[c-nsp] Replacement for Cisco ACE load balancers
Phil Mayers
p.mayers at imperial.ac.uk
Mon Feb 4 13:10:19 EST 2013
On 04/02/13 17:56, Chris Marlatt wrote:
> The Foundry/Brocade ServerIron's/ADX line work's quite well in a L2 or
> L3 environment without NAT or being in-line. Enabling DSR (direct server
> return, in an L2 environment) means the LB doesn't have to be within the
> path of the normal switching/routing and their ADX line has support for
> true multi-10Gb throughputs. DSR also means you're not burning up the
Interesting. Is it particularly / prohibitively expensive? Several other
vendors hinted that a 10gig SLB device was "way out of proportion to our
needs" and "very expensive".
> "Application Throughput" limits of the device on other traffic patterns.
> Stability is stellar when it comes to these units, I've some of my
> ServerIron 4G's online for over 1,200 days (1,277 and counting) without
> blinking.
This is an excellent point. We run several services in DSR mode, which
the ACE obviously handles fine, and I'd encourage everyone that can do
this, on whatever platform, to do so.
However, DSR is fairly simplistic, and requires config on the server
(provision of the virtual IP) which often can be a pain, depending on
your platform and level of network/server team integration.
We also find that port rewriting, SSL termination and header/cookie
insertion are pretty common requirements, which pretty much means inline
(either on packet path, or source NAT to direct return traffic back to SLB).
> Each vendor has it's strengths and weaknesses and whereas I'm quite
> pleased with the Foundry/Brocade models the only area I would say they
> need work in a robust API interface to help automate changes. However
> they have made recent improvements in their multi-tendency support.
One thing I will note - the Cisco ACE management product (ANM) is... not
great, to put it politely. If GUI management is a concern, then factor
that in ;o)
More information about the cisco-nsp
mailing list