Port Following

 

1Introduction

KEMP Technologies leads the industry in driving the price/performance value proposition for application delivery and load balancing to levels that our customers can afford. Our products’ versatile and powerful architecture provide the highest value, while enabling our customers to optimize their businesses that rely on Internet-based infrastructure to conduct business with their customers, employees and partners.

KEMP Technologies products optimize web and application infrastructure as defined by high-availability, high-performance, flexible scalability, security and ease of management. They maximize the total cost-of-ownership for web infrastructure, while enabling flexible and comprehensive deployment options.

1.1Document Purpose

This document describes various aspects of the port following feature of the KEMP LoadMaster. It describes in detail how to configure the port following feature using the LoadMaster Web User Interface (WUI).

For descriptions on each of the LoadMaster WUI fields, please refer to the Web User Interface (WUI), Configuration Guide.

1.2Intended Audience

This document is intended to help anyone who wishes to learn about or implement the port following feature within the KEMP LoadMaster.

2Port Following

Port following is set when two services need to share persistence records. Typically this is done for HTTP and HTTPS services so users maintain a server session, regardless of whether they connect securely or not.

If the Real Server for one of the Virtual Services fails, the persistence records for the same Real Server on the other Virtual Service will be cleared.

Port following has several requirements:

  • The Virtual Services must be on the same IP address
  • The Virtual Services must have the same set of Real Servers
  • The Virtual Service must be using the same persistence options

After meeting these conditions, in the Virtual Service modify screen there will be an option under Advanced Properties for Port Following. Ensure to set this on both Virtual Services to ensure that port following is done bi-directionally. Port following must be set up bi-directionally to ensure that, regardless of whether the client connects using HTTP or HTTPS, the persistence and session is saved.

Here is an example scenario where port following may be used:

  • When using “shopping cart” like services where a user selects items and adds them to a list, any persistence method can be used.
  • When the user decides to pay for the items, this is normally performed using a secure SSL (HTTPS) service.
  • When port following is turned on, the Real Server where the “shopping cart” connection is active will be selected for the SSL session.
  • This selection will only occur when a connection is still open from the same client (as determined by the source IP address), and if the SSL service has the same IP address as the “shopping cart” service.
  • For example, if a connection is made to the HTTP service of www.somewebsite.com, and then a new SSL connection is made to the same address, then the SSL session will be directed to the same Real Server as the original HTTP service.

2.1Configuring Port Following

Port following is not available on SubVSs.

Follow the steps in the sections below to create the Virtual Services and configure port following. It does not matter what order the Virtual Services are created in – as long as they have the same IP address, same set of Real Servers and the same Layer 7 persistence mode – you should be able to enable port following.

2.1.1Create the Virtual Service for HTTP

To create an HTTP Virtual Service, follow the steps below:

  1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

Figure 2‑1: Virtual Service parameters

  1. Enter a valid IP address in the Virtual Address text box.
  2. Enter 80 in the Port text box.

It is possible to use port following with Virtual Services using wildcard ports.

  1. Enter a recognizable Service Name.
  2. Click the Add this Virtual Service button.
  3. Expand the Standard Options section.

Figure 2‑2: Standard Options

  1. Select an L7 persistence mode. This is the persistence mode that will be used for any Real Servers which are added to this Virtual Service.
  2. Expand the Real Servers section.

Figure 2‑3: Real Servers section

  1. Click the Add New button.

Figure 2‑4: Real Server parameters

  1. Enter the relevant address in the Real Server Address text box.
  2. Click Add This Real Server.
  3. Click OK.

Figure 2‑5: Real Server parameters

  1. For the second Real Server, enter the address in the Real Server Address text box.
  2. Click Add This Real Server.
  3. Click View/Modify Servicesin the main menu.
  4. Check that the Virtual Service has the correct Virtual IP Address, port number and Real Servers and that the Status is Up.

2.1.2Create the Virtual Service for HTTPS/SSL Offloading

To create a HTTPS Virtual Service with SSL offloading, follow the steps below:

  1. In the main menu, go to Virtual Services> Add New.

Figure 2‑6: Virtual Service parameters

  1. Enter the IP address in the Virtual Address text box.
  2. Enter a recognizable Service Name.
  3. Enter 443 as the Port.

