1、1BIG-IP Global Traffic Manager廣域網流量管理與廣域網流量管理與優優化方案化方案2應應用全球部署以后的挑用全球部署以后的挑戰戰異地容災、故障切換客戶感受：易于使用、最佳訪問效果應用的協同多數據中心資源的充分利用擴展性可管理性3容災方案：宕機的代價是沉重的容災方案：宕機的代價是沉重的“47% of the businesses cited that disaster recovery was a prime target for IT Spending” Network Computing Survivors Guide to 2006 survey 33% of b

2、usinesses did not have Disaster Recovery plans in place 16% of businesses lost between $100-$500K/day 26% of businesses dont know how much they lostSource: AT&T and IAEM report4傳統傳統的的應應用容災方案的切用容災方案的切換換機制機制手動修改客戶端訪問目的地址手動修改DNS解析記錄方式應用層重定向都是需要人工介入！都是需要人工介入！5指望人工指望人工進進行容災切行容災切換換是靠不住的是靠不住的Error ProneSlo

3、w to ImplementCostlyLabor Intensive網網絡絡管理管理員員6“ “Microsofts websites were offline for up to 23 hours - the most dramatic snafu to date on the Internet - because of DNS equipment misconfiguration affecting more than 72 million users.”“ “We screwed up. This is the worst day of my professional life “ N

4、etwork Administrator at Microsoft錯誤錯誤修改修改DNS記錄記錄的后果是極其的后果是極其嚴嚴重的重的7客客戶戶感受感受易于使用最快響應速度UNIXWINSInternal DNS Servers8跨跨ISP訪問：南北電信互訪問題訪問：南北電信互訪問題測試項目測試項目網通北京網通北京ADSL用戶訪用戶訪問問 12月月2日凌晨日凌晨1時時廣東電信用戶訪問，廣東電信用戶訪問，寬帶用戶，帶寬寬帶用戶，帶寬未知，未知，12月月2日日 16:30網通北京網通北京ADSL用戶用戶訪問，訪問，12月月2日日16:00上海上海ADSL寬帶用寬帶用戶訪問，戶訪問，12月月2日日 2

5、0:00DNS Result202.xxx.xxx.209219.xxx.xxx.11202.xxx.xxx.209219.xxx.xxx.11網通網通電信電信網通網通電信電信網通網通電信電信網通網通電信電信Number of hits:726947652471935Requests per Second71.270.870.780.320.58Socket Connects737057753482036Total Bytes Sent (in KB)14.1913.470.9614.9613.6112.233.877.03Bytes Sent Rate (in KB/s

6、)00.060.12Total Bytes Recv (in KB)4148.244001.90256.584388.543019.942703.2621.7339.83Bytes Recv Rate (in KB/s)69.1266.684.2873.1250.3245.050.360.669多多應應用在多數據中心中的用在多數據中心中的協協同同問題問題Clinical records down in Dallas data center!Clinical Record ServicesEmployeeInformation ServicesPer

7、sonalInformation ServicesService Oriented Architecture10特性：特性：應應用智能、可管理性與高性能用智能、可管理性與高性能SOA Application ManagementZoneRunner - Eliminate DNS ErrorsBIG-IP Global Traffic Manager(GTM)Advanced application and component monitoringiRules - Flexibility to define distribution policiesIPv6 AAAA record suppo

8、rtLeading DNS performance (TMOS極大提升全球交付極大提升全球交付應應用的用的可用性與可靠性可用性與可靠性11主要功能與主要功能與優勢優勢支持應用在多個數據中心間進行透明交付確保全球業務的連續性和應用的可用性靈活的負載均衡算法，能夠根據任何一項業務政策（包括地理信息、負載情況、網絡就近性等），并通過為直接用戶交付全球流量控制，來增強靈活性。引導用戶進入全球最佳站點，能夠顯著改進性能并提高客戶的體驗。集中管理與監控，實現從單一地點提供全面的應用和數據中心狀態信息，降低管理開銷通過充分利用備份數據中心，以提高全球網絡的效率、可擴展性以及投資回報。能夠實現復雜任務的自動化

