Elfiq_LinkLB_FAQ_v1_8_2215367

lin

Elfiq Link Load Balancer

Frequently Asked Questions (FAQ) For Elfiq Operating System (EOS) version 3.1.x Document Revision 1.8 May 2006

Elfiq Solutions

www.elfiq.com

Page 2 / 14

Elfiq Link Load Balancer FAQ

Table of contents

1 Introduction ........................................................................................................................................................... 4 1.1 Advantages ............................................................................................................................................. 4 1.2 Which types of enterprises are aimed by the Elfiq Link Load Balancer?........................................................ 4 1.3 Available modes ...................................................................................................................................... 4

2 Return on Investments............................................................................................................................................ 5 2.1 Scenario #1: A T1 link vs. multiple DSL links (3 Mbps) with Elfiq Link Load Balancer.................................... 5 2.2 Scenario #2: A T1 link vs. multiple DSL links (4 Mbps) with Elfiq Link Load Balancer.................................... 5 2.3 Scenario #3: Relative costs to Internet downtime or performance drops..................................................... 5

3 Installation and management .................................................................................................................................. 6 3.1 Installation .............................................................................................................................................. 6 Configuration and management ............................................................................................................................. 7

4 Differences Between BGB and the Elfiq Link Load Balancer........................................................................................ 8 5 Technical FAQ ...................................................................................................................................................... 10

5.1 Is it possible to balance different types of links through the Elfiq Link Load Balancer?................................ 10 5.2 What are the types of connections supported by the Elfiq Link Load Balancer? .......................................... 10 5.3 What happens with links of different speeds? .......................................................................................... 10 5.4 Does the Elfiq Link Load Balancer give me one global link with the total bandwidth of all individual links

combined? ............................................................................................................................................ 10 5.5 What is the performance level of the Elfiq Link Load Balancer?................................................................. 10 5.6 How does the Elfiq Link Load Balancer manage link redundancy? ............................................................. 10 5.7 Can the Elfiq Link Load Balancer system itself be redundant? ................................................................... 10 5.8 Is the Elfiq Link Load Balancer able to detect a link failure?...................................................................... 10 5.9 How will we know if there is a failure to one of the WAN/Internet connections? ........................................ 11 5.10 What happens to applications that require persistent sessions (e.g. video streaming)?............................... 11 5.11 I have an Alizé Link Load Balancer unit, what is the difference with the Elfiq Link Load (Link LB) Balancer? 11

6 Advanced FAQ...................................................................................................................................................... 12 6.1 How is incoming traffic balanced? ........................................................................................................... 12 6.2 How is outgoing traffic balanced? ........................................................................................................... 12 6.3 How many WAN/Internet links can an Elfiq Link Load Balancer manage? .................................................. 12 6.4 We have 2 WAN/Internet links but our firewall only supports one default gateway. How does the Elfiq Link

Load Balancer manage traffic?................................................................................................................ 12 6.5 Is NAT always required?......................................................................................................................... 12 6.6 Does the Elfiq Link Load Balancer support persistent sessions?................................................................. 12 6.7 What does persistence mean? ................................................................................................................ 12 6.8 What do PAT and NAT mean?................................................................................................................. 13 6.9 We have multiple links on an Elfiq Link Load Balancer. How can we do maintenance on one of them without

affecting all services? ............................................................................................................................. 13 6.10 What are the available balancing algorithms? .......................................................................................... 13 6.11 Does the Elfiq Link Load Balancer require access to the routers that face the WAN/Internet links?.............. 13 6.12 Encapsulation on the WAN link is not the same as that on the LAN. Are utilization estimates still accurate?. 13 6.13 Which protocols are used for redundancy? .............................................................................................. 13 6.14 When used in redundancy, how much time does a transfer to the slave system take?................................ 13 6.15 During the state transfer to the slave system, does the slave system need to reevaluate link utilization?..... 13 6.16 Does the Elfiq Link Load Balancer offer the possibility to filter IP traffic? ................................................... 14 6.17 Can the Elfiq Link Load Balancer block IP addresses in real time? ............................................................. 14 6.18 Is it possible to be notified when a WAN/Internet link goes down? ........................................................... 14 6.19 Am I required to have an Autonomous System Number (ASN)? ................................................................ 14

