Using Network Appliances to Distribute Component Processing

Not just another toaster

Servers are performing a lot of additional processing these days—Network Load Balancing (NLB), Secure Sockets Layer (SSL), and content replication, to name a few. Wouldn't it be nice if all your server had to do was process Active Server Pages (ASP) and COM functions? Advances in technology and new features are constantly adding overhead for the Web layer. IIS is battling for your system's precious resources now more than ever. So, how can you and your Web developers keep up with the system-resource consumption that these new features require? The answer is better distribution of component processing.

Manufacturers are using hardware solutions to find ways to offload processing, improve availability, and extend scalability. These technologies include

  • server load balancing
  • SSL processing
  • content caching
  • global Web farm distribution

On the horizon, technologies such as XML processing on network appliances are emerging. Let me introduce you to the technologies available today for accomplishing your processing goals and touch on what you might see in the future.

Server Load Balancing
Using a hardware device to load-balance your Web server lets you scale out your applications. When your Web server reaches capacity, you simply add another server to the configuration, which provides redundant availability. If one server fails, the remaining devices can serve your applications.

The concept behind this solution is to point DNS to a virtual IP (VIP). The network appliance maintains a list of servers associated with this VIP. The device uses a load-balancing algorithm and distributes traffic accordingly. The algorithm can be as simple as round-robin or more complex, taking server-response times into account.

The features available depend on the appliance you choose. For example, extended health checks are usually standard with most devices. These checks can include the load balancer that's requesting a test Web page and parsing for a keyword. A good test page is an ASP application that accesses your data store, creates your COM objects, then writes the word Success to the HTTP stream. If the device doesn't see Success returned when it requests the test page, the load balancer automatically removes the suspect server from the VIP. Other features include Network Address Translation (NAT), port translation, and SSL proxying. Administration for these appliances is usually available through Telnet or a Web interface.

Offloading SSL Processing
On a high-volume e-commerce Web site, quite a lot happens. ASP, ActiveX Data Objects (ADO), COM, and payment processing are your main concerns, but you could be spending a lot of CPU cycles processing SSL. IIS slows down significantly when it handles SSL transactions. SSL devices let IIS process code without having to worry about the overhead of encrypting and decrypting packets. Other advantages of SSL devices include the reduction of required certificate administration and lower costs in certificate licensing.

An SSL appliance essentially acts as a proxy server. The appliance takes traffic headed toward port 443 bound for the Web server, decrypts it, then sends it to the IIS machine on port 80. When your Web server sends data back to the client, the SSL device encrypts it and sends it out on port 443.

Caching Technologies
Caches reside between your IIS Web server and clients; caches store frequently requested ASP applications and images. When a client requests a commonly accessed file, the file comes from the cache rather than from the IIS machine. Putting the cache closer to the client reduces latency, so users receive and display ASP applications more quickly. Because a request is filled from the original server only once, caching also helps reduce network traffic and offloads crucial IIS servers. The net effect is higher-quality service and cost savings for your site. You can further increase performance by placing cache appliances in strategic locations around the world and servicing requests from the closest location.

Global Web Farm Distribution
Some sites are so vital to business operations that they must be available 24 * 7. The only solution for such mission-critical Web servers is a geographically dispersed Web farm, also known as multisite clustering. This solution can withstand a blue-screened Microsoft SQL Server machine, a bandwidth-provider outage, and a natural disaster. Global load balancing uses reverse DNS lookup to route the client to the closest data center, which provides for better performance.

A global load balancer works by providing a global VIP that maps to two or more data center VIPs that in turn load-balance the IIS server farms. The global load-balancing device determines which data center VIP to direct the client to when that client performs the DNS lookup for your domain. The device's decision is based on the type of load balancing you've set up. As with server load balancing, you can choose from algorithms that range in complexity from round-robin to routing the client to the Web farm that's the fewest number of hops away.

Emerging Technologies
Not long ago, the only load-balancing option was round-robin DNS. Now, an XML accelerator is available. This device can integrate with your site and process some of your XML logic. An XML accelerator, Microsoft BizTalk Server 2000, SQL Server 2000, and IIS would be a powerful combination.

In the future, I think you'll see wireless integration with devices such as XML accelerators. For example, Network Engines' AdminEngine has a monitoring appliance that watches over your servers and permits remote administration. You might be able to restart IIS from your cell phone if your site is down.

Wireless Application Protocol (WAP) appliances will also become standard in large Web farms. Soon, customers will demand content from anywhere and everywhere because that's how they conduct business. These technologies and the technologies that are available today can help a well-written IIS application scale 1000 concurrent users to 100,000 concurrent users.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.