It is possible to use port following with Virtual Services using wildcard ports.

  1. Click the Add this Virtual Service button.
  2. Expand the SSL Properties section.

Figure 2‑7: SSL Properties

  1. Select Enable.
  2. Click OK.
  3. Expand the Standard Options section.

Figure 2‑8: Standard Options

  1. Select the same L7 persistence mode that was selected in the HTTP Virtual Service. This is the persistence mode that will be used for any Real Servers which are added to this Virtual Service.
  2. Expand the Real Servers section.

Figure 2‑9: Real Servers section

  1. Click Add New.

Figure 2‑10: Real Server parameters

  1. Enter the relevant address in the Real Server Address text box.
  2. Enter 80 as the Port.
  3. Click Add This Real Server.
  4. Click OK.

Figure 2‑11: Real Server parameters

  1. For the second Real Server, enter the address in the Real Server Address text box.
  2. Enter 80 as the Port.
  3. Click Add This Real Server.
  4. Click OK.
  5. Click Back.
  6. Select View/Modify Services under Virtual Services in the main menu.
  7. Check that the Virtual Service has the correct Virtual IP Address, port number and Real Servers and that the Status is Up.

2.1.3Configure Port Following for the HTTPS Virtual Service

To configure port following for the HTTPS Virtual Service, follow the steps below:

  1. In the main menu, go to Virtual Services>View/Modify Services.
  1. Click the Modify button for the Virtual Service with port 443.
  2. Expand the Advanced Properties section.

Figure 2‑12: Advanced Properties section

  1. Select the port 80 Virtual Service from the Port Following drop-down list.

If the Port Following drop-down list is not visible – remember that port following can only be switched on if there is a HTTPS service and a HTTP service with the same IP address. Both Virtual Services must have the same set of Real Servers and both Virtual Services should have a Layer 7 persistence method enabled.

To turn off port following, change the Follow drop-down list to No VIP Selected.

  1. Wait 10 seconds, or uncheck and check the Activate or Deactivate Service checkbox in the Basic Properties section for immediate activation.

2.1.4Configure Port Following for the HTTP Virtual Service

To configure port following for the HTTPS Virtual Service, follow the steps below:

  1. In the main menu, go to Virtual Services >View/Modify Services.
  1. Click the Modify button for the Virtual Service with port 80.
  2. Expand the Advanced Properties section.

Figure 2‑13: Advanced Properties

  1. Select the port 443 Virtual Service from the Port Following drop-down list.

If the Port Following drop-down list is not visible – remember that port following can only be switched on if there is a HTTPS service and a HTTP service with the same IP address. Both Virtual Services must have the same set of Real Servers and both Virtual Services should have a Layer 7 persistence method enabled.

To turn off port following, change the Follow drop-down list to No VIP Selected.

  1. Wait 10 seconds, or uncheck and check the Activate or Deactivate Service check box in the Basic Properties section for immediate activation.

3References

Unless otherwise specified, the following documents can be found at http://kemptechnologies.com/documentation.

Web User Interface (WUI), Configuration Guide

Document History

Date

Change

Reason for Change

Ver.

Resp.

Apr 2014

Release updates

Updates for 7.1-16 release

1.6

LB

May 2014

Minor changes

Defects resolved

1.7

LB

Nov 2014

Minor changes

Defects resolved

1.8

LB

Apr 2015

Release updates

Updates for 7.1-26 release

1.9

LB

Oct 2015

Release updates

Updates for 7.1-30 release

3.0

LB

Dec 2015

Release updates

Updates for 7.1-32 release

4.0

LB

Jan 2016

Minor changes

Updated

5.0

LB

Mar 2016

Release updates

Updates for 7.1-34 release

6.0

LB

July 2016

Minor changes

Enhancements made

7.0

LB

Jan 2017

Minor changes

Enhancements made

8.0

LB

Was this article helpful?

0 out of 0 found this helpful

Comments