[c-nsp] Regular Expression Load Balancing

Gregori Parker grparker at netflix.com
Thu Mar 10 16:33:28 EST 2011


CSS (and its replacement: ACE) arent very extensible at layer 7, so F5 LTM
or Citrix Netscalers are your best bet for this.  On the F5, you would use
"iRules" (very TCL-like), and on Netscalers you would use content
switching policies.  I use both for exactly what you're trying to do and
would recommend the latter for reasons of scale and manageability...if
you're looking to implement your own protocol or something really fancy,
F5's iRules may give you additional mileage as a 1000-line iRule can be
quite difficult to replicate on the Netscalers.


On 3/10/11 12:35 PM, "Wil Schultz" <wschultz at bsdboy.com> wrote:

>I can't comment on the CSS for layer 7 routing, but we use the F5 LTM
>(BigIP) to do plenty of L7 manipulation via iRules.
>
>Depending on the load on the VIP and the horsepower of the load balancer
>you would do well to stay out of manipulation that has to do with any
>body content and use the HTTP headers exclusively, like cookie values,
>hostnames, etc.
>
>Good luck.
>
>-wil
>
>
>On Mar 10, 2011, at 10:48 AM, Sam Hall wrote:
>
>> Hi Guys
>> 
>> We have a couple of Cisco CSS11501's and are exploring the possibility
>>if they can load balance based on text found in packets i.e. "regular
>>expression"...
>> 
>> We need to migrate individual client's traffic one by one to a new
>>environment, this is a TCP 443 session that has no context path and
>>destination IP and port needs to stay the same, so L3-L5 redirection is
>>not possible.
>> 
>> Thought that there must be some L7 inspection that could find a key
>>word i.e. client name in the packet and direct that client to the new
>>environment?   We run apps that use the following:
>> 
>> 
>> *   xml
>> *   soap
>> *   iso8583
>> *   obs
>> *   apacs
>> 
>> Any ideas would be very helpful, if the CSS isn't up for the job, any
>>other load balancers suggestions would be welcome...
>> 
>> Thanks in advance
>> 
>> 
>> 
>> Sam Hall
>> Senior Network Engineer
>> 
>> direct +44 (0)1252 644 287
>> email sam.hall at the-logic-group.com<mailto:fsam.hall at the-logic-group.com>
>> 
>> Follow us on our Twitter account<http://twitter.com/thelogicgroup> for
>>all the latest developments at The Logic Group.
>> 
>> 
>> 
>>[http://www.the-logic-group.com/CP/UploadedImages/75bd388c-1f27-41f4-8f68
>>-adf034d0b2ea.jpg]
>><http://www.the-logic-group.com/CP/UploadedImages/75bd388c-1f27-41f4-8f68
>>-adf034d0b2ea.jpg>
>> 
>> 
>> The Logic Group Enterprises Limited, Logic House, Waterfront Business
>>Park, Fleet Road, Fleet,
>> Hampshire, GU51 3SB, United Kingdom. Registered in England. Registered
>>No. 2609323
>> 
>> 
>> The information in this email and any attachments are confidential and
>>may be legally privileged and protected by law. It is for the intended
>>recipient only. If you are not the intended recipient you may not use,
>>disclose, copy, distribute, print or rely on the content of this email
>>or its attachments. If this email has been received by you in error
>>please advise the sender and delete the email from your system.
>> 
>> 
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>




More information about the cisco-nsp mailing list