Embed Size (px)
Citation preview
SERVERIRON™
APPLICATION SWITCHES
Features
t Intelligent load balancing,Layer 7 content switching andsecurity for mission-critical applications
t Integrated full-function Layer 2/3 switching and routingcombined with high-performance Layer 4-7 switching
t Support for up to 15,000,000 concurrent sessions,and 56 Gbps of throughput
t High-availability server load balancing with stateful fail-over
t Industry’s most powerful content switching, including URL,Cookie,XML,HTTP Header,and SSL Session ID based switching
t High performance Server,Cache,VPN/Firewall and ISP link load balancing
t Wire-speed Gigabit rate protection against Denial of Service (DoS) attacks
t Most scalable Global Server Load Balancing (GSLB) with DNS Proxy and client proximity measurements
t Ease of use and manageability with IronView Network Manager (INM)
t Always-on network monitoring with standards-based sFlow
t Superior support for all major streaming media protocols
t Industry’s #1 Layer 4-7 application switch with Modular 10 Gigabit Ethernet Support
Intelligent Layer 4-7 Application Switches
ServerIron™Intelligent ApplicationSwitching and Security System withInternet IronWare®Layer 2 through 7 Switching
Foundry Networks®’award-winning ServerIron Family ofswitches provide high performance Layer 2 through 7 switching,enabling network managers to control and manage today’sexploding IP transactions, IP applications and e-commercetraffic flows.Internet IronWare,Foundry’s unique software suiteof application traffic management capabilities—powers theServerIron switches to direct requests to the right server andapplication based on the information that resides beyond thetraditional Layer 2 and 3 packet headers. ServerIron easesescalating application traffic overload, dramatically increasesservice availability, maximizes utilization, reduces the burdenof server farm management, and allows the entire server facilityto scale to meet current and future needs.
Built on Foundry’s proven IronCore™ and JetCore™
architectures, ServerIron enables application traffic switchingbased on Layer 2 through Layer 7 definitions.ServerIron deliversindustry-leading performance for Internet traffic managementfunctions, including local and global server load balancing, ISPlink load balancing,firewall load balancing,and transparent cacheswitching. ServerIron’s superior content-switching capabilities
1
include support for up to 256 rules based on URL, HTTPheader,XML,cookie and SSL session ID content.Furthermore,ServerIron provides the foundation for high service availability,disaster recovery,location and server transparency,backbone costcontrol,and a consistent user experience.
ServerIron supports the following major traffic
management applications:
1. Efficient Server Load Balancing (SLB)—Distribute IP-based services and transparently balance traffic across multipleservers while continuously monitoring server,application andcontent health.This enhances overall reliability and availabilityof the services while simultaneously ensuring peak serverfarm utilization.
2. Robust Application Security—Shield server farms andapplications from wire-speed Gigabit rate DoS, DDoS, virusand worm attacks while serving legitimate application traffic.Improve security using IronShieldTM security suite withsupport for features like advanced ACLs and sFlow networkmonitoring.
3. Disaster Recovery and Global Server Load Balancing
(GSLB)—Distribute services transparently across multiplesites and server farm locations and balance the traffic acrossthose sites/servers on a global basis while monitoringsite/server and application health. By directing the client tothe best site for the fastest content delivery, ServerIronenhances overall application availability and reduces bandwidth costs. Site level redundancy and rapid transparentfailover are supported for disaster recovery.
4. Firewall Load Balancing (FWLB)—Increase thenetwork’s overall firewall performance by distributingInternet traffic load across multiple firewalls. Overcomefirewall scalability limitations, increase firewall throughputand performance, and improve firewall resiliency byeliminating the firewall as a “single point of failure”.
5. Transparent Cache Switching (TCS)—Eliminate theneed to configure each client browser, improve Internetresponse time, decrease WAN access costs, and increaseoverall web caching solution resiliency by balancing webtraffic across multiple caches. ServerIron improves serviceavailability by implementing cache health checking andredirects client requests to the next available cache server ordirectly to the origin server in the event of a cache or serverfarm failure.
6. ISP Link Load Balancing (LLB)—Significantly increaseEnterprise Internet link utilization and reduce the cost of ISPservice without the complexities and limitations of BGProuting.Improve bandwidth scalability with optimal capacityutilization based on intelligent traffic switching using keymetrics like service response time and bandwidth price.Achieve load balancing, redundancy and resiliency onbusiness-critical Internet links with a single application.
Key Benef itsServer and Application Availability
ServerIron ensures service availability by offering switch, server,link,and session level redundancy.
In the event of a server or application outage,ServerIron providesdetection and rapid fail-over to the next server in a logical groupthat supports a like service. ServerIron detects application errorconditions such as HTTP “404 – Object not found”before theclient sees them and transparently redirects the requests to otherservers without any manual intervention.
To provide 100 percent availability, ServerIron includes anactive-standby or active-active redundancy capability thatprotects against session loss.When enabled, this feature allowsnetwork administrators to establish primary and secondary loadbalancing switches to support identical configurationparameters.In active-standby mode,one unit operates while theother unit sits as a backup. In active-active mode, both unitsoperate symmetrically. In either situation, each switchcontinuously monitors the health of the other. In the event that
1000-SX
FSRPVRRP
OC-3, -12, -48NetIron 400
NetIron 400
ServerIronXL ServerIronXLBigIron
4K
1000-SX1000-SX
100-FX 100-FX
Internet
t Figure 1
2
one device fails, the other switch takes over without losingsessions or connectivity. ServerIron also supports link-levelredundancy that ensures server connectivity by automaticallyswitching sessions from a failed link to a redundant link.
