radwareAd_2培训手册模板

1、Page 1AppDirector Training1.06.09-1.07.11- Part IIPage 2 Page 3高级健康检查Health Monitor模块通常情况下，只需要对业务进一种类形的检查，比如Ping, TCP 80或是检查一个页面等，使用Connectivity Check 就可以满足要求，配置也相对简单些。如果需要同时检查2种以上的业务元素时，比如同时需要检查服务器的TCP 80和TCP 8080，并且任何一个端口不工作，服务器都被视为不可用时；或者使用非常特殊的应用，比如使用RTSP的健康检查时，我们就需要使用高级健康检查功能 Health Monitoring模

2、块。 Page 4高可用性-健康检查多重组合检查SMTPRTSPSNMPSSLSSL HelloTCP PortTCP User DefinedUDPARPDNSFTPHTTPIMAP4LDAPPingPOP3RadiusServer 1Server 2AppDirectorPage.htm ?Page.htm ?TCP 443TCP 443Page 5 Page 6实验五1/241/241/241/241/241/24/24/24

3、/24/24/24/24SV1:01SV2:02VIP:0VIP:0VIP:0VIP:0VIP:0VIP:0Page 7实验五如图所示，建立1个Farm，分别包含图示两台服务器，定义VIPFarm1：健康检查-NoCheck，端口-any，轮询，EntryPerSession健康检查模块实验1每台服务器配置两种健康检查方式：PingTCP port 80；检查绑定配置完成后验证组合效果健康检查

4、模块实验2每台服务器配置两种健康检查方式：TCP port 80；HTTP网页：检查网页内容是否有“internet”字符串检查绑定配置完成后验证组合效果Page 8Page 9对话保持方式L3Client IP based persistencyRegular Session ModeL4Client IP and port Entry Per SessionServer Per SessionDispatch Method is HashingL7Delay binding is neededCookie persistenceSSL IDHTTP Session ID:Static ID

5、Dynamic IDCookie InsertPage 10WEB 4WEB 4WEB 1WEB 2WEB 3WEB 3WEB WEB Session ID PersistencePage 11 An HTTP cookie, or a Web cookie, is a parcel of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. HTTP cookies are used for authentica

6、ting, tracking, and maintaining specific information about users, such as site preferences and the contents of their electronic shopping carts. The term cookie is derived from magic cookie, a well-known concept in UNIX computing which inspired both the idea and the name of HTTP cookies.Cookies Intro

7、ductionPage 12HTTP CookiesA cookie is a small piece of information that is sent by a web server and stored on a web client browser so it can later be read back from that client.Cookie information can be used to associate session state information with a specific user.Cookies are transmitted in the H

8、TTP header from the server in the form:Set-Cookie:NAME=VALUE;expires=DATE;path=PATH; domain=DOMAIN_NAMECookies have size limitationsUp to 300 cookies per client from all sourcesSize of each cookie can be up to 4K 20 cookies per server or domain per sessionPage 13Cookies Example GET / HTTP/1.1Accept:

9、 image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*Accept-Language: en,zh-cn;q=0.7,zh-tw;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;

10、 SV1; .NET CLR 1.1.4322)Host: 24Connection: Keep-AliveInternet1.Client to Server-First Request , no Cookies will be Page 14Cookies Example (Cont.)IHTTP/1.1 200 OKTransfer-Encoding: chunkedServer: Microsoft-IIS/5.0Date: Sat, 28 Oct 2006 03:15:23 GMT-: -Content-Type: text/htmlSet-Cookie: c

11、ampaign=ref=NotPPC; expires=Mon, 27-Nov-2006 04:15:22 GMT; path=/Set-Cookie: radware=232548618; expires=Mon, 27-Nov-2006 04:15:22 GMT; path=/Set-Cookie: ASPSESSIONIDCQBDDCDB=KAJGMNNAKHCFNAFNGPAKDGBL; path=/Cache-control: private2.Server reply to Client Server will add the Cookies Value in the HTTP H

12、eaderPage 15Cookies Example (Cont.)Internet3.Client to Server- Subsequent request will add the cookies by client browser GET /styles/radware_main.css HTTP/1.1Accept: */*Referer: 24/Accept-Language: en,zh-cn;q=0.7,zh-tw;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (com

13、patible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)Host: 24Connection: Keep-AliveCookie: campaign=ref=NotPPC; radware=232548618; ASPSESSIONIDCQBDDCDB=KAJGMNNAKHCFNAFNGPAKDGBLPage 16Text Match Session ID PersistencyPage 17Session ID Persistency TableIf using Dynamic Session ID Pers

14、istency, This table is enough.Page 18Cookies Insert & Rewrite With the Cookie / Insert Rewrite capability, AppDirector supports client-server persistency for HTTP in cases when the server does not insert a cookie into the reply or when replies from all the servers contain the same cookie. When t

15、he reply from the server is sent with no cookie, persistency is maintained using cookies that AppDirector generates automatically and sends with the reply to the client. When the replies from all the servers connected to AppDirector contain the same predefined cookie, persistency is maintained using

16、 the Rewrite capability.Notes: To use the Cookie / Insert Rewrite capability, you must have the Cookie Persistency License.Page 19Insert / Rewrite Cookie The need: Maintain HTTP session persistency based on cookies without any change on servers Solution:AppDirector is able to add its own cookies to

17、server repliesThe following client requests include that cookie, AppDirector uses it to maintain server persistencyWeb1Web2WEB 1WEB Page 20Cookies InsertPage 21Cookies Insert (Cont.)Page 22Cookies Insert (Cont.)Page 23Cookies Insert (Cont.)Page 24 Page 25实验六1/241/241

18、/241/241/241/24/24/24/24/24/24/24SV1:01SV2:02VIP:0VIP:0VIP:0VIP:0VIP:0VIP:0Page 26实验六如图所示，建立1个Farm，分别包含图示两台服务器，定义VIPFarm1：健康检查-NoCheck，端口-any，轮询，Serv

19、erPerSession验证相同IP不同源端口被分配到不同服务器OMPC pattern对话保持演示Cookie插入对话保持实验选择Cookie插入观察Client table观察Dynamic session ID tablePage 27Page 28AppDirector load balances traffic based on layer 7 information using the following methods:URLsHTTP header informationFile typeBrowser TypeCookie (static or dynamic)Regular

20、 Expression within the HTTP Header Layer 7 PolicyPage 29GBBVIPDestination IP = VIPDestination URL = Destination IP = Selected serverDestination IP = VIPDestination URL = Destination IP = Selected serverLayer 7 URL PolicyPage 30HTTP Header Fields:Layer 7 Load BalancingPage 31Layer 7 Policies allow fo

21、r combinations of decision-making factors when configuring a SuperFarmURL + Header InformationURL + File typeEtc.Layer 7 PoliciesPage (English)SuperF (Spanish) (English) (Spanish) (Spanish) (English) (English) (Spanish)URL Accept- Language: es*URL Accept- Language: es*URL Accept- Language: en*URL Ac

22、cept- Language: en*Layer 7 PoliciesPage 33Layer 7 PoliciesThe underlying logic of Layer 7 Policies is based on the following components:Methods these define where to look in a clients request and what to look for based on the type (Header, URL, Regular Expression, etc.)Policy Entries these define wh

23、at to do with a clients request that matches one or more policies (i.e. what farm to send it to)Page 34Layer 7 PoliciesDelayed BindingSynSyn/AckAckGet HTTP:/Or UserAgent: MozillaOrAccept-Language:esTypical Client-Server ExchangePage 35Layer 7 PoliciesEnglishSpanishSyn?Initial Client connection does

24、not contain enough information to make a Layer 7 decision.Delayed BindingPage 36Layer 7 PoliciesEnglishSpanishSynSyn/AckAckGet HTTP:/Accept-Language:esHTTP Header Language = SpanishSynSyn/AckAckDelayed BindingPage 37 Page 38实验七1/241/241/241/241/241/24/24/24/24/24/24/24SV1:01SV2:02VIP:0VIP:20.1.