Page 3 / 14


6.20 Does the Elfiq Link Load Balancer support authentication protocols, such as CHAP, PAP and PPPoE encapsulation?....................................................................................................................................... 14

6.21 How does the Elfiq Link Load Balancer detect a problem on a WAN/Internet link? ..................................... 14

Page 4 / 14


1 Introduction The Elfiq Link Load Balancer (or Link LB) guarantees optimal access to your network and applications, while optimizing your network access throughput and reducing the total cost of ownership.

Offered at a competitive price, its integration is quick, easy and straightforward. No change on network structure, architecture or IP addressing are required (i.e.: BGP is not required).

Operating at the data link layer (layer 2), the Elfiq Link Load Balancer does not require any IP addresses. It’s practically invisible to the rest of the network, which makes it a highly secure device.

Robust and flexible, it integrates a real time failover engine, allowing the addition of a second load balancer in a fault tolerant configuration. The Elfiq Load Balancer's system and configurations resides in FLASH memory on the device, thus eliminating the use of any mechanical part (e.g. hard disk) and reducing the risk of failure.

On top of being able to adapt to any type of link, the ELFIQ Load Balancer uses advanced load balancing algorithms for different protocols.

The enterprise model also allows you to create multiple logical groups within the configuration of the Elfiq Link Load Balancer, which makes it possible to have multiple load balancer instances in a single unit. Each group has its own configuration, statistics and priorities. For example, you could have the following situation:

• One group for the Internet links and another for the private or internal links

• Different groups for IT and administration, each group associated to a different configuration.

1.1 Advantages The use of the Elfiq Link Load Balancer provides numerous advantages. Among the most important are:

• Elfiq Link Load Balancer saves time and money while optimizing the use of your WAN/Internet links.

• Elfiq Link Load Balancer allows the use of multiple WAN links simultaneously in a way that is completely transparent to the users.

• Elfiq Link Load Balancer optimizes bandwidth usage, therefore eliminating costs related to the failure or lack of performance of WAN/Internet links.

• Elfiq Link Load Balancer can eliminate the costs of expensive links by replacing them with multiple less expensive links, without reducing your overall performance. In certain cases it could even improve it! As an added value, the use of the Link LB will give you an excellent level of redundancy.

See section “Return on Investments”.

1.2 Which types of enterprises are aimed by the Elfiq Link Load Balancer? If you answer yes to at least one of the following questions, the Elfiq Link Load Balancer is aimed at your company.

1. Is Internet access an important factor for your company?

2. Does your company have more then one WAN/Internet link?

3. Does a rupture of Internet access generate a loss of productivity or revenue in your company?

4. Does a drop in Internet access performance generate a loss of productivity or revenue in your company?

1.3 Available modes The Elfiq Link Load Balancer is offered in both as an optimized 1U rack mountable case, as well as a tabletop unit. The Elfiq Link Load Balancer 2000 and 3000 models can also be coupled in failover mode to provide physical redundancy of the units.

In autonomous mode, no fault tolerance is provided. This means that only one Elfiq Link Load Balancer balances all the traffic.

In failover mode, the advanced fault tolerance feature is activated. Two Elfiq Link Load Balancer units are required in this configuration. The second Link LB is in standby mode and will take over the tasks of the primary balancer in case of failure. Failover is done in real time and is completely automatic.

For the Link LB 2000 and 3000 models, a real time dispersed geographic balancing option is available to balance the load between different sites, such as alternate or replication (mirror) sites.

Page 5 / 14


2 Return on Investments Usage of the Elfiq Link Load Balancer can reduce bandwidth costs by up to 50%. The simultaneous use of multiple more affordable links eliminates the need for more costly links, such as T1, fiber or T3 links, all the while assuring redundancy and optimizing the bandwidth.

