Re: [j-nsp] SRX as a server load balancer for service redundancy?

Wed, 15 Aug 2012 09:54:31 -0700 

On 8/15/12 9:34 AM, Scott T. Cameron wrote:

The SRX isn't a loadbalancer.

Use something sensible like haproxy, nginx, etc.
We do layer 3 ecmp in front of our load balancer tier and I imagine that would be fairly straight forward to implement with an srx. each destination to be load balanced to is available via several nexthops, in this case the destinations are advertised using a ebgp session originating from a private ASN.
This approach doesn't deal with application health checks or asymmetric load balancing but you can take a destination out of the rotation by withdrawing the routes and if the bgp session drops that happens automatically. l3+l4 hash per flow load balancing is stateless but sticky. it can be implemented on more than one device.
I'm generally down on the idea of putting a stateful firewall in front of a service that accepts unsolicited incoming connections, it will tend to be the least scalable item in the path. 



Scott

On Wed, Aug 15, 2012 at 12:07 PM, OBrien, Will <obri...@missouri.edu> wrote:


I'm wondering if I can do a simple server load balancer using a SRX.

Example:
Server A offers up service on port xxxx.

Server B has the same service.

If Server A goes offline, send traffic over to server B.
Resume when Server A becomes available again.



One thought is to use something like track-ip to push a static nat mapping
around.
Ideally, I'd love to monitor the port.

Ideas or examples? This is really just for failover, rather than load
balancing.


I suppose I could monitor the service from a control machine and have a
script execute a configuration change if the service becomes unreachable.
I'd prefer it if the entire process were managed from the SRX.

(In this case it's a pair of clustered SRX 210s.)

Will
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to