A Guide to Application Delivery Optimization and Server Load Balancing for the SMB Market

By Marc Goodman, www.wwpi.com

September 3, 2008

Web site reliability, flexible scalability, performance and ease of management are as essential to SMB Web site infrastructure as they are to a larger enterprise. Small and medium-sized businesses use their Web sites to reach customers and to share information among suppliers and employees. If the network goes down, staff time and revenues may be lost, which impacts a company’s productivity and bottom line. Choosing the appropriate application delivery controllers and server load balancing products is critical to ensuring efficient and effective Web site infrastructure to meet today’s needs.

A typical e-commerce Web site is connected to routers that pass traffic through firewalls, which pass traffic to application delivery controllers (the next generation server load balancers) that ultimately direct users to the appropriate servers. Network and application delivery optimization products distribute the traffic to many diverse servers that are often connected to database servers. If just one of these components in the process fails, the entire site can be taken down, a user request will be delayed, or a customer transaction will fail, which may take the IT staff’s attention away from business-as-usual tasks.

Application delivery solutions

Application delivery solutions were built to address the challenges associated with Web site infrastructure complexity, performance, scalability and security. ADCs distribute traffic load between two or more servers, routers, firewalls, and other networked resources, to optimize resource utilization and improve Web site performance and response time. Should one of the servers (or applications on that server) become inaccessible due to any type of failure, the ADC will take that server or application off-line, while automatically re-routing users to other functioning servers in an essentially seamless process to the user without any loss of connectivity and associated productivity.

Application delivery has three components: SSL acceleration, content caching and data compression.

  • SSL offload/acceleration—offload the SSL handshake and encryption/decryption processes from the servers to increase the servers’ performance.
  • Content caching—stores data on the ADC that is likely to be used again and is unlikely to change.
  • Data compression—squeezes the data into smaller packets, which are then combined into a larger packet for faster and more efficient transport.

What to look for in an application delivery controller

High Availability (Hot Standby)

Since all inbound traffic must pass through the ADC, should it fail, the server farm and the entire site will not be accessible. To address this, most vendors support redundant configurations sometimes referred to as HA (High Availability).

Layer 4 Load Balancing

ADCs provide for Weighting, which enables the administrator to assign a higher (or lower) "weight" to real servers, so as to provide better control over traffic distribution.

While Layer 4 load balancing methods are sufficient for low-end, low-volume Internet traffic, some sites require a much more granular approach to traffic distribution, which can be accomplished through Layer 7 content switching.

Layer 7 Content Switching

Content switching refers to the ability to distribute (or load balance) user requests to servers based on Layer 7 payload. Generally, this is done by examining page content (such as a URL) and "switching" the requests to the appropriate server or group of servers. A Layer 7-capable ADC can switch users based on cookie values, which achieves server persistence.

IP Persistence (Layer 4 Persistence)

"Persistence” (sometimes referred to as "Sticky" or server "Affinity") is best understood by looking at the example of the "shopping-cart." The shopping-cart is a logical repository for items that have been selected by a client while shopping at an online site. The items selected generally reside on the server to which the client first connected, and which served the client the content during the session. Persistence ensures that for a prescribed duration, users always return to the server where their data is located.

Layer 7 Persistence (e.g. Cookie Persistence)

Advanced Layer 7 ADCs offer the ability to inspect the data at the application layer. Cookie Persistence uses a browser cookie to uniquely identify users. Either the application or the ADC itself can serve cookies to users at the start of a session, and the user’s browser can automatically return the cookie during each successive hit. By tracking this cookie information, the ADC is able to accurately determine which server should receive the subsequent request.

SSL Acceleration

If your site contains "transactional" elements, chances are that all or some portion of your site uses SSL to encrypt and secure those transactions. It has become clear that the best place to offload SSL processing is at the ADC—not at the server.

Transparency

Some ADCs provide a feature called “Transparency”— which provides administrators with a way to preserve a client’s IP address in their server logs when the client address is masked.

HTTP Compression

HTTP compression reduces the amount of data to be transferred for HTTP objects by utilizing gzip compression available in all modern Web browsers. HTTP compression allows ADCs to compress the application payload within each packet to reduce network bandwidth consumption without degrading content quality, and improving the end users' overall experience.

HTTP Caching

ADCs with caching capabilities serve as proxy caches, storing selected data from origin servers to speed delivery to clients. Devices can return pre-compressed objects out of cache, rather than retrieving them from origin servers.

Intrusion Prevention

For enhanced security, an ADC with Intrusion Prevention System (IPS) provides in-line protection of bandwidth and servers and intrusion alerting by enabling real-time mitigation of attacks and isolation of servers.

Resource-based Load Balancing

Resource-based load balancing allows the use of a scripting language to provide custom load balancing methods, arbitrary traffic manipulations, and more.

Summary

For SMB and managed hosting providers, the complexity and dynamic nature of e-commerce are the major causes of poor site performance and unplanned downtime. SMBs and service providers are becoming increasingly aware of the need to protect these vital, yet vulnerable sites. However, acquiring more devices, more complexity and more single capability solutions is not the answer. Optimizing the delivery of applications between end users and diverse datacenter equipment, by providing ease of management, faster access to applications and content and security within a cohesive platform is required in order to keep a business functioning rather than being crippled by a loss productivity and ability to serve customers.