ServerIron’s extensive service health check capability monitorsLayer 2,Layer 3,Layer 4,and Layer 7 connectivity and services anddetermines the servers’ ability to respond to user requests.This ensures fast detection of service problems and eliminatesservice outage.
Robust Security
With a rich set of advanced high-performance security features,the ServerIron acts as the last line of defense for the servers andapplications from malicious clients. Using the superiorperformance and advanced security algorithms, the ServerIroncan prevent unauthorized client requests from reaching the server and therefore substantially improving server availability.
ServerIron offers the industry’s best and the most advancedsecurity intelligence as part of the high-performanceIronShieldTM security suite. ServerIron switches protect thenetworks, server farms and applications against wire-speedGigabit DoS attacks. Only legitimate client traffic is allowed topass through to the real servers.With sophisticated and high-performance URL, cookie, HTTP header and XML contentfiltering, ServerIron switches prevent viruses and worms from spreading to the application infrastructure throughapplication messages.
Maximum Scalability
ServerIron supports high port density on both the stackable andchassis platforms, allowing for support of massive server farmsand network devices such as firewalls and caches.
TrafficWorks IronWare running on ServerIron simplifiesnetwork design by enabling network managers to create a serverfarm, represented by a single IP address known as a Virtual IP(VIP) address. ServerIron appears as a virtual server with a VIPaddress that controls,monitors, and directs client requests to themost appropriate real server in a server farm. By supporting awide selection of intelligent load balancing methods, networkadministrators can transparently and easily scale server capacityregardless of the server platform. ServerIron delivers thesebenefits without using expensive hardware add-ons or server-side agents.
ServerIron allows ISPs and enterprises to deploy GSLB totransparently expand server capacity on a worldwide basis byredirecting service requests across multiple data centers locatedaround the world and scale application capabilities to globalproportions.
For enhanced security and performance, ServerIron’s FWLBeliminates firewall bottlenecks and scales firewallimplementations by balancing and distributing load acrossmultiple firewalls.With load balancing support for synchronous,non-synchronous,Network Address Translation (NAT),Layer 2,and Layer 3 firewalls,network administrators can deploy firewallsin the most flexible and reliable manner. ServerIron supportsactive-standby as well as active-active FWLB configurations.ServerIron’s FWLB supports environments built on static ordynamic routing protocols including RIP V2 and OSPF.
Easy to Set Up and Manage
ServerIron is simple to configure and manage using the FoundryCommand Line Interface (CLI) or built-in Web interface.TheCLI uses well known Cisco-like commands allowing networkadministrative staff to easily configure all Foundry products.
In addition, ServerIron’s support for Simple NetworkManagement Protocol (SNMP) allows device managementusing applications such as HP OpenView, available on majorserver platforms including Sun Solaris,HP-UX,and Windows NT.
Foundry’s IronView NMS application can be used to monitorand chart SLB and TCS data polled at regular intervals.Formatsinclude bar graph, line graph, and pie chart allowing networkmanagers to easily collect and display detailed information aboutnetwork traffic destined to server farms.Network administratorscan also gauge the amount of traffic between servers and clients,as well as which application is dominating network traffic.Extensive accounting and statistics allow network managers toeasily collect and display detailed information about network
NetIron 400NetIron 400
ServerIron 400ServerIron 400
Internet
t Figure 2
3
traffic destined to server farms.Network administrators can alsogauge the amount of traffic between servers and clients,as well aswhich application is dominating network traffic. In addition,ServerIron tracks the number of active and open sessions perserver.These statistics can also be used to track traffic loads onservers that support multiple applications.
ServerIron supports advanced configuration synchronizationfeatures to minimize configuration errors, and consequentlynetwork and application downtime. Using the command-by-command and block-by-block synchronization modes,administrators have the flexibility to replicate configuration onthe peer ServerIron in high availability designs at the granularitythey desire without manual repetition.Additionally, ServerIronproducts are integrated with IronView Network Manager(INM) to provide comprehensive centralized configurationmanagement. The INM supports configuration creation,archival,comparison and tracking of configuration files for all theServerIrons deployed in a network. Administrators are able toupdate configurations on multiple ServerIrons with a click of thebutton.
IronClad Application Performance
ServerIron delivers unmatched Layer 2 through Layer 7switching performance.Utilizing the same proven technology ofFoundry’s BigIron wire-speed switches, all ServerIron platformscontain a unique distributed switching fabric and powerfulpacket processing engines to deliver load-balancing capacity ofover 150,000 Layer 4 connections per second including datatransfer,or 600,000 connection setups per second with no sessionloss.As well,ServerIron scales to maintain 15,000,000 concurrentsessions.This ensures service availability during peak applicationtraffic load and during massive denial of service attacks.
Key FeaturesExceptional Performanceand Capacity
t Industry Leader in Concurrent Session Capacity—ServerIron effectively handles over 15,000,000 concurrent connections to accommodate more client traffic as the application infrastructure experiences growing traffic demands.
t Direct Server Return (Switch Back)—Inherently asymmetrical nature of streaming media and bulk data applications requires high-throughput support.The client-to-server traffic flows through the load balancing device but the return (server-to-client) traffic,which
typically consumes more bandwidth because it contains the information that the client has asked for, switches directly to the clienton the return path.By avoiding the load-balancing device,Switch Back provides wire-speed throughput servicing the clients.
t Throughput—The various ServerIron platforms provide differentiated system performance and throughput levels from 2 Gbpswith ServerIronXL,right up to 56 Gbps with ServerIron 800/850 depending on policies enabled on the ServerIron.
t Session Processing—Foundry leads the industry with real-world session processing capabilities of over 600,000 connectionsetups per second.
t Symmetric Load Balancing—Multiple switches can be deployed to increase load-balancing capabilities in parallel and multiply the total connection capacity and overall performance.Also known as an active-active configuration,IronWare’s symmetric load balancing provides cross-platform fault tolerance,picking up the full load where the failed switch left off without losing any state information.
t Switching Capacity—Built on Foundry’s custom ASIC designs,ServerIronXL,ServerIron 100 Series,ServerIron 400 and ServerIron 800 respectively deliver 4.2 Gbps,20 Gbps,128 Gbps and 256 Gbps of total switching capacity.ServerIron 450 and 850 deliver 128 and 256 Gbps of total switching capacity.
t Trunking for Performance—Trunk groups can be configured between ServerIron switches,between ServerIron and other standards-compliant switches,or between the ServerIron switch and the server to increase overall server farm bandwidth, throughput,performance,and redundancy. ServerIronXL supports up to five trunk groups containing from two to four 10/100Base TX ports,and ServerIron 800 and 850 support up to 22 trunk groups.
t IP Filters—Network managers can define up to 1024 IP filters to selectively control SLB and TCS traffic. These dynamic filters,whichtake effect immediately without requiring a reboot,match on source and destination IP address,network mask,and TCP/UDP port information.
t Overflow Protection—In the event that the local servers exceed their maximum capacity,Foundry’s Internet traffic management systems can load balance the subsequent requests to remote server farms.
t Massive Server Farms—ServerIronXL supports up to 24 10/100 ports and 2 Gigabit ports,ServerIron 100 Series offers 3 models with Gigabit or Fast Ethernet copper or fiber ports,ServerIron 800 supports up to 168 10/100BaseTX ports or 56 Gigabit ports, ServerIron 850 supports up to 112 Gigabit ports in a single chassis.With support for unlimited Virtual IP addresses,and up to 2048 real servers,ServerIron switches provide the highest connectivity to server farms.
t High Performance Web Hosting—ServerIron’s many-to-one load-balancing features enable network managers to define multiple VIPs and track service usage by VIP. With this capability,a single server and port number can load balance multiple web sites across a shared set of real servers.
4
t Slow Start—To protect the server from a surging flow of traffic at startup,ServerIron implements a unique slow-start service that allowsreal servers to gradually accept connections when the server comes up.This is especially useful for SLB implementations using least connections as the load balancing method.Since most servers today cannot handle more than 2000 new connections per second, this feature helps ensure stability when bringing new servers online.
t Cookie Insertion/Deletion—This feature enables transparent application support by allowing the ServerIron to insert cookies into HTTP requests and responses. This allows client/server persistence even when the application itself does not support cookies.
t Server Connection Offload—The ServerIron increases server performance,availability, response time and security by offloading connection management from the servers.Using persistent HTTP 1.0 and 1.1 connections to the server, the ServerIron sequentially streams large number of client-side connections to a few server-side connections.Connection offload allows the servers to focus on mission-critical high-performance application service delivery. In addition to the performance gain, the servers also get protection against DoS,virus and worm attacks from hackers because the servers never directlyinteract with the clients for connection management.
t Maximum Connections—Used to protect servers from bogging down due to high amounts of Internet traffic, this feature allows administrators to limit the number of concurrent connections handled by a particular server and ensures that the traffic does not outpace the performance of the server.
t Enterprise Application Support—ServerIron can be deployed in many Enterprise environments where IP-based applications are used,including the popular applications like Oracle,BEA WebLogic, IBM WebSphere,PeopleSoft and Siebel. ServerIron supports custom features for load balancing and persistence for these applications.Additionally, the ServerIron support includes VoIP,where load balancing and fault tolerance can be provided for IP PBXs,as well as database environments,CRM systems,and popular financial and production management systems.
Server and Application HealthChecks
t Layer 3—Upon configuration,ServerIron immediately and automatically health checks the server via ARP and ping to determine whether the server is ready for operation.If problems arise,ServerIron can automatically take corrective action.
t Layer 4—When the network manager binds an application (TCP/UDP port) on a real server to an application on a virtual server, ServerIron performs a Layer 4 health check,which the server must pass. This guarantees that clients do not hit “dead”servers.
t Layer 7—With health checking enabled for a service (TCP /UDP port),ServerIron can perform a Layer 7 application-specific health check immediately after successful completion of the Layer 4 health check.These include the following:HTTP,DNS,SMTP,POP3,LDAP,NNTP,IMAP4,FTP,Telnet,RADIUS,and others.
t Scripted—Using scripted health checks, the ServerIron provides a flexible mechanism to check the health of applications using non-standard ports.The switch inspects the health check response messages from the server for user-configured ASCII text that indicates application health.
t Boolean—Boolean health checks offer immense flexibility by allowing to decouple health checking from the ports bound to the Virtual IP. Multiple Boolean health checks may be combined and tied to the health of any port on any VIP.
Load Balancing Method
t Round Robin—Assigns connections sequentially among servers ina logical community.Round robin treats all servers as equal regardlessof the number of connections or response time.
t Least Connections—Assigns a connection to the server with the least number of open connections.This option works well in server farmswhich have groups of servers with dissimilar performance capabilities.Least connections ensures adequate distribution and avoids server overload.
t Weighted Percentage—Allows managers to assign a performance weight to each server.Use weighted percentage to ensure that those servers capable of processing connections faster receive the largest number of connections.
t Response Time—Directs requests to the server providing the best response time.Response time measurements include the network latency and the response time for the application-level health checks.
t Combined Response Time and Least Connections—Directs requests to a server based on the server and application response time,and the number of active connections on the server.
t Bandwidth and Weighted Bandwidth—Load balances between servers based on the amount of bandwidth processed by each real server in a given duration of time.Sampling interval and duration for bandwidth measurements are user configurable.Using weighted bandwidth assigns greater weight to most recent samples,or to more potent servers to deliver the highest server performance and scalability.
t Cookie Switching—This feature directs HTTP requests to a server group based on information embedded in a cookie in the HTTP header.The next time the client requests information from the server, the cookie specifies which server group should handle the request.Cookie switching ensures that a particular server group always handles requests from a particular client, even across sessions,thereby guaranteeing client persistence and a more satisfying end-user experience.
t URL Switching—ServerIron directs HTTP requests to a serveror group of servers,using information contained inside the text of a URL string.URL switching grants the network administrator greater control over the web site deployment to place different web content on different servers, thereby eliminating the constraint of duplicating all content across all load-balanced real servers.
5
t URL Hashing—Using this feature enables ServerIron to examineinformation in the HTTP request (either the Cookie header or the URL string) and internally map this information to one of the real servers bound to the virtual server.This HTTP request and all futureHTTP requests that contain this information then always go to the same real server.
t URL Parsing—Selects a real server or a group of servers by looking at the prefix or suffix of the URL or by applying a pattern-matching expression to the entire URL.ServerIron supports up to 256 URL rules and imposes no limit on the URL length examined.
t SSL Session ID Switching—SSL (Secure Socket Layer) is a protocol for secure World Wide Web connections used to protect confidential information with server authentication,data encryption and message integrity. In order for SSL to work,all the SSL connections between a client and server must reach the same host.ServerIron ensures that all the traffic for an SSL transaction with a given SSL ID always goes to the same server. It is a “must have”feature for commerce, financial,and shopping-cart based web sites.
t HTTP Header Switching—Directs client requests to the appropriate group of servers by reading deep into the contents of the HTTP header.For example,using the language code embedded in the header, the ServerIron sends the client request to the group of servers providing content for a specific language.The HTTP protocol header has fields that carry valuable information that can assist in further optimizing server utilization and increasing server scalability.
t XML Switching—XML has emerged as a dominant standard forexchanging information between applications in the Internet.The ServerIron provides intelligent Layer 7 switching based on XML tags and attributes embedded in XML documents encapsulated in SOAP and HTTP messages.Load balancing,persistence and content filtering are supported with XML switching rules.
t Advanced Rules Engine—The ServerIron supports the industry’s most comprehensive rules engine that gives maximum flexibility to the customers in defining and applying Layer 4-7 switching rules to a rich set of application content.Switching rules are not limited toone type of content or protocol,and can be combined for maximum flexibility and scalability.
IronShield™ Security
t Intelligent TCP and UDP Connection Rate Limiting—ServerIron further protects server farms, firewalls and cache servers by controlling the rate of TCP and UDP connections on an application port basis.Controlling the rate of new connections that each device receives ensures availability despite increased levels of activity due to DDoS attacks or surges in user access.
t Network Address Translation (NAT)—Using ServerIron’s bi-directional NAT,network administrators can assign real servers internal non-routable private addresses to enhance security and conserve address space.ServerIron also supports NAT functionality for environments where the real servers reside in different subnets.This translates to complete network design flexibility when laying out server farms.
t Enhanced NAT—Unique to Foundry Networks,ServerIron’s generic NAT supports generic UDP,TCP,and ICMP applications as well as active and passive FTP,Windows™ Media,RealAudio,Real Video,RealMedia,and QuickTime protocols
t Transaction Rate Limiting™—ServerIron protects real servers against malicious attacks from high-bandwidth users by allowing administrators to configure a threshold for the rate of incoming connections per user.
t SYN-Guard ™—ServerIron protects server farms against multiple forms of Denial of Service (DoS) attacks, such as TCP SYN attacks,by monitoring and tracking session flows.Only valid connection requests are sent to the server.This capability combined with the ability to support over 15 million concurrent connections protects against the hijacking of server resources by malicious users and ensures connectivity for genuine clients.Using the SYN-Cookie feature, the ServerIron forwards only completed client connectionsto the servers.
t High Performance Access Control Lists (ACLs) and ExtendedACLs—By using ACLs,network administrators can restrict access to specific applications from a given address or subnet. Filters can be easily set to deny access to servers by any particular port or VIP address.For example,a network administrator can deny FTP traffic to a particular address.Conversely, filters can be set to allow access by a subset of users or subnets.
t Cisco-syntax ACLs—ServerIron supports Cisco-syntax ACLs,which network administrators can easily cut/copy/ paste from their existing Cisco products to drop them right into the ServerIron configuration for the ultimate in portability and security.
Session Persistence for Web Application Transactions
t Internet IronWare maintains up to seven different methods of persistence to ensure that shopping-cart type applications and long-running transactions proceed accurately.When combined with the ability to handle over 15 million concurrent sessions,ServerIron provides the industry’s best persistence methods to build high-performance networks for e-commerce.
t Port Tracking—Some web applications define a lead port and follower ports.ServerIron ensures that all connections to the follower ports arrive at the same server as the lead port connection.For example, if SSL traffic follows HTTP traffic, the network administrator often defines the SSL port as the follower port to the HTTP port.This ensures that both types of traffic arrive at the same server for a given customer.
t Sticky Ports—ServerIron supports a wide variety of “sticky”connections, including those where applications require that the client request for additional TCP/UDP ports always go to the same real server, to the server using arbitrary port numbers,or to the server usingsequential TCP/UDP ports.
6
t Additional Persistence Methodologies—ServerIron supports many other types of persistence based on a large range of user programmable options, including Source IP/VIP/Port,Source IP/VIP,and SSL Session ID.
t Mega Proxy Server Persistence—Network managers can configure ServerIron to treat a range of source IP addresses as a single source to solve the persistence problem caused by certain mega proxy sites in the Internet.
t Comprehensive Session Persistence—ServerIron expands upon simple cookie-based switching by including support for Source IP based persistence.When configured for cookie-based persistence,ServerIron uses Source IP-based session persistence if there is no cookie present.This provides a superior level of session persistence over other vendor implementations.
High Availability Services
t Remote Backup Servers—If no local servers or applications are available,ServerIron sends client requests to remote servers.The remote server can be another server farm managed by another ServerIron or just another group of real servers.By defining multiple remote servers,ServerIron will load balance the traffic among them using the selected load balancing method.
t HTTP Redirect—ServerIron can also use HTTP redirect to send traffic to remote servers if the requested application is not available on the local server farm.
t Active/Standby—When deployed in active-standby mode, the standby ServerIron will assume control and preserve the state of existing sessions in the event the primary load-balancing device fails.Configuration common to the two ServerIron switches can be automatically synchronized to avoid manual replication.
t Active/Active—When deployed in active-active mode,both ServerIron switches work simultaneously and provide a backup for each other while supporting stateful fail-over.Configuration commonto the two ServerIron switches can be automatically synchronized to avoid manual replication.
t Quality of Service—Network administrators can prioritize traffic based on ports,MAC,VLAN,and 802.1p attributes,as well as by service port and application type; for example,ServerIron can grant priority to HTTP traffic over FTP.
t Redundant Power Supplies—ServerIronXL supports an optional built-in redundant power supply and ServerIron 800/850 support multiple (up to three additional) hot-swappable power supply options.ServerIron 100,400 and 450 support dual hot-swappable power supplies.
Ease Server Farm Management
t Mix and Match Servers—ServerIron increases network design flexibility and investment protection for existing resources by allowing for application distribution on different servers based on performance requirements,with dynamic adjustment and without interruption of service.
t Graceful Shutdown—ServerIron allows you to gracefully removea server from the load balancing rotation without disrupting any existing session.This increases site stability when upgrading or repairing servers.
t SNMP Reporting—ServerIron reports SNMP traps and events to the specified trap receiver and can send those management messages to up to six different Syslog servers.
Disaster Recovery and GlobalServer Load Balancing
ServerIron redirects client traffic globally by site availability, siteload, and site response time. ServerIron also measures client/server proximity as defined by round trip delay and geographiclocation. All these features can work in conjunction with thenetwork’s existing DNS servers and results in minimizingnetwork disruption when implementing GSLB. ServerIroncontinually monitors the sites to detect any changes in servers orservices due to varying health and traffic conditions.Configurable site load thresholds enable network administratorsto fine tune the health checking parameters to best suit the site’sserver and service capabilities. [See Figure 3]
FlashBack™, a unique Foundry Internet traffic managementfeature,measures response time between the authoritative DNSsite and each data center.ServerIron actually computes proximitybased on the round trip time between the different global sitesand uses these measurements as a benchmark to determine siteresponsiveness and the site’s range to the client.
In addition,ServerIron uses geographic site selection to keep therequests within continental domains. ServerIron constantlymonitors application traffic to create a knowledge base thatenables a more intelligent GSLB methodology, poweringsmarter site selection criteria. ServerIron handles server farmoutages or overloads even after the DNS lookup by automaticallytriggering HTTP redirection or implementing remote serverload balancing.ServerIron GSLB provides the following:
ServerIronA
New York
Denver
San Jose
ServerIronB
www.foundrynet.com
LocalDNS
ClientDNS
Request/Response
Proximityand LoadConditions
1. New York2. San Jose
1. San Jose2. New York
Round Trip Time
Authoritative DNS
www.foundrynet.com
7
6 5
4
3
21
t Figure 3
7
t Acts as a DNS proxy to transparently intercept and modify the DNS responses, thereby directing customers to the best site.
t Handles server farm outage or overload after the DNS lookup by HTTP redirect or remote server load balancing.
t Leverages the existing DNS server and minimizes disruption tothe existing DNS environment.
t Provides continuous site monitoring to detect changes in site health conditions.
t Allows the network administrator to tune individual site load thresholds through configurable settings.
t Monitors and selects sites based on FlashBack speed,which measures performance using site, server and application responsiveness.
t Adds an evolutionary knowledge based in the global server load balancer that enables smarter site selection as more clients access the site.
t Grants the network administrator the ability to tune ServerIron settings and ensure that minimal differences in various site metrics do not affect site selection.
