IP Address Hashing | Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing

The most common persistence mechanism is to use the IP address of the requesting device and bind all subsequent requests from that device to the selected server. For a TCP session to operate , a source IP address (SIP) and a destination IP address (DIP) are required. Normally, these values are unique for each flow from different devices and provide an excellent pointer to which the session can be associated. As discussed in earlier chapters, load balancing can be done using multiple variables . The most common method is to use the IP address. The SIP, DIP, or a combination of both can be used. How this approach is implemented is a large area of discussion, but to simplify matters we have summarized the process here:

When a packet ingresses the content switch, an algorithm runs against the incoming SIP, DIP, or SIP/DIP combination, and a value is calculated.
The algorithm differs from vendor to vendor, but all solutions will yield a value that will be used to select the appropriate destination server.
All further communications from that source to that service will be sent to the selected server, thus providing persistence.

This is also true for DIP hashing. Depending on the algorithm, it is generally accepted that this method is excellent for load distribution.

However, the problem here is that when using SIP hashing, this only provides Layer 3 persistence, and when used with a mega proxy, or even a medium- sized proxy, all sessions will be sent to the same server. While this might not be a major issue, it can have detrimental effects when we see how mega proxies are used and how prevalent they are in today's networks.

Mega proxies are very common in large ISPs and because of this can negate the use of SIP persistence. Again, this will occur if the SIP and DIP are used in conjunction. Obviously, while DIP hashing provides persistence, it will select the same server for every session on that service (HTTP, DNS, etc.), as all users, regardless from where they are coming, will be destined for the same address, which therefore defeats the object of load balancing. DIP hashing is, however, used in Web cache redirection and other such applications discussed later.

To get a better spread of traffic even when mega proxies are used, the TCP or UDP source ports in conjunction with the SIP and/or DIP could be used to provide a more granular method of persistence. This would allow for an even flow of load balanced traffic, but could still break the persistence model if different proxies are used that change the SIP during the transaction or when switching between HTTP and HTTPS.

Hashing is one of the best methods to use if you are designing a site and are not sure of what applications are going to be deployed. A point to note here is that many sites do use IP address hashing and have created successful and exciting applications with it. Remember that just because mega proxies are being used does not mean that you cannot use hashing as a method for persistence. It all depends on the site requirement, applications being used, and the site's public availabilityas our former boss would say, "when in doubt, hash." Chapter 5, Basic Server Load Balancing , has more detailed information on hashing.