaster.

  • Page 36: Initial Setup Of A Loadmaster High Availability (Ha) Cluster

    During Quick Setup, you will be given the opportunity to change this setting to correctly reflect the actual keyboard layout being used. Hint: You must have a service agreement or an evaluation window with KEMP Technologies to receive the Access Code of the LoadMaster.

  • Page 37: Quick Setup

    The user will now be asked to input the IP address of the eth1 (FARM side) Ethernet interface. When running in a Single-Armed configuration, this entry should be left empty. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 38: Main Menu

    IP interfaces, changing the local password and performing a backup/restore should be performed, all other configuration parameters should only be changed on the active machine. From the main menu, the following options are available. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 39: Quick Setup

    Note: The default keyboard mapping is US/ASCII. Changes to keyboard mappings do not have any affect during an SSL session. Only after reconnection will the keyboard mappings be activated. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 40: Backup/Restore

    If the LoadMaster is supplied with extra optional Ethernet interfaces, these interfaces can only be configured using this menu. In this case, the on-board interfaces are no longer eth0 and eth1 but the highest numbered Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 41: Hostname Configuration

    When S-NAT is disabled, the LoadMaster will not perform “masquerading” and so the real servers cannot access the Internet through the LoadMaster. In Single-Armed configurations, S-NAT does not provide any extra functionality. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 42: Syslogd Configuration

    Note: SNMP traps are disabled by default. Configure SNMP Trap Sink1 This option allows the user to specify a list of hosts to which a SNMPv1 trap will be sent when a trap is generated. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 43: Enable/Disable L7 Persistency State Failover

    The Access Control list is only enabled when the packet filter is enabled. By default the Access Control List is disabled. This means that all source IP addresses are accepted by the LoadMaster. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 44: Utilities

    The default method is “ftp”. Use ftp protocol Using this option, the Internet standard “ftp” protocol is used. Most servers support this protocol. Use scp protocol Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 45: Network Time Protocol Host

    If the LoadMaster is being used in a HA configuration and the real addresses of either partner is changed, it can cause both LoadMasters to no longer communicate with each other. This option allows the changing of the partners IP address so that communication can be restored. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 46: Reboot

    ________________________________________________________________________ Default Gateway (IP Address) ________________________________________________________________________ 2. Highly Available dual LoadMaster Balancer Solution Machine 1 Machine 2 Network side: eth0 IP Address ________________________________________________________________________ Netmask ________________________________________________________________________ Shared IP address ________________________________________________________________________ Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 47: Command Line Interface

    At the top level the following commands may be specified. 1.1. Adaptive This command switches the input to the adaptive parameters command set. 1.2. Delete <name|VIP> This command will delete the specified VIP. 1.3. Disable_rs <IPspec> Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 48: Adaptive Scheduling Command Level

    If the mean load of the server falls below this threshold, the virtual service will be considered "idle" and the weights will return gradually to their "static" values. 2.3. Port <PortSpec> Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 49: Health Check Command Level

    Lists the commands that are available at the health check command level. 3.6. End Terminate the CLI session. Any changes since entering the health check command level will be ignored. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 50: Rule Edit Command Level

    URL does NOT match the value of the rule. 5.3. [no] prefix This specifies that the value of the rule should be matched at the start of the received URL. 5.4. [no] postfix Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 51: Virtual Service (Vip) Command Level

    This command adds the Real Server as specified by the <IPspec> to the Virtual Service. It also switches the input into the Real Server command level. Upon return from the Real Server command level, further Real Servers can be added to the Virtual Service. 6.3. Address <IPspec> Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 52 UDP protocol. A dummy zero length UDP packet is sent to the port. icmp An ICMP ping is sent to the Real Server. 6.12. [no] Persist <Persist type> Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 53 This command enters the Real Server command level for the specified Real Server. The Real Server must already be assigned to the Virtual Service. 6.19. Show Displays all the parameters of the current Virtual Service. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 54 Specifies which port on the Real Server should be used. If no port is specified, then the port from the Virtual Service will be used. 7.7. Show Display the parameters for the current Real Server. 7.8. Weight <integer> Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 55 Terminate the CLI session. No changes made in the VIP and Real Server command levels will be saved. 7.11. Exit Return to the Virtual Service command level. No changes will be saved until the editing of the current Virtual Service has been completed. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 56: Web User Interface (Wui) Configuration Guide

    Access Code: An Access Code will be generated during the initial setup of the Load Master. You must contact your KEMP Technologies representative for your 60-day evaluation or your full purchased license key. Balancer: A network device or logic that distributes inbound connections with a common source address across a farm of server machines.

  • Page 57: Fast Track

    “Add Virtual Service” button. This brings up the virtual service parameters page and it is here that you enter the virtual IP (VIP) address of your virtual service, its port and the protocol. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 58 In this example, we are not concerned with most of these values and will create a virtual service with no persistence, no content switching and Round Robin as the scheduling method, which are the default settings so nothing needs to be altered. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 59 “Add New...” button in the real server table. Here we specify the IP address of the real server we wish to add, the port and forwarding method it is to use and its relative weight. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 60: Create A Virtual Service With Content Rules

    WUI is found under the “Global Settings” tab. Clicking on this tab brings up the “Content Rule Management” section as default. This section consists of a summary list of content rules, if they exist. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 61 “jpg”, so we will perform content switching on requests for JPEG graphics. Click “Commit” to finish and return to the “Content Rule Management” page, where the rule just created should be listed. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 62 Repeat the rule assignment process for all real servers - those that do not require a specific rule must be assigned the “default” rule otherwise they will effectively be useless, and depicted as “Down”. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 63: Create An Ssl Accelerated Virtual Service

    Then enter the filename of the certificate and the private key, and click "Get File" to install them. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 64: Full Menu Tree

    The Balancer menu consists of navigation tabs on the upper side of the screen: Two of these tabs each have a submenu. These two tabs are ‘System Properties’ and ‘Global Settings’: Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 65: Home

    If persistence is enabled it means that a client connection to a particular real server via the balancer is persistent, in other words the same client will subsequently connect to the same real server. The timeout value determines for how long this particular connection is remembered. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.
  • Page 66 Port following can only be switched on if the current service is an HTTPS service, and if there exists a HTTP service with the same IP address as this HTTPS service. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 67: Real Server Assignment

    65535, the minimum is 1. It is a good benchmark to give a real server a weight relative to its processor speed, i.e. if server1 seems to bring four times the power of server2, assign a weight of 4000 to server1 and weight of 1000 to server2. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 68: Add Rule

    For further information on Health Checking please refer to chapter Kin the Installation Guide. 3.2.1. Check Interval With this field you can specify the number of seconds that will pass between consecutive checks. The recommended value is 7 seconds. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 69: Re-Try Count

    This section displays the current online status of real servers, and enables a real server to be disconnected or shut down cleanly. Each real server has a corresponding button, and pressing this button will take an online server offline, and vice-versa. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 70: Balancer Metrics

    Using this toggle option the Packet filter can be activated/deactivated. If the filter is not activated, the Load Master acts as a simple IP-forwarder. When the filter is activated, only the Virtual Service addresses can be addressed. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

  • Page 71: Reject/Drop Blocked Packets

    With this option, the time it takes a HA cluster to detect a failure can be adjusted. A multiplier between and 1 and 5 can be set. The default value is 1. A lower value will detect failures sooner, while a higher value gives better protection against a DOS attack. Copyright © 2000 - 2005 KEMP Technologies, Inc. All Rights Reserved.

This manual is also suitable for:

Loadmaster 2500

Table of Contents