Date post: | 13-May-2015 |
Category: |
Technology |
Upload: | ixia |
View: | 1,897 times |
Download: | 0 times |
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
1
Rethink Server Load Balancer Testing
Rethink Server Load Balancer TestingA methodology to measure the performance, security, and stability of server load balancers under real-world network conditions
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
2
Rethink Server Load Balancer Testing
Table of ContentsIntroduction .................................................................................................................................................................................................................... 3
Layer 4 Top TC ................................................................................................................................................................................................................ 5
HTTP Load Balancer Test............................................................................................................................................................................................. 26
HTTPS/SSL ....................................................................................................................................................................................................................... 52
HTTP Caching ................................................................................................................................................................................................................. 74
Dual Traffic HTTP and IMAP ....................................................................................................................................................................................... 96
BlockFuzzer ..................................................................................................................................................................................................................... 127
Load Balancer Configuration .................................................................................................................................................................................... 135
About BreakingPoint ................................................................................................................................................................................................... 137
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
3
Rethink Server Load Balancer Testing
IntroductionToday’s network is under higher demand than ever before, each day handling ever growing and more complex business and Web
applications. A single server will not be able to handle the load demand required; multiple servers are needed and must be used to
meet the demand. For ease of use, a single IP address or domain name must be used; however, if several servers are required, this adds
complexity. Using a load balancer can ease the complexity of the network setup.
With the continued development of web applications, virtualization, cloud computing and more, a load balancer has become an integral
piece of networking equipment. With the use of a load balancer, a single service can be provided from multiple servers. A load balancer runs
on Layers 4 through 7 of the OSI Model, and some of the common protocols that are usually load balanced are HTTP, IRC, FTP, NNTP and
DNS. When in use, a load balancer is placed in front of a server farm on the network. The load balancer listens on the needed port, and when
a request comes in for the service, the load balancer will forward the request to one of the available servers. When the back-end server
receives the request from the load balancer, it will respond to the load balancer. In turn, the load balancer will respond to the client that
made the initial request. This makes the load balancer an invisible piece of networking equipment to the client.
Load balancers are aware of the requested protocol and will forward the connection to the correct server. Since not every server will be on
equal hardware or be able to handle equal loads, load balancers can be configured with an assigned weight for each server. For example,
a single core server can be configured with a lower weight than a quad core server because the quad core server will be able to handle a
higher offered load. This ensures that each client will receive the same experience as the next.
Another added benefit of using a load balancer is it helps maintain uptime of the requested services. If one server fails or is taken down for
an upgrade, the remaining servers are able to maintain and handle the load until the downed server is online again.
Not all load balancers are created equal. Some have more features than others, but a set of common features does exist between them.
As expected, load balancers support all TCP and UDP protocols. A form of SSL acceleration is usually available to improve the speed of
encryption. Another common feature is content caching: The load balancer will store objects that are frequently used. When this object is
requested, the load balancer will speed up the process by sending the object instead of asking a server for it. Other common features that
load balancers support are content compression, session persistence and bandwidth management.
The following Resiliency Methodology will demonstrate how to configure a load balancer and set up the BreakingPoint Storm CTM. This
Resiliency Methodology contains five different measurements and each are given a brief outline below.
Test 1: Layer 4 TCP
This test will determine the number of TCP connections per second that the load balancer is able to handle. Also, the TCP setup
time will be analyzed to determine how a greater number of TCP connections per second affects the time it takes to establish the TCP
connection. This test is also a baseline measurement for tests 2-5.
Test 2: HTTP
This test will determine the number of HTTP connections per second the load balancer is able to handle. Also, the BreakingPoint
Storm CTM will be configured to serve out five different sized HTTP pages. The overall bandwidth that the load balancer is able to support
will be determined.
Test 3: HTTPS
This is the same test as the HTTP , except encryption will be used. Normally, the HTTPS connection is made with the load balancer, and
the connection between the load balancer and the server is not encrypted, taking away the overhead of encryption.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
4
Rethink Server Load Balancer Testing
Test 4: HTTP Caching
As load balancers are able to locally cache objects, the BreakingPoint Storm CTM will be configured to send out dynamic pages and
image files. The TCP connection setup time will be analyzed to make sure the load balancer is locally caching the needed files.
Test 5: Dual Traffic HTTP and IMAP
Load balancers are able to handle multiple protocols at a time. The BreakingPoint Storm CTM will be configured to use both HTTP
and IMAP protocols. This helps determine the load balancer’s ability to handle multiple protocols while being stressed. Data rates and TCP
setup times are a couple of the results analyzed at the end of the test.
Test 6: Fuzzer
This test is an add-on test to the previous ones. This test will ensure that the load balancer is able to handle malformed packets or errors
within the packet. Results will be examined to determine the load balancer’s ability.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
5
Rethink Server Load Balancer Testing
Layer 4 Top TC
RFC:• RFC 793 – Transmission Control Protocol
Overview:
A basic Layer 4 TCP measurement will be performed. The load balancer should be configured with an open port of 80, as this is the port that
will be used during the test. The load balancer also should be configured with a range of IP Addresses that amounts to about 5% of the total
supported back-end servers to act as the end points for the TCP measurement. The BreakingPoint Storm CTM will act as both the clients
and the servers during the measurement. The BreakingPoint Storm CTM will be configured to use the Session Sender test component to
generate and receive the TCP requests.
Objective:
Determine the maximum number of TCP connections per second a load balancer is able to handle before dropping requests.
Setup:
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
6
Rethink Server Load Balancer Testing
1. OpenyourfavoriteWebbrowserandconnecttotheBreakingPointStormCTM.Oncethepagehasloaded,selectStart BreakingPoint Systems Control Center.
2. LogintotheBreakingPointStormCTMbyenteringyourLoginIDandPassword.Oncedone,clicktheLoginbutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
7
Rethink Server Load Balancer Testing
3. Reservetherequiredportstorunthetest.
4. Next,selectTestNew Testtostartwithconfiguringthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
8
Rethink Server Load Balancer Testing
5. Selectthefirstitemfromthelist,Select the DUT/NetworklocatedintheTestQuickSteps.
6. SelectOpen network neighborhood screentocreateaNetworkNeighborhoodforthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
9
Rethink Server Load Balancer Testing
7. SelecttheCreate a new Network Neighborhood (‘+’)button.
8. Enteraneasy-to-recallnameforthenewNetworkNeighborhