Layer-2 Path

From LB Wiki

Jump to: navigation, search

When the load balancer is in the Layer 2 path of traffic, it operates much like a switch or old-school bridge. The nature of an Ethernet network (regular/Fast/Gig) is such that there can be only one path to a given system (otherwise you get a real fun issue called a bridging loop). By putting the load balancer between the clients and the servers, we ensure that the load balancer will be the only path for traffic.

Figure 1: Bridge-path

A variation of bridge-path is when it used with switch ports. When servers are plugged directly into a load balancer that also operates as a switch, the servers defacto have the load balancer in the path of traffic on the way out.

Figure 2: Bridge-path with the load balancer as a switch

The Alteon load balancers are probably the most popular example of this. You can plug a server directly into an Alteon, configure the port as "server side", and you don't have to mess with any networking or default gateways.

Benefits

  • It's simple: Probably the biggest benefit to Layer-2 path is that it's pretty simple. You don't need to re-IP anything, and if you've already got a firewall doing NAT, there's no need to do any more NAT.
  • No spanning-tree protocol: If you have a pair of load balancers in a redundant scenario, only one of them can pass Layer-2 traffic at a time. Otherwise you get a bridging loop (which would really screw up a network). Most load balancers use a simple redundancy protocol so that only one of them is forwarding Layer-2 frames at a time, and it does this without spanning-tree protocol. Spanning-tree protocol is a way to prevent bridging loops in complex Layer 2 designs. It's also fairly complicated, and most of the time fail over is not subtle (link goes out, you're offline for up to a minute). While there are ways to mitigate issues with spanning-tree, spanning-tree protocol is still a four-letter word for many network administrators. So telling them that the load balancer doesn't participate in spanning tree will likely make them very happy.

Drawbacks

  • Just one pair: Any group of servers can only be load balanced by one pair of load balancers. Having two or more pairs would mean there is more than Layer 2 path to a given location, which is a no-no in Layer 2 design.
  • You can't do NAT: The servers and the virtual IPs must be on the same subnet in most cases, so you can't NAT from one subnet to the next.
  • You can't do DSR: Since there's only one possible path out, you'll end up hitting the load balancer anyway.



______________


Retrieved from "http://lbwiki.com/index.php/Layer-2_Path"
Personal tools
Advertisements