9、流程，從而降低維護和管理開銷。12廣州數據中心上海數據中心User查詢Local DNSF5 BIG-IP GTM-廣域網流量管理與優化方案BIG-IPServer farmWebmaster北京數據中心RouterBIG-IPInternetInternetGTM13GTM 基本工作機制基本工作機制GTM is a Wide Area load balancer using DNS as the Traffic Management mechanism.BIND is version 9.3.1BIND zone file UI is now ZoneRunnerWideIP records

10、 are written to the appropriate zone filesGTM gets BIG-IP style monitors and pools.Big3ds are used to communicate availability between GTM and BIG-IP systems.Big3ds communicate via iQuery over SSL, and utilize gzip to compress messagingBig3dshim daemon facilitates communication between 9.x (big3d) a

11、nd 4.x 3-DNS.14GTM決策過程決策過程When a DNS request is received by the GTM listener, tmm and gtmd go through the following decision making process before any IP address is returned:TMM checks to see if there is a WideIP that matches the requestIf there is match gtmd handles the request.If there is no match

12、 the request is passed down to BIND.If a WideIP matches the request, gtmd checks its persistence table for a persistence record.If a match exists then gtmd will give out the record in the persistence table.If not then GTM determines what pool to send the traffic to based upon the WideIP LB method, a

13、nd the availability of each pool.GTM returns A records only (AAAA and A6 records included)Once the request reaches the pool level, the pool must make a load-balancing decision based upon its LB configuration and the availability of the pool members.15GTM LB MechanismGTMs 采用分層的負載均衡機制采用分層的負載均衡機制A Wide

14、IP load balances between its pools.A pool load balances between pool members. In the context of GTM a pool member is a Virtual Server. A virtual server is a sub component of a Server Object.Thus you must configure Topology accordingly: 1st pass: pick a pool 2nd pass: within a pool to select a pool m

15、ember16廣域網廣域網訪問訪問流量流量優優化化17歐洲用戶歐洲用戶美洲美洲用戶用戶GTM德國德國 Data Center美國美國Data Center= 集成的性能結構集成的性能結構商業標準商業標準控制全球用戶訪問在多個數據中心之間的流量分配地址位置就近訪問地址位置就近訪問Topology亞洲亞洲用戶用戶新加坡新加坡Data Center18Topology 舉例舉例來自北美（North America）的訪問請求導向到北美的兩個數據中心（ NA ）來自北美（ Europe ）的訪問請求導向到北美的兩個數據中心（ London ）來自其它地方的訪問請求導向到北美的兩個數據中心（ Tokyo

16、 ）19Topology舉例舉例(cont.)From topology.inctopology / 6 Items/ server ldns score dc.London continent.Europe 250 pool.nor_am_web continent.North America 250 pool.nor_am_web /0 25 dc.Tokyo continent.Asia 250 dc.Tokyo continent.Australia 250 pool.nor_am_web continent.South America 25020Topology exa

17、mple (cont.)From the GUI2122網絡就近性動態探測網絡就近性動態探測23GTM支持的負載均衡算法支持的負載均衡算法循環全球可用性LDNS持續性應用可用性地理分布虛擬服務器容量最少連接Pkt/sec（數據包/每秒）KB/sec（千字節/每秒）往返時間中繼段（hop）數據包完整率用戶定義服務質量（QoS）動態比率LDNS循環比率隨機24組合的負載均衡算法組合的負載均衡算法The Below pool contains a Virtual Server on a BIG-IP, and a Virtual Server from a Generic Host:pool nam

18、e bigip_and_host ttl 30 preferred ga alternate ratio member 00:80 ratio 2 member 05:80Pool Name: bigip_and_hostttl:30 secondsPreferred LB:Global AvailabilityAlernate LB:ratioFallback LB:Return to DNS (default)Fallback IP:none25GTM WideIP PersistenceThere are two types of pers

19、istence:Static Persist: A Static LB mode.WideIP Persistence: Applied on each WideIP object as a drop-down configuration option.WideIP persistence works in the following way:first time through a pool member is picked (LB) and put into the persistence table (and syncd to all other listening GTMs)secon

