Layer 4 switching could relieve saturated servers

End-to-end performance and service quality require carefully balancing the capacity of all networked elements to ensure a smooth flow of data between clients and servers.

Layer 2 and Layer 3 switching products have done well in addressing important bandwidth and capacity issues in the LAN and internetwork, but more may be needed. That's where a new technology, Layer 4 switching, could come into play.

Layer 4 switching is the latest approach to extending the performance and traffic management capabilities of Layer 2 and Layer 3 switches to servers and applications.

Layer 4 switching uses information in the Layer 3 and Layer 4 packet headers - such as TCP/User Datagram Protocol (UDP) port numbers, the "SYN/FIN" bits that mark the start and end of application sessions and IP source/destination addresses - to identify traffic sessions by application. Armed with this information, Layer 4 switches can make intelligent decisions regarding where to forward session traffic.

This is particularly useful in large corporate data centers, Internet service providers or content provider sites where multiple heterogeneous systems are used to support one application. The technology also is useful where replication across many physical servers is required.

Demystifying Layer 4 switching

Routers and Layer 3 switches forward individual packets without any idea of what packets came before or after. Layer 4 switching tracks and maintains individual sessions from start to finish. Thus, Layer 4 switches are really "session switches."

While routers make packet forwarding decisions based on link or network node availability and performance, Layer 4 switches make forwarding decisions based on session and application-layer information. Doing this allows user requests to be switched to the "best" server based on a variety of criteria. As a result, Layer 4 switching is an ideal mechanism for traffic or load balancing across multiple servers. How it works

A Layer 4-capable switch acts as a "virtual IP" (VIP) front end to the servers connected to it. A VIP address is configured for each server or group of servers that supports a single or common application. The VIP address is advertised and registered with the Domain Name System.

When a service request is made, the Layer 4 switch recognizes the start of a session by identifying the TCP start, or SYN packet. It then uses sophisticated algorithms to determine the best server to handle the request. Once this determination is made, the switch binds the session to a specific IP address and substitutes the server's real IP address in place of the VIP address on the server.

Each Layer 4 switch maintains a binding table that associates the source IP address and source TCP port to the chosen server.

The Layer 4 switch then forwards the connection request to the server. All subsequent packets are remapped and forwarded between the client and the same server until the switch sees a session termination, or FIN packet.

With Layer 4 switching, connections can be bound to real servers to meet customer-specified criteria, such as having an equal number of connections on each server or weighing traffic by the capacities of different servers.

Today's typical single-function load-balancing products can bind 400 to 800 connections per second, per device. However, a new generation of products that combine Layer 2 and Layer 4 functions - using hardware-based, load-balancing capabilities within custom Application Specific Integrated Circuits - yield binding rates in excess of 100,000 connections per second.

A key question in all this is how to determine the most available server to which traffic is forwarded.

Today, various methods are used to drive load-balancing decisions. Depending on the desired load-balancing granularity, Layer 4 switches can

distribute application sessions to servers using a number of heuristics. These methods in-clude simple weighted round robin to weighted least connection, measured round-trip delay, or closed-loop feedback from the servers themselves.

Closed-loop feedback is the most advanced, taking advantage of specific system information, such as available memory, I/O interrupts and CPU utilization, which can be obtained automatically by adapter drivers and Layer 4 switches. Current closed-loop feedback mechanisms require that software agents be deployed in each server.

Layer 4 switches are distinctly different in form and function from dedicated load balancers. Traditional hardware-based load balancers are two-port devices optimized for WAN speeds up to 45M bit/sec. They range in price from $10,000 to $35,000.

Layer 4 switches are designed for high-speed intranet applications and support multiple 100M-bit/sec or gigabit interfaces. The cost of the new devices ranges from $12,000 to $15,000. Layer 4 switching allows many other capabilities beyond load balancing such as the ability to control traffic flows based on application type and user ID. Using multistage queuing techniques, Layer 4 switches can designate and prioritize traffic by application. Additionally, sitting directly in front of servers, Layer 4 switches are equipped with knowledge of application sessions and user permissions, making them an ideal platform for preventing unauthorized access to servers.

Williams is director of market development at Alteon Networks, Inc., a leading proponent of Layer 4 switching. He can be reached at bert@alteon.com.