Field
|
Description
|
IP Address
|
Enter a new Virtual IP address to be the target entry point for accessing the Real Server. This IP is where users or applications will point to access the load-balanced application.
|
Subnet Mask/Prefix
|
This field is for the subnet mask relevant to the network on which the ADC sits
|
Port
|
The entry port used when accessing the VIP. This value does not necessarily need to be the same as the Real Server if you use Reverse Proxy.
|
Service Name
|
The service name is a textual representation of the VIP’s purpose. It is optional, but we recommend you provide this for clarity.
|
Service Type
|
There are many different Service Types available for you to select. Layer 4 service types cannot use flightPATH technology.
|
Field
|
Description
|
Activity
|
The Activity field can be used to show and change the status of the load-balanced real server.
Online – Denotes that the server is active and receiving load-balanced requests
Offline – The server is offline and is not receiving requests
Drain – The server has been placed in drain mode so that persistence can flush and the server moved to an offline state without affecting users.
Standby – The server has been placed in a standby state
|
IP Address
|
This value is the IP address of the Real Server. It must be accurate and should not be a DHCP address.
|
Port
|
The target Port of access on the Real Server. When using a reverse proxy, this can be different from the entry Port specified on the VIP.
|
Weighting
|
This setting usually is automatically configured by the ADC. You can change this if you wish to change the priority weighting.
|
Option
|
Description
|
Cluster
|
Cluster is the default role for the ADC at installation, and the Primary/Mode column will indicate the mode it is currently running in. When you have an HA pair of ADC appliances in your datacentre, one of them will show Active and the other Passive
|
Manual
|
The Manual role allows the ADC pair to run in Active-Active mode for different Virtual IP addresses. In such cases, the Primary column will contain a box next to each unique Virtual IP that is tickable for Active or left un-ticked for Passive.
|
Stand-Alone
|
The ADC is acting as a stand-alone device and is not in High Availability mode. As such, the Primary column will state Stand-alone.
|
LED
|
Meaning
|
l
|
Online
|
l
|
Failover-Standby. This virtual service is hot-standby
|
l
|
Indicates a "secondary" is holding off for a "primary."
|
l
|
Service Needs attention. This indication may result from a Real Server failing a health monitor check or has been changed manually to Offline. Traffic will continue to flow but with reduced Real Server capacity
|
l
|
Offline. Content servers are unreachable, or no content servers enabled
|
l
|
Finding status
|
l
|
Not licensed or licensed Virtual IPs exceeded
|
Service Type
|
Port/Protocol
|
Service Layer
|
Comment
|
Layer 4 TCP
|
Any TCP port
|
Layer 4
|
The ADC will not alter any information in the data stream and will perform standard load balancing the traffic according to the load balancing policy
|
Layer 4 UDP
|
Any UDP port
|
Layer 4
|
As with Layer 4 TCP, the ADC will not alter any information in the data stream and will perform standard load balancing the traffic according to the load balancing policy
|
Layer 4 TCP/UDP
|
Any TCP or UDP port
|
Layer 4
|
It is ideal if your service has a primary protocol such as UDP but will fall back to TCP. The ADC will not alter any information in the data stream and will perform standard load balancing the traffic according to the load balancing policy
|
DNS
|
TCP/UDP
|
Layer 4
|
Used to load balance DNS servers.
|
HTTP
|
HTTP or HTTPS protocol
|
Layer 7
|
The ADC can interact, manipulate and modify the data stream using flightPATH.