The Link LB therefore minimizes the impact on critical applications, since the bandwidth usage is optimized.

As mentioned, an advanced real time fault tolerance function is also available. It makes it possible to configure two Elfiq Link Load Balancer systems in a way that the second unit operates in standby mode, ready to automatically take over in case of hardware or software failure on the master unit. In such a case, the load transfer from one unit to the other is completed within a few seconds and completely transparent to the users.

As opposed to the vast majority of available load balancers on the market, the Elfiq Link Load Balancer operates at the data link layer of the OSI model (layer 2). This allows it to be very secure and almost invisible on the network, since no IP addresses are required. Its integration is also very simple and only requires a minimal external intervention, or in some cases, none at all.

In most cases, the savings realized by the use of the Link LB will make up for its purchase cost in less then a year. Some scenarios are presented in the following paragraphs in order to demonstrate the savings that can be realized thanks to the Link LB. Please note that prices are approximate market prices, in dollars. Many factors can influence real prices (company needs, Internet service provider, terms of contract, geographic location, industry type, etc.).

2.1 Scenario #1: A T1 link vs. multiple DSL links (3 Mbps) with Elfiq Link Load Balancer T1 Link:

• Speed: 1.544 Mbps download / 1.544 Mbps upload • Monthly price: 1 250$

DSL/Cable/Satellite Link: • Speed: 3 Mbps download / 640 Kbps upload • Monthly price: 220$

Annual costs:

Download Bandwidth Upload Bandwidth Annual Costs Annual savings

1 T1 Link 1,544 Mbps 1,544 Mbps 15 000$

2 DSL Links 6,000 Mbps 1,280 Mbps 5 820$ 9 720$


2.2 Scenario #2: A T1 link vs. multiple DSL links (4 Mbps) with Elfiq Link Load Balancer T1 Link:

• Speed: 1.544 Mbps download / 1.544 Mbps upload • Monthly price: 1 250$

DSL Link: • Speed: 4 Mbps download / 800 Kbps upload • Monthly price: 320$

Annual costs:

Download Bandwidth Upload Bandwidth Annual Costs Annual savings

1 T1 Link 1,544 Mbps 1,544 Mbps 15 000$



2.3 Scenario #3: Relative costs to Internet downtime or performance drops Costs of one hour of downtime: 2 000$

Costs of one hour of performance drops: 1 000$

Yearly hours of downtime: 10

Yearly hours of performance drops: 24 (twice a month)

Savings generated by Elfiq Link Load Balancer: 2 000$ x 10 + 1 000$ x 24 = 44 000$

Page 6 / 14


3 Installation and management

3.1 Installation Physical installation of the Elfiq Link Load Balancer is the simplest on the market. All you need to do is plug in two Ethernet cables and traffic will automatically start to flow through the balancer. Afterwards, you will be able to create balancing rules to tailor the load balancing to your needs. Since the Link LB operates at the data link level (layer 2) of the OSI model, no IP addresses need to be configured, except for the management interface.

The Link LB is installed between Internet/WAN routers and the external firewall.

The Elfiq Link Load Balancer is completely independent from the other systems, as well as Internet service provides. The Link LB does not use BGP (Border Gateway Protocol) and does not require an ASN (Autonomous System Numbers) either. Since it operates at the data link layer (layer 2) of the OSI model, no network or sub network changes are required.

The Elfiq Link Load Balancer can be perceived as a « black box » that is transparent to the rest of your network.

Page 7 / 14


Configuration and management The configuration and management of an Elfiq Link Load Balancer system can be done through secured SSH console access or through a graphical management tool available under Windows or X-Windows.

Link LB events and alerts are sent to a remote syslog server on your network through the management interface. A basic syslog server has been included in the graphical user interface management console, should you need one.

All Elfiq Link Load Balancer statistics are also available via SNMP from the management interface. Elfiq is a registered organization at the Internet Assigned Numbers Authority, (IANA, http://www.iana.org) at the MIBS SNMP enterprise level. The OID number reserved to Elfiq is 19713.