Foundry offers another unique Internet applicationmanagement feature called “Global IP”. Working alongsideFoundry Layer 3 switches (BigIron® and NetIron®) and poweredby unique VIP health checking algorithms, Global IP injectsroutes to client application services based on regional data centerserver-farm health and provides GSLB capability withoutrelying on the DNS protocol.This enables ISPs and enterprisesto instantaneously build networking infrastructures on a globalbasis and offer ready-to-go differentiated services to customersfor multi-site deployments.
Transparent Cache Switching
ServerIron switches improve Internet response time anddecrease WAN access costs by redirecting web traffic destined for remote Internet hosts to local cache servers. Foundry’sTransparent Cache Switching (TCS) can be used with any cacheserver that supports transparent redirection, including those from leading vendors such as Blue Coat,Cobalt,Compaq,Dell,Inktomi (a Yahoo company),Network Appliance,and Novell.
Foundry’s TCS offers network managers a resilient web cachingsolution that significantly simplifies administration. Unlikeproxy server solutions that require manual configuration of eachclient’s browser,ServerIron transparently intercepts and switchesHTTP client requests to an available cache server withoutreconfiguring the client’s browser. Network administrators canconfigure the device to switch traffic based on source anddestination IP address. [See Figure 4]
ServerIron switches provide the industry’s most powerfulcontent-aware cache switching features to build intelligentcontent networks that route traffic based on content rather thanjust IP addresses.The ServerIron TCS application includes thefollowing content-switching features:
t Intelligent load balancing of caches to eliminate content duplication,increase cache-hit ratio,and improve the Internet response time.
t Accelerate delivery of dynamic content and optimize the cache utilization by bypassing the caches automatically for dynamic content.
t Specify content-based rules to determine what content should be cached.
t Organize caches into logical groups that serve different content to provide differentiated service offerings to content providers.
DynamicContent
StaticContent
Cache
Web Server Farm
Web Server Farm
t Figure 4
8
Technical and Physical Specif icationsLoad BalancingMethods Least connectionsResponse timeResponse time + least connectionsRound robinWeighted distributionBandwidth and Weighted Bandwidth
Layer 2 SwitchingCapabilities32,000 MAC addresses802.1d Spanning Tree Protocol802.1p prioritizationPolicy-based VLANsPort-based VLANsLayer 3 protocol VLANsLayer 3 protocol and subnet VLANs802.1q VLAN tagging
ProtocolSupportTCPUDPSSLFTPTelnetSMTPHTTPIMAP4LDAPNNTPPOP3DNSBootPTFTPSNMPVRRP/VRRPeIPSecRADIUSVoIP
Web-based GUITelnetSNMPRMONIronView Network Manager(INM)HP OpenView
Warranty1 year hardware90 days softwareUpgrades to higher levels available
Mounting Options19" Universal EIA (telco) RackTabletop
StandardsCompliance802.3,10BaseT802.3u 100BaseTX,100BaseFX802.3z 1000BaseSX802.3z 1000BaseLX802.3x Flow Control802.1q VLAN Tagging802.1d Bridging802.3 Ethernet Like MIBRepeater MIBEthernet Interface MIBSNMP V1SNMP MIB II
NetworkManagementIntegrated Command LineInterfaceSSH
ServerIronXL ServerIron 100 ServerIron 400/450 ServerIron 800/850Series
Concurrent sessions 1,000,000 5,000,000 15,000,000 15,000,000
Throughput 2 Gbps 10 Gbps 56 Gbps 56 Gbps
Switching capacity 4.4 Gbps 20 Gbps 128 Gbps 256 Gbps
Packet forwarding rate 3,000,000 pps 48,000,000 pps 48,000,000 pps 84,000,000 pps
Number of Virtual IP addresses Unlimited Unlimited Unlimited Unlimited
Number of real servers 1,024 2,048 2,048 2,048
Number of 10/100 ports 24 24 72 168
Number of Gigabit ports 2 10 48 112
Total number of ports 26 24 72 168
Layer 3 switching capabilities Supports servers OSPF,RIPv2,Supports OSPF,RIPv2,Supports OSPF,RIPv2,Supports on different subnets servers on different servers on different servers on different from that of Virtual subnets from that of subnets from that of subnets from that of IP address Virtual IP address Virtual IP address Virtual IP address
Physical dimensions 2.75" h x 17.5" 8.75" h x 17.5" 8.75" h x 17.5" 20.75" h x 17.5"w x 16.75" d w x15" d w x 15" d w x15.25" d (6.7 cm x 44.5 (22.2 cm x 44.5 (22.2 cm x 44.5 (52.7 cm x 44.5cm x 42.2 cm) cm x 38.1 cm) cm x 38.1 cm) cm x 38.7 cm)
Weight 18–22 lbs Not to exceed 60 lbs 60 lbs fully loaded 117 lbs fully loaded (8–10 kg) (29.9 kg) (29.9 kg) (43.7 kg)