|
FTP
|
File Transfer Protocol Protocol
|
Layer 7
|
Using separate control and data connections between client and server
|
SMTP
|
Simple Mail Transfer Protocol
|
Layer 4
|
Use when load balancing mail servers
|
POP3
|
Post Office Protocol
|
Layer 4
|
Use when load balancing mail servers
|
IMAP
|
Internet Message Access Protocol
|
Layer 4
|
Use when load balancing mail servers
|
RDP
|
Remote Desktop Protocol
|
Layer 4
|
Use when load balancing Terminal Services servers
|
RPC
|
Remote Procedure Call
|
Layer 4
|
Use when load balancing systems using RPC calls
|
RPC/ADS
|
Exchange 2010 Static RPC for Address Book Service
|
Layer 4
|
Use when load balancing Exchange servers
|
RPC/CA/PF
|
Exchange 2010 Static RPC for Client Access & Public Folders
|
Layer 4
|
Use when load balancing Exchange servers
|
DICOM
|
Digital Imaging and Communications in Medicine
|
Layer 4
|
Use when load balancing servers using DICOM protocols
|
LED
|
Meaning
|
l
|
Connected
|
£
|
Not Monitored
|
l
|
Draining
|
l
|
Offline
|
l
|
Standby
|
l
|
Not Connected
|
l
|
Finding Status
|
l
|
Not licensed or licensed Real Servers exceeded
|
Option
|
Description
|
Online
|
All Real Servers assigned Online will receive traffic according to the load balancing policy set within the Basic tab.
|
Drain
|
All Real Servers assigned as Drain will continue to serve existing connections but will not accept any new connections. The Status light will flash green/blue while the drain is in process. Once the existing connections have closed naturally, the Real Servers will go offline, and the Status light will be solid blue. You can also view these connections by navigating to the Navigation > Monitor > Status section.
|
Offline
|
All Real Servers set as Offline will immediately be taken offline and will not receive any traffic.
|
Standby
|
All Real Servers set as Standby will remain offline until ALL the Online group servers fail their Server Health Monitor checks. Traffic is received by the Standby group as per the load balancing policy when this happens. If one server in the Online group passes the Server Health Monitor check, this Online server will receive all the traffic, and the Standby group will stop receiving traffic.
|
Option
|
Description
|
Fastest
|
The Fastest load balancing policy automatically calculates the response time for all requests per server smoothed over time. The Calculated Weight column contains the automatically calculated value. Manual entry is only possible when using this load balancing policy.
|
Round Robin
|
Round Robin is commonly used in firewalls and basic load balancers and is the simplest method. Each Real Server receives a new request in sequence. This method is only proper when you need to load balance requests to servers evenly; an example would be look-up web servers. However, when you need to load balance based on application load or the server load, or even ensure that you use the same server for the session, the Round Robin method is inappropriate.
|
Least Connections
|
The load balancer will keep track of the number of current connections to each Real Server. The Real Server with the least amount of connections receives the subsequent new request.
|
IP Bound
Layer 3 Session Affinity/Persistence
|
In this mode, the client's IP address forms the basis to select which Real Server will receive the request. This action provides persistence. HTTP and Layer 4 protocols can use this mode. This method is helpful for internal networks where the network topology is known, and you can be confident that there are no "super proxies" upstream. With Layer 4 and proxies, all the requests can look as if they are coming from one client, and as such, the load would not be even. With HTTP, the header (X-Forwarder—For) information is used when present to cope with proxies.
|
IP List Based
Layer 3 Session Affinity/Persistence
|
The connection to the Real Server initiates using "Least connections" then, session affinity is achieved based on the client's IP address. A list is maintained for 2 hours by default, but this can be changed using a jetPACK.
|
Session Cookie
Layer 7 Session Affinity/Persistence
|
This mode is the most popular persistence method for HTTP load balancing. In this mode, the ADC uses IP list-based load balancing for each first request. It inserts a cookie into the headers of the first HTTP response. After that, the ADC uses the client cookie to route traffic to the same back-end server. This cookie is used for persistence when the client needs to go to the same back-end server each time. The cookie expires once the session is closed.
|
Persistent Cookie
Layer 7 Session Affinity/Persistence
|
The IP list-based load balancing mode is used for each first request. The ADC inserts a cookie into the headers of the first HTTP response. After that, the ADC uses the client cookie to route traffic to the same back-end server. This cookie is used for persistence when the client must go to the same back-end server each time. The cookie will expire after 2 hours, and the connection will be load balanced according to an IP List Based algorithm. This expiry time is configurable using a jetPACK.
|
Session Cookie - Classic ASP Session Cookie
|
Active Server Pages (ASP) is a Microsoft server-side technology. With this option selected, the ADC will maintain session persistence to the same server if an ASP cookie is detected and found in its known cookies list. On detection of a new ASP cookie, it will be load balanced using the Least Connections algorithm.