A simple to use application programming interface (API) is also available (XML API) for the configuration and management of your Link LB.

Page 8 / 14


4 Differences Between BGB and the Elfiq Link Load Balancer

The following grid compares the implementation of an Elfiq Link Load Balancer compared to a typical use of BGP protocol:

Elfiq Link Load Balancer BGP

Traffic Management

Choice of best link Yes. This is done in real time according to the configured algorithm.

No.

Flexibility in the use of links Yes. Through the use of the user interface, it is possible to change the chosen algorithms according to business needs and politics within a few minutes.

No.

Parallel use of multiple links Yes. The Elfiq Link Load Balancer supports over 64 simultaneous links, including asymmetric links.

No. The second link can only be use in case of failure from the primary link.

Link redundancy Yes. The redundancy is done in real time (a few seconds) and is fully dynamic. Moreover, no manual intervention is needed.

Yes. However, in case of failure, you have to wait for propagation which can take up to 30 minutes to complete.

Bandwidth increase Yes. The Elfiq Link Load Balancer uses the bandwidth of all the links in parallel.

No.

Traffic prioritization Yes. With the Elfiq Link Load Balancer, it is possible to prioritize the traffic of chosen protocols, applications or even departments within the enterprise.

It’s also possible to prioritize incoming traffic to chosen services or systems.

No.

Alerts and notifications Yes. Through the user interface and the syslog on the management LAN.

Yes. However, in certain cases of outsourcing, the router might be difficult to access.

Statistics Yes. Real time graphics are available through the user interface.

No.

DRP (Disaster Recovery Plan) and geographic balancing

Yes. The Elfiq Link Load Balancer supports geographical redundancy, which consists of balancing two geographically distinct sites.

Extremely complex.

Installation and Maintenance

Installation Simple. Local installation can be completed within a few hours.

Does not require any changes to the current network infrastructure.

Only minimal external intervention is needed.

Complex. Requires the cooperation of both a BGP expert and service providers.

Requires an often lengthy planning.

In certain cases, it can be very difficult to get proper collaboration between service providers.

Configuration changes Simple. Most modifications can be performed internally via an easy to use user interface.

Complex. Require a BGP expert.

Physical redundancy Available. It is possible to install a second Elfiq Link Load Balancer unit in failover mode.

This second unit takes over in real time in case of failure from the first unit.

None

Page 9 / 14


Link failure management Transparent. The Elfiq Link Load Balancer detects link failures in real time and automatically redirects traffic on the other available links.

No downtime is experienced. The only effect is that certain sessions will be affected by the link failure and will need to be reestablished.

In case of failure, you have to wait for the propagation of routing tables, which can take up to 30 minutes.

In certain cases, the intervention of a BGP expert is required, which can increase the costs related to the failure.

Need of an AS number No. Yes, with justification and must contain IP classes.

Security Since the Elfiq Link Load Balancer acts at the data link layer of the OSI model, it does not require an IP address and is therefore completely transparent to the network.

TCP sessions are exposed to possible attacks.

Costs

Hardware Around 12000$ In the case of a router paid by the client : 25 000$

In the case of an outsourcing: no initial costs.

Installation A few hours from an Elfiq Link Load Balancer expert or from the client with the help of the user guide.

A BGP expert as well as the collaboration of two service providers is required. Long and therefore expensive process.

Changes and modifications No costs, in the majority of cases can be completed within a few minutes from an internal technician.

A BGP expert is required, which needs to be either an employee or a consultant. In both cases it is very expensive.

In case of a link failure No costs. The Elfiq Link Load Balancer guarantees the parallel use of all links.

The downtime can sometimes last for a few hours, which can be extremely expensive for an enterprise.

Links No loss of bandwidth. All the bandwidth that is paid for is always fully available in real time.

A second link needs to be paid but can only be used in case of a failure on the first link, which generates a loss of potential bandwidth.

Outsourcing No costs Monthly costs. The provider can also ask for a long term contract.

Extended warranty About 20% of the initial cost None

Others No other costs AS Number

Page 10 / 14


5 Technical FAQ

5.1 Is it possible to balance different types of links through the Elfiq Link Load Balancer?

Yes, you can use many possible combinations of links. Some basic examples include: a T1 link from one Internet service provider (ISP) and an xDSL link from another ISP, or two cable links from the same ISP and one xDSL link from a different ISP.

5.2 What are the types of connections supported by the Elfiq Link Load Balancer? The Elfiq Link Load Balancer offers standard Ethernet interfaces as interconnection points. Therefore, dedicated links, xDSL, cable, Frame Relay and ISDN are all supported as long as a router encapsulates or converts the link traffic to Ethernet before it passes through the Link LB.

5.3 What happens with links of different speeds? The Link LB can manage links of equal, different or asymmetric (different download and upload speeds) speeds just as well. Links of different speeds are managed transparently through the Link LB, which also guarantees that the most effective link is used for each given situation.

5.4 Does the Elfiq Link Load Balancer give me one global link with the total bandwidth of all individual links combined?

No. The Elfiq Link Load Balancer shares traffic between all available WAN/Internet links. This increases total bandwidth but not the maximum throughput of a single IP session.

5.5 What is the performance level of the Elfiq Link Load Balancer? The Link LB offers a very high level of performance, as it can simultaneously manage multiple 100mbps links. The enterprise model also supports gigabit links.

5.6 How does the Elfiq Link Load Balancer manage link redundancy? Combining WAN/Internet links from multiple providers makes it possible to achieve a redundancy level of nearly 100%. If one of the links should go down, traffic will be automatically and transparently redistributed to the other active links. Additionally, in order to provide optimal link utilization, Elfiq Link Load Balancer can detect network and/or physical failures that might occur on a link.

The Link LB also eliminates the use of the BGP protocol for link redundancy, thereby eliminating all the high costs associated with it. Please see section 4, differences between BGP and the Elfiq Link Load Balancer for more information.

5.7 Can the Elfiq Link Load Balancer system itself be redundant? Yes. Two Link LB systems can be used in redundancy. In this scenario, one Elfiq Link Load Balancer system is configured to be the master and the other, the slave. The master system does all the balancing, while the slave system is in standby mode. Should the master system become unavailable because of software or hardware issues, the slave system will automatically take over within a few seconds.

The transition from the master system to the slave system is completely transparent and does not require any manual intervention. Once the failed system is replaced (the old master), it will now become the new slave system. It will therefore synchronize itself with the new master and will be in standby mode.

In a master/slave configuration, the slave system does not require any system configuration. As soon as it is linked to the master system, the slave will automatically fetch its entire configuration from the master system. No other products on the market offer this level of simplicity.

5.8 Is the Elfiq Link Load Balancer able to detect a link failure? Yes, the Link LB monitors each of the WAN/Internet links in order to detect logical or physical problems. In the case of a failure on one of the links, the traffic will transparently be redistributed to the other links.

Page 11 / 14


5.9 How will we know if there is a failure to one of the WAN/Internet connections? In the case of a service rupture on one of the links, a syslog event will be sent to the syslog server preconfigured in the Link LB’s configuration. Optionally, an SNMP alert can also be sent.

When a service rupture occurs, traffic is redirected to the other links. Most TCP applications will automatically retransmit the few packets that were lost during the transition. This will therefore make the loss of a link practically transparent to users and applications.

5.10 What happens to applications that require persistent sessions (e.g. video streaming)?

The Elfiq Link Load Balancer natively supports the configuration of persistent sessions. If an application requires the use of the same link for the entire session, the Elfiq Link Load Balancer can ensure that this requirement is met.

5.11 I have an Alizé Link Load Balancer unit, what is the difference with the Elfiq Link Load (Link LB) Balancer?

Both are the same product.

Page 12 / 14


6 Advanced FAQ

6.1 How is incoming traffic balanced? Incoming traffic balancing is based on primary and secondary DNS entries that point to the client’s environment. Each session’s establishment or incoming protocol transaction will make a name resolution before establishing the session. The role of the Elfiq Link Load Balancer is to intercept those DNS queries and to respond based on link availability and other pre-configured factors.

Every service provided over the WAN/Internet links contains virtual DNS entries known as IDNS Resource Records (IDNS RR), and every IDNS RR entry is associated with an outgoing GMAC (WAN router). Many virtual DNS entries can be created in the Link LB in order to answer all incoming DNS queries.

6.2 How is outgoing traffic balanced? Outgoing traffic balancing gives users and systems behind the firewall to have simultaneous access to multiple WAN/Internet links. All outgoing connections exit with addresses that have been translated through NAT or by a predefined address, such as a proxy. With the Elfiq Link Load Balancer, definitions of groups of IP addresses, known as poolIPs, allow real time dynamic outgoing access to a predefined WAN/Internet link. A network address translation (NAT) is then done intended for WAN/Internet link.

6.3 How many WAN/Internet links can an Elfiq Link Load Balancer manage? The Elfiq Link Load Balancer uses a concept similar to an Ethernet bridge called Virtual Forwarder Interface (VFI). A VFI is an association of an input and output Ethernet interface. The enterprise model can support up to 5 VFI. Each VFI can support between 2 and 64 links depending of the Elfiq Link Load Balancer model.

6.4 We have 2 WAN/Internet links but our firewall only supports one default gateway. How does the Elfiq Link Load Balancer manage traffic?

Since the Link LB operates at the data link layer of the OSI model (layer 2), it is practically invisible to the network. It detects, caches and manages the MAC addresses of the different WAN routers. Since the firewall only supports one default gateway, the Link LB will route the appropriate packets to the chosen router.

The Link LB registers all the MAC addresses of the external routers and stores each of them under a GMAC.

If one of the routers fails to answer ARP requests, the balancer will automatically answer them for it and redirect the packets to one of the available GMACs, as chosen in the configuration. Therefore, everything is transparent to the firewall.

6.5 Is NAT always required? No, it is not always required to use network address translation. In fact, it’s possible to prevent the manipulation of certain protocols, such as IPSEC HA. You can also associate multiple IP addresses (aliases) with each server located in the demilitarized zone (DMZ). The remaining problem depends on the complexity of the firewall configuration.

6.6 Does the Elfiq Link Load Balancer support persistent sessions? Yes. Outgoing traffic balancing uses access lists to manage persistent connections. Therefore, it is possible to individually select protocols and destinations that will be treated as persistent. The Elfiq Link Load Balancer manages persistence at the protocol level, from its data link layer (layer 2) position in the OSI model.

6.7 What does persistence mean? Persistence is the ability to use the same link once a session has been established, for a given protocol. For example, the FTP protocol has multiple simultaneous sessions on ports 20 and 21. In those cases, the client will be able to establish other parallel sessions while always using the same link.

The Elfiq Link Load Balancer only supports persistence for outgoing connections, as it is impossible to control incoming connections.

Please note however that any persistent sessions will need to be reestablished in the case of a link failure.

Page 13 / 14


6.8 What do PAT and NAT mean? NAT means Network Address Translation. This type of manipulation is used to mask IP addresses so all packets can be redirected to a different destination. The Elfiq Link Load Balancer supports NAT in incoming, outgoing and hybrid mode. PAT is derived from NAT, and means Port Address Translation. Besides being able to translate IP addresses, PAT can also manage port redirection. The Elfiq Link Load Balancer also supports PAT for incoming traffic. The FTP protocol is also supported with the following variants: PORT, PASV and EPASV.

6.9 We have multiple links on an Elfiq Link Load Balancer. How can we do maintenance on one of them without affecting all services?

All you need to do is deactivate the corresponding GMAC. This way, your configuration is not unmodified and the Link LB will continue to balance all the traffic on all the other links, except the one that has just been deactivated.

