•Understand transparent mode WebMux operation.

•Explain the reason using spanning-tree enabled switches.

•Describe the WebMux and a spanning-tree network.

Transparent Bridging Mode

Transparent mode WebMux acting likes transparent bridge. Transparent bridge were first developed at Digital Equipment Corporation (Digital) in the early 1980s. Digital submitted its work to the Institute of Electrical and Electronic Engineers (IEEE), which incorporated the work into the IEEE 802.1 standard. Transparent bridges are very popular in Ethernet/IEEE 802.3 networks. WebMux has a transparent mode which making the configuration of load balancing much easier. Adding WebMux to an exisiting network is so easy -- simply plugging WebMux between the servers need to be load balanced and rest network. This section provides an overview of transparent mode's handling of traffic and components.

Transparent Mode Load Balancing

Transparent mode WebMux is so named because their presence and operation are transparent to network hosts. Any network protocol that work with network bridge will flow through WebMux without even noticed. When WebMux operates in transparent mode, it learns the workstation locations by analyzing the source address of incoming frames from all attached networks. For example, if a WebMux sees a frame arrive on port 1 from Host A, the WebMux concludes that Host A can be reached through the segment connected to port 1. Through this process, WebMux builds an internal table (the learning process) to determine which host is on which side interface. Traceroute will not show WebMux in the list.

When a data packet comes to WebMux in transparent mode, WebMux will inspect the data packets to determine what to do with the data packets. If there is a farm setup for a IP address and port, WebMux will based on the farm setup to send the data packets to upper layer for processing. In the processing, the visiting client's source IP address and port information is preserved. After processing, WebMux will then forward the data packets to the appropriote server for actual data handling. The server return traffic will be pass through WebMux and replys to the client. The process could including SSL Termination, layer 4 load balancing, layer 7 cookie and URL based traffic management. With ultra fast processors inside WebMux, the time delay of the extensive processing is similar to a regular network switch.

Transparent mode WebMux successfully isolate intrasegment traffic, thereby reducing the traffic seen on each individual segment. This is called filtering and occurs when the source and destination MAC addresses reside on the same WebMux interface. Filtering usually improves network response times, as seen by the users. The extent to which traffic is reduced and response times are improved depends on the volume of intersegment traffic relative to the total traffic, as well as the volume of broadcast and multicast traffic.

Redundant WebMux Stops Loop

With two WebMuxes working on a network, hosts on both sides of the two WebMuxes may find two paths allowing them to communicate. In the Transparent bridge term, that is called loop. To stop the looping, HA mode WebMux setup in transparent mode requires the switch to support spanning tree protocol (STP). WebMux using the spanning tree protocol to communicate with the switches that which WebMux is the root bridge, so that switches will send all the traffic to the active WebMux only.

In addition to basic connectivity problems, the proliferation of broadcast messages in networks with loops represents a potentially serious network problem. Assume that Host A on one side of WebMux initial frame is a broadcast. Both WebMuxes forward the frames endlessly, using all available network bandwidth and blocking the transmission of other packets on both segments. With spanning tree enabled switches, WebMux can notify the switch which WebMux allowing the broadcast message to reach to the hosts behind, thus resolved the problem.

Spanning-Tree Algorithm

The spanning-tree algorithm (STA) was developed by Digital Equipment Corporation, a key Ethernet vendor, to preserve the benefits of multiple paths while eliminating their problems. Digital's algorithm subsequently was revised by the IEEE 802 committee and was published in the IEEE 802.1d specification. IEEE 802.1d was the only spanning tree protocol for years. It works, but take more than 10 seconds to switch the root bridge, thus in HA mode, when one WebMux decide to yield the control to the backup WebMux, switches would take many seconds to route the traffic to the new active WebMux.

In recent years, newer spanning tree protocols are being accepted by the IEEE 802 committee. Like 802.1w, IEEE 802.1x, IEEE 802.1s new protocols represent many newer and faster response spanning tree protocols. With Rapid Spanning Tree Protocol, the switches can determine the active WebMux within one second, once WebMux notify switches the changes in status.

The spanning-tree calculation occurs when the WebMux is powered up and whenever a topology change is detected. The calculation requires communication between the spanning-tree WebMuxes, which is accomplished through configuration messages (sometimes called bridge protocol data units, or BPDUs). Configuration messages contain information identifying the WebMux that is presumed to be the active and the distance from the sending WebMux to the active WebMux (root path cost). Configuration messages also contain the WebMux and port identifier of the sending WebMux, as well as the age of information contained in the configuration message.

WebMuxes exchange configuration messages at regular intervals (typically within one second). If a WebMux fails (causing a topology change), backup WebMux will notify the switch with configuration messages and will initiate a spanning-tree recalculation. As the result, the clients and osts will be route through the active WebMux.

Questions and Answers

Q—What kind of network protocol does WebMux in transparent mode support?

A—Transparent mode WebMux allows any network protocol flow through just like a wire. Any existing network protocol, including the Microsoft LDAP server validations can flow through WebMux without any issue. When traceroute or ping the hosts behind a transparent mode WebMux, it does not show the WebMux in the middle.

Q—Do I need to change the server IP address when I move it behind the Transparent mode WebMux?

A—No. There is no change of any kind to the host's IP address, default gateway, netmask, or DNS/LDAP server setup.

Q—How do I manage the WebMux in the transparent mode?

A—Transparent mode WebMux can be managed just like other modes. There is one IP address assigned for each WebMux in the transparent mode. Using browser to access that IP address and management port, it will allow you manage WebMux -- add farms, add servers, add SSL certificates, etc.

Q—What is the difference between transparent mode and NAT mode?

A—Both transparent mode and NAT mode have similar wiring arrangement. However, NAT mode requires the servers behind WebMux to change IP addresses to a different subnet. WebMux does address translation between the front LAN and back side LAN. In Transparent Mode, the hosts behind WebMux has same subnet with the hosts in front of WebMux. WebMux does not translate from one subnet to another.

Q—Do the Layer 7 features work in the transparent mode?

A—Yes, all the layer 7 features works just like in NAT or OOP mode. WebMux preserve the client's IP address, so that all the server logs will have original visitor's IP address for analysis. In addition, WebMux can perform SSL acceleration in the transparent mode.

More Readings

Perlman, Radia. Interconnections, Second Edition: Bridges, Routers, Switches, and Internetworking Protocols. Boston: Addison Wesley, 1999.