Power requirements 110v/220v Single (1) Power Supply: 4-slot Chassis with Single 8-slot Chassis with Singleauto-sensing Input Voltage and Current (1) Power Supply: (1) Power Supply:
Power Supply Rating— Input Voltage and Current Input Voltage and Current 70 to -40 VDC:17A 100 Power Supply Rating -70 Power Supply Rating -70 to 120 VAC (auto-ranging): to -40 VDC:17A 100 to -40 VDC:17A 100 8A 200 to 240 VAC to 120 VAC (auto-ranging): to 120 VAC (auto-(auto-ranging):4A AC 8A 200 to 240 VAC ranging):8A 200 to 240 line frequency:47–63 Hz (auto-ranging):4A AC VAC (auto-ranging):4A
line frequency:47–63 Hz AC line frequency:47–63 Hz
9
Ordering Information
Part Number DescriptionServerIron 450 and 850 Base Platforms
SI450 4-slot chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to three additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
SI450-DC 4-slot –48V DC chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to three additional JetCore based line interface modules installed in the chassis for high-performance Layer 4-7 switching applications
SI850 8-slot chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to seven additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
SI850-DC 8-slot –48V DC chassis equipped with WSM6 (Web Switching Management Module) that automatically aligns itself with up to seven additional JetCore based line modules installed in the chassis for high-performance Layer 4-7 switching applications
S450 4-slot ServerIron 450 chassis with single AC power supplyS450-DC 4-slot ServerIron 450 chassis with single –48V DC power supplyS450-S 4-slot ServerIron 450 SPARE chassis,NO Power supplyS850 8-slot ServerIron 850 chassis with single AC power supplyS850-DC 8-slot ServerIron 850 chassis with single –48V DC power supplyS850-S 8-slot ServerIron 850 SPARE chassis,NO Power supply
ServerIron 450 and 850 Module OptionsJ-B48E 48-port 10/100Base-TX (RJ45) double-wide JetCore line ModuleJ-BxG 8-port 1000Base-X (mini-GBIC) JetCore line ModuleJ-B16GC 16-port 100/1000Base-T (RJ45) JetCore line ModuleJ-B16Gx 16-port 1000Base-X (mini-GBIC) JetCore line Module
ServerIron 450 and 850 System OptionsWSM6 Web Switch Management Module (WSMM) II.Use this to order replacement or for inventory of a backup WSMM.TRFWRKS-PREM Premium Layer 2 Switching,Layer 3 Routing,& Layer 4-7 Traffic management software
ServerIron 450 and 850 Gigabit Optic UpgradesLHA 1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantitiesLHB 1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.ServerIron 450 and 850 Mini GBIC Options
E1MG-SX 1000Base-SX mini-GBIC optic,MMF,LC connectorE1MTG-SX 1000Base-SX mini-GBIC optic,MMF,MTRJ connectorE1MG-LX 1000Base-LX mini-GBIC optic,SMF,LC connectorE1MG-LHA 1000Base-LHA mini-GBIC optic,SMF,LC connectorE1MG-LHB 1000Base-LHB mini-GBIC optic,SMF,LC connector,150km Maximum reachE1MG-TX 1000BASE-TX Mini-GBIC Copper,RJ-45 Connector
ServerIron 400 and 800 Base PlatformsSI400 4-slot chassis equipped with WSMM—high-performance application switching moduleSI400-DC 4-slot chassis equipped with WSMM—high-performance application switching module and –48V DC powerSI800 8-slot chassis equipped with WSMM—high-performance application switching moduleSI800-DC 8-slot chassis equipped with WSMM—high-performance application switching module and –48V DC powerS400 4-slot ServerIron chassis with single AC power supplyS400-DC 4-slot ServerIron chassis with single–48V DC power supplyS400-S 4-slot ServerIron SPARE chassis with NO power supplyS800 8-slot ServerIron chassis with single AC power supplyS800-DC 8-slot ServerIron chassis with single –48V DC power supplyS800-S 8-slot ServerIron SPARE chassis with NO power supply
ServerIron 400 and 800 Module OptionsBxG-A 8-port 1000Base-X (mini-GBIC) ServerIron IronCore moduleB2G-A 2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore moduleB4G-A 4-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore moduleB8G-A 8-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore moduleB8GC 8-port 1000Base-T (RJ45) ServerIron IronCore moduleB24E-A 24-port 10/100Base-TX (RJ45) ServerIron IronCore moduleB24FX 24-port 100Base-FX (MTRJ) for 50 or 62.5µm MMF ServerIron IronCore module
ServerIron 400 and 800 System OptionsWSM4 ServerIron 400/800 Web Switch Management Module.Use this to order replacement or for inventory of a backup Web Switch
Management module.TRFWRKS-PREM Premium Layer 2 Switching,Layer 3 Routing,& Layer 4-7 Traffic management software
ServerIron 400 and 800 Gigabit Optic UpgradesLHA 1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantitiesLHB 1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.