6.10 What are the available balancing algorithms? The Elfiq Link Load Balancer lets you choose a different algorithm for each resource. The following algorithms are available:

RR (Round Robin): distribution based on a continuous cycle through all the GMACs.

WFA (Weight First Algorithm): distribution based on the weight of each GMAC.

LTFA (Least Traffic First Algorithm): distribution based on the selection of the least saturated link. The selection is based on multiple factors, including link speed (capacity), real time utilization, response time, average utilization and weight.

ETFA (Equal Traffic First Algorithm): distribution based on link commensuration. The selection is based on various factors, including link speed (capacity), real time utilization, response time, average utilization and weight.

OPFA (Ordered Preferred First Algorithm): distribution based on link order.

BSFA (Best SitePath First Algorithm): distribution based on the selection of the optimal path between two sites.

6.11 Does the Elfiq Link Load Balancer require access to the routers that face the WAN/Internet links?

No, the Elfiq Link Load Balancer manages transmitted packets and estimates link utilization per GMAC by itself since access to the service providers’ routers in order to read statistics is usually blocked for security reasons.

6.12 Encapsulation on the WAN link is not the same as that on the LAN. Are utilization estimates still accurate?

Yes. By default, tests have proved that the link utilization estimates are very accurate. However, if increased accuracy is needed, a setting can be changed at the GMAC level in order to normalize encapsulation according to the type of link.

6.13 Which protocols are used for redundancy? None, since contrary to competing products, the Link LB operates at the data link layer (layer 2) of the OSI model.

6.14 When used in redundancy, how much time does a transfer to the slave system take? The transfer should be completed within four seconds.

6.15 During the state transfer to the slave system, does the slave system need to reevaluate link utilization?

No. The state of each GMAC is replicated in real time to the slave system.

Page 14 / 14


6.16 Does the Elfiq Link Load Balancer offer the possibility to filter IP traffic? Yes. The Link LB offers filtering on IP, ICMP, TCP and UDP protocols.

6.17 Can the Elfiq Link Load Balancer block IP addresses in real time? Yes, the Link LB allows real time shunning in the enterprise model. However, IDS detections must be done on a separate system. An API is available to integrate Elfiq Link Load Balancer with various Intrusion Detection Systems including Snort, ISS, NetRanger and others. APIs are based on an easy-to-use elementary language based on XML.

In this scenario, a port needs to be configured in tapping mode to provide the IDS probe with a copy of the aggregation of all IP packets to monitor.

6.18 Is it possible to be notified when a WAN/Internet link goes down? Yes, by default Elfiq Link Load Balancer will send an alert in real time to the management station as well as to the configured syslog server.

6.19 Am I required to have an Autonomous System Number (ASN)? No. A key factor in the Elfiq Link Load Balancer design is that it is easy to integrate, so, no ASN is required to use the Elfiq Link LB.

6.20 Does the Elfiq Link Load Balancer support authentication protocols, such as CHAP, PAP and PPPoE encapsulation?

No, the Link LB is intended to be used for link capacity management. The only layer 2 protocol that is supported is Ethernet. PPPoE authentication and encapsulation must be done by the router, which is usually provided by the service provider. However, this functionality is being evaluated and could be integrated into a future version of Elfiq Link Load Balancer.

6.21 How does the Elfiq Link Load Balancer detect a problem on a WAN/Internet link? The Link LB checks the status of each of the WAN links every 3 seconds. During that time, TCP sessions are conducted for each of the destinations configured using GMAC.

Therefore, every 3 seconds a SYN, SYN-ACK, RST sequence is done on each GMAC, to the destination of the next hop for that link. The response time (RTT) to this hop is then calculated.

If the first hop does not answer, the Link LB will try to contact the second hop. If the second one does not answer, the GMAC is automatically deactivated and the network traffic is dynamically redistributed to the other links.

Date post:	18-Jul-2016
Category:	Documents
Upload:	rpluto
View:	17 times
Download:	2 times

Elfiq_LinkLB_FAQ_v1_8_2215367

Documents