Re: second squid box for redundancy and load balancing

On Wed, Dec 22, 1999 at 02:07:02AM +0100, Henrik Nordstrom wrote:
> Clifton Royston wrote:
> > The biggest advantage of switches/routers over servers is: no moving
> > parts, so they don't go down because a hard disk failed. ...

> And the biggest disadvantage is that few if any of them correcly
> implements all aspects of TCP/IP when used as a TCP load balancer. They
> work most of the time, but some users may experience strange problems
> due to various incompabilities in TCP options or ICMP processing.

Sure, I'm not saying they're a panacea, as all the marketing stuff
would have you believe. I'm very slowly and cautiously integrating
them into our network. The Foundry switches, to use the example I'm
familiar with, have a lot of implicit assumptions about how they're
deployed and used which you *must* understand to use them safely. One
issue I've found is that turning on apparently innocuous settings, or
doing something like move a server from a port on one switch to
another, can cause seemingly mysterious complete or partial failures of
some load-balanced service, OR of other TCP services. (E.g. turning on
a "port default" setting on a virtual server for DNS caused all
outgoing mail to start backing up on one of our real servers.)

When you have them set up perfectly correctly, though, they work well;
and the biggest benefit is not handling catastrophic outages, it's the
ability to deliberately shut down a server for maintenance or to move
it, without any customer visibility that anything has changed. For
many of our servers, it's now possible to do outages in the middle of a
weekday without customer problems or complaints, instead of having to
do maintenance downtime at 2am on weekends.

 
> And, the code and/or silicone in these beasts are fairly young compared
> to most routers or OS:es.

Note that I was including router-based (e.g. WCCP) solutions in the
above; I'm definitely not rating "smart" switches as inherently any
more bugfree than the other discussed solutions, especially routers.
Not that routers are bug-free, either - I've been in crisis mode
dealing with an unrelated semi-documented Cisco IOS limitation since
yesterday.
  -- Clifton

-- 
 Clifton Royston  --  LavaNet Systems Architect --  cliftonr@lava.net
        "An absolute monarch would be absolutely wise and good.  
           But no man is strong enough to have no interest.  
             Therefore the best king would be Pure Chance.  
              It is Pure Chance that rules the Universe; 
          therefore, and only therefore, life is good." - AC