10
ServerIron 400 and 800 Mini GBIC OptionsE1MG-SX 1000Base-SX mini-GBIC optic,MMF,LC connectorE1MTG-SX 1000Base-SX mini-GBIC optic,MMF,MTRJ connectorE1MG-LX 1000Base-LX mini-GBIC optic,SMF,LC connectorE1MG-LHA 1000Base-LHA mini-GBIC optic,SMF,LC connectorE1MG-LHB 1000Base-LHB mini-GBIC optic,SMF,LC connector,150km Maximum reachE1MG-TX 1000BASE-TX Mini-GBIC Copper,RJ-45 Connector
ServerIron 100 Base PlatformsSI-100-2402 24-port 10/100Base-TX (RJ45) ServerIron IronCore module and 2 port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron
IronCore module (DC Power)SI-100-2402-DC 24-port 10/100Base-TX (RJ45) ServerIron IronCore module and 2 port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron
IronCore module (DC Power)SI-100-8GC02F 8-port 1000Base-T (RJ45) ServerIron IronCore module and 2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore moduleSI-100-8GC02F-DC 8-port 1000Base-T (RJ45) ServerIron IronCore module and 2-port 1000Base-SX (SC) for 50 or 62.5µm MMF ServerIron IronCore
module (DC Power)SI-100-8G 8-port 1000Base-X (mini-GBIC) ServerIron IronCore module.GBICs requiredSI-100-8G-DC 8-port 1000Base-X (mini-GBIC) ServerIron IronCore module.GBICs required (DC Power)
ServerIron 100 System OptionsWSM4-100 ServerIron 100 Web Switch Management Module.Use this to order replacement for the management module in SI-100 configurations.SI-100-TW-PREM Enhanced version of Trafficworks IronWare for the SI 100 series that includes Global Server Load Balancing (GSLB)
ServerIron 100 Gigabit Optic UpgradesLHA 1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantitiesLHB 1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150km maximum reach with 9 or 10µm SMF and minimum 10dB
attenuation—specify SX to LHx upgrade quantities.ServerIron 100 Mini GBIC Options
E1MG-SX 1000Base-SX mini-GBIC optic,MMF,LC connectorE1MTG-SX 1000Base-SX mini-GBIC optic,MMF,MTRJ connectorE1MG-LX 1000Base-LX mini-GBIC optic,SMF,LC connectorE1MG-LHA 1000Base-LHA mini-GBIC optic,SMF,LC connectorE1MG-LHB 1000Base-LHB mini-GBIC optic,SMF,LC connector,150km Maximum reachE1MG-TX 1000BASE-TX Mini-GBIC Copper,RJ-45 Connector
ServerIronXL Base PlatformsFCSLB16 16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slotFCSLB24 24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slotFCSLB16-I (International Orders Only) 16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slotFCSLB24-I (International Orders Only) 24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slotFCSLB16DC 16-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot and –48VDC power supplyFCSLB24AC 24-port 10/100Base-TX (RJ45) ServerIron XL with one expansion slot and –48VDC power supply
ServerIronXL System OptionsU1GC 1-port 1000Base-T (RJ45) copper Gigabit uplinkU2GC 2-port 1000Base-T (RJ45) copper Gigabit uplinkRPS Redundant auto-switching 90-240v AC power supply for ServerIron XL 16/24 port onlyRPS-I (International Orders Only) Redundant auto-switching 90-240v AC power supply for ServerIron XL 16/24 port onlyRPSDC-FC -48VDC power supply for ServerIron XL 16/24 only and is a factory configuration onlyF2100F 2-port 100Base-FX MMF (SC) uplinkF1GE 1-port 1000Base-SX (SC) Gigabit uplink for 50 or 62.5 um MMFF2GE 2-port 1000Base-SX (SC) Gigabit uplink for 50 or 62.5 um MMFFLX1GE 1-port 1000Base-LX (SC) Gigabit uplink for 9 or 10 um SMFFLX2GE 2-port 1000Base-LX (SC) Gigabit uplink for 9 or 10 um SMFFLXSXGE 2-port Gigabit uplink with 1-port 1000Base-SX (SC) and 1-port 1000Base-LX (SC) for 50 or 62.5 um MMF and 9 or 10 um SMFFLHA1G 1-port 1000Base-LogHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10 db attenuationFLHA2G 2-port 1000Base-LogHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuationFLHB1G 1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuationFLHB2G 2-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10 dB attenuation
ServerIronXL GBIC OptionsLHA 1-port 1000Base-LongHaul (SC) series A Gigabit uplink for 70 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation—
specify SX or LHx upgrade quantitiesLHB 1-port 1000Base-LongHaul (SC) series B Gigabit uplink for 150 km maximum reach with 9 or 10 um SMF and minimum 10dB attenuation—
specify SX or LHx upgrade quantities
Specifications subject to change without notice.
11
DS-004/Rev.5/06-04
© 2004 Foundry Networks, Inc.All Rights Reserved.Foundry Networks,BigIron,FastIron,NetIron,ServerIron, IronPoint,Terathon, JetCore,EdgeIron, IronView,JetScope, IronShield,MetroLink, IronWare,TrafficWorks,Power of Performance and the ‘Iron’ family of marks are trademarks or registered trademarks of Foundry Networks, Inc. in the United States and othercountries.All others are trademarks of their respective owners.
Foundry Networks, Inc.Corporate Headquarters2100 Gold StreetP.O.Box 649100San Jose,CA 95164-9100
U.S.and Canada Toll-free:1-888-TURBOLAN (887-2652)Tel:+1 408.586.1700 Fax:+1 [email protected] www.foundrynetworks.com
Although Foundry has attempted to provide accurate information in these materials, Foundry assumes no legal responsibility for the accuracy orcompleteness of the information.More specific information is available on request from Foundry.Please note that Foundry’s product information doesnot constitute or contain any guarantee,warranty or legal binding representation,unless expressly identified as such in duly signed writing.
12