|
Session Cookie - ASP.NET Session Cookie
|
This mode applies to ASP.net. With this mode selected, the ADC will maintain session persistence to the same server if an ASP.NET cookie is detected and found in its list of known cookies. On detection of a new ASP cookie, it will be load balanced using the Least Connections algorithm.
|
Session Cookie - JSP Session Cookie
|
Java Server Pages (JSP) is an Oracle server-side technology. With this mode selected, the ADC will maintain session persistence to the same server if a JSP cookie is detected and found in its known cookies list. On detection of a new JSP cookie, it will be load balanced using the Least Connections algorithm.
|
Session Cookie - JAX-WS Session Cookie
|
Java web services (JAX-WS) is an Oracle server-side technology. With this mode selected, the ADC will maintain session persistence to the same server if a JAX-WS cookie is detected and found in its list of known cookies. On detection of a new JAX-WS cookie, it will load balanced using the Least Connections algorithm.
|
Session Cookie - PHP Session Cookie
|
Personal Home Page (PHP) is an open-source server-side technology. With this mode selected, the ADC will maintain session persistence to the same server when a PHP cookie is detected.
|
Session Cookie - RDP Cookie Persistence
|
This load balancing method uses the Microsoft-created RDP Cookie based on username/domain to provide persistence to a server. The advantage of this method means maintaining a connection to a server is possible even if the IP address of the client changes.
|
Cookie-ID Based
|
A new method very much like "PhpCookieBased" and other load-balancing methods, but using CookieIDBased and cookie RegEx h=[^;]+
This method will use the value set in the Real Server’s notes field "ID=X;" as the cookie value to identify the server. This, therefore, means it is a similar methodology as CookieListBased but uses a different cookie name and stores a unique cookie value, not the scrambled IP, but the ID from the Real Server (read in at load-time.)
The Default value is CookieIDName="h"; however, if there is an override value in the virtual server’s advanced settings configuration, use this instead. NOTE: We overwrite the cookie expression above to replace h= with the new value if this value is set.
The last bit is that if an unknown cookie value arrives and matches one of the Real Server IDs, it should select that server; otherwise, use the next method (delegate.)
|
Shared IP List Based
|
This service type is only available when the Connectivity Mode is set to Gateway or Direct Server Return. It has been primarily added for support with VMware load balancing.
|
Option
|
Description
|
None
|
In this mode, the Real Server is not monitored and is always up and running correctly. The None setting is helpful for situations where monitoring upsets a server and for services that should not join in the fail-over action of the ADC. It is a route to host unreliable or legacy systems that are not primary to H/A operations. Use this monitoring method with any service type.
|
Ping/ICMP Echo
|
In this mode, the ADC sends an ICMP echo request to the IP of the content server. If a valid echo response is received, the ADC deems the Real Server up and running, and traffic throughput to the server continues. It will also keep the service available on a H/A pair. This monitoring method is usable with any service type.
|
TCP Connection
|
A TCP connection is made to the Real Server and immediately broken without sending any data in this mode. If the connection succeeds, the ADC deems the Real Server to be up and running. This monitoring method is usable with any service type, and UDP services are currently not appropriate for TCP Connection monitoring.
|
ICMP Unreachable
|
The ADC will send a UDP health check to the server and mark the Real Server as unavailable if it receives an ICMP port unreachable message. This method can be helpful when you need to check if a UDP service port is available on a server, such as DNS port 53.
|
RDP
|
In this mode, a TCP connection initializes as explained in the ICMP Unreachable method. After the connection initializes, a Layer 7 RDP connection is requested. If the link is confirmed, the ADC deems the Real Server to be up and running. This monitoring method is usable with any Microsoft terminal server.
|
200 OK
|
In this method, a TCP connection initializes to the Real Server. After the connection succeeds, the ADC sends the Real Server an HTTP request. An HTTP response is waited for and checked for the "200 OK" response code. The ADC deems the Real Server up and running if the "200 OK" response code is received. If the ADC does not receive a "200 OK" response code for any reason, including timeouts, failure to connect, and other reasons, the ADC marks the Real Server unavailable. This monitoring method is only valid for use with HTTP and accelerated HTTP service types. If a Layer 4 Service type is used for an HTTP server, it is useable if SSL is not in use on the Real Server or handled appropriately by the "Content SSL" facility.
|
DICOM
|
A TCP connection initializes to the Real Server in DICOM mode, and an Echoscu "Associate Request" is made to the Real Server on connection. A conversation that includes an "Associate Accept" from the content server, a transfer of a small amount of data followed by a "Release Request," then "Release Response" successfully concludes the monitor. If the monitor does not complete successfully, then the Real Server is regarded as down for any reason.
|
User Defined
|
Any monitor configured in the Real Server Monitoring section will appear in the list.
|
Option
|
Description
|
By Host
|
Caching per host is based on application per hostname. A separate Cache will exist for each domain/hostname. This mode is ideal for web servers that can serve multiple websites depending on the domain.
|
By Virtual Service
|
Caching per virtual service is available when you choose this option. Only one Cache will exist for all domain/hostnames that pass through the virtual service. This option is a specialist setting for use with multiple clones of a single site.
|
Option
|
Description
|
Off
|
Turn compression off for the Virtual Service
|
Compression
|
When selected, this option turns on the compression for the selected Virtual Service. The ADC dynamically compresses the data stream to the client upon request. This process only applies to objects that contain the content-encoding: gzip header. Example content includes HTML, CSS, or Javascript. You can also exclude certain content types using the Global Exclusions section.
|
Option
|
Description
|
No SSL
|
Traffic from the source to the ADC is not encrypted.
|
All
|
Loads all available certificates for use
|
Default
|
This option results in applying a locally created certificate called "Default" to the browser side of the channel. Use this option to test SSL when one hasn't been created or imported.
|
AnyUseCert
|
Use any certificate present on the ADC that the user has uploaded or generated
|
Option
|
Description
|
No SSL
|
Traffic from the ADC to the Real Server is not encrypted. The selection of a certificate on the browser side means "No SSL" can be chosen client-side to provide what is known as "SSL Offload."
|
Any
|
The ADC acts as a client and will accept any certificate the Real Server presents. Traffic from the ADC to the Real Server is encrypted when this option is selected. Use the "Any" option when a certificate is specified on the Virtual Service side, providing what is known as "SSL Bridging" or "SSL Re-Encryption."
|
SNI
|
The ADC acts as a client and will accept any certificate the Real Server presents. Traffic from the ADC to the Real Server is encrypted if this is selected. Use the "Any" option when a certificate is specified on the Virtual Service side, providing what is known as "SSL Bridging" or "SSL Re-Encryption." Choose this option to enable SNI on the server-side.
|
AnyUseCert
|
Any certificates that you have generated or imported into the ADC appear here.
|
Option
|
Description
|
Reverse Proxy
|
Reverse Proxy is the default value and works at Layer7 with compression and caching. And at Layer4 without caching or compression. In this mode, your ADC acts as a reverse proxy and becomes the source address seen by the Real Servers.
|
Direct Server Return
|
Direct Server Return or DSR as it's widely known (DR – Direct Routing in some circles) allows the server behind the load balancer to respond directly to the client bypassing the ADC on the response. DSR is only suitable for use with Layer 4 load balancing. Therefore, Caching and Compression are not available with this option chosen.
This mode can only be used with TCP, UDP, and TCP/UDP service types.
Layer 7 load balancing does not work with this DSR. Also, there is no persistence support other than IP List Based. SSL/TLS load balancing with this method is not ideal as Source IP persistence support is the only type available. DSR also requires Real Server changes to be done. Please refer to the Real Server Changes section.
|
Gateway
|
Gateway mode allows you to route all traffic through the ADC, allowing the Real Servers to be routed via the ADC to other networks via the ADC virtual machines or hardware interfaces. Using the device as a gateway device for Real Servers is ideal when running in multi-interface mode.
Layer 7 load balancing with this method does not work as there is no persistence support other than IP List Based. This method requires that the Real Server sets its default gateway to the ADC's local interface address (eth0, eth1, etc.). Please refer to the Real Server Changes section.
Please note that Gateway mode does not support failover in a cluster environment.
|