20、d time through if the persistent pool member is still available (green) then that pool member is returned and the timestamp updated on the persistence entry (and we sync that too)if the pool member is not available (!green) then the persistence entry is tossed and a new one created once LB is comple

21、te.If there are no requests for a persistence entry it is removed from the table once that entry has expired.Persistence records are synchronized between GTM synchronization peersPersistence records can be viewed in the UI:Navigate: Statistics-Global Traffic-Persistence RecordsStatic Persist LB meth

22、od is discussed in a previous slide.26自自動動容災切容災切換換RouterL-DNSBIG-IP GTMBIG-IP LTMCorporate ServersSite 1 (Primary)ClientRouterBIG-IP LTMCorporate ServersSite 2 (Back up)BIG-IP GTM27GTM服務器可用性檢查（服務器可用性檢查（Monitors）GTM inherits its monitors from LTM.An administrator can create the same monitors that are

23、 available in LTM to monitor GTM objects.Monitors can be applied on: Servers Virtual Servers Pools (and pool members)28服務器可用性檢查服務器可用性檢查ApplicationDeviceFTPHTTPDB.DHTTPS Siebel AppOracle DB內容內容 / 文件檢文件檢查查 Data CenterIntranet App: q Siebel in 紐約紐約q HTTP Serverq DB Serverq Siebel Appq Oracle DBq Siebel

24、 content verification可用性可用性解決方案: web服務穿過特定區域、設備，使應用得到一個統一服務檢測的批量可用性好處:可探測到任意標準的web服務套件的失敗29多應用協同Distributed Applicationsdistributed application是一個要使用到多個一個要使用到多個域名（域名（wideip）的應用，這些域名分布在不）的應用，這些域名分布在不同的服務器上，由這組服務器協同工作構成同的服務器上，由這組服務器協同工作構成一個完整的應用一個完整的應用. Distributed Applications 將多個將多個Wideip當當作一個對象來進行管

25、理，可以同時作一個對象來進行管理，可以同時Enable或或Disable.30Distributed Application ManagementManage multiple services as part of a collective application31BenefitsLower complexity, ease management Reduced management overhead Cost savings from reduced staff Eliminate cost of downtime BIG-IP Global Traffic ManagerSolutio

26、n - Data Center AData Center BNewCar AppOne step failoverManage Service DependenciesChallengeHundreds of applicationsManual failover is slow, error proneMulti-step failover to shut down each application serviceNo instantaneous failover32Distributed ApplicationsExample 1: Data Center Dependency當構成當構成

27、Distributed Application的的Wideip中有任何一個，中有任何一個，其對應的其對應的virtual server都不同用的話，對這個都不同用的話，對這個Distributed Application來說，這個來說，這個virtual server所屬的數據中心就是所屬的數據中心就是不可用的。不可用的。但其它不屬于這個但其它不屬于這個Distributed Application的訪問請求，的訪問請求，仍然可以被分發到這個數據中心的。仍然可以被分發到這個數據中心的。Example 2: Server Dependency當構成當構成Distributed Applicati

28、on的的Wideip中有任何一個，中有任何一個，其對應的其對應的virtual server都不同用的話，對這個都不同用的話，對這個Distributed Application來說，這個來說，這個virtual server所屬的服務器就是不所屬的服務器就是不可用的。可用的。但其它不屬于這個但其它不屬于這個Distributed Application的訪問請求，的訪問請求，仍然可以被分發到這個服務器上來。仍然可以被分發到這個服務器上來。33ZoneRunner減少減少DNS配置配置錯誤錯誤Easy DNS managementAuto population of protocolsVali

29、dation/error checking Rollback to the last transactionImportation of zones Automatic reverse lookupsZoneRunner Only integrated DNS Management Utility34成功案例成功案例-TOM.COM CDNSite沈陽Site西安Site成都Site長沙Site廣州Site杭州Site北京Site 教育網Site 中國移動100 M FE1000 M GESwitchRouterF5 3DNSF5 bigip 2400Netapp 6200Netapp 210035成功案例成功案例 - ChinaCacheChinaCache中國最大的中國最大的CDN服務提供商服務提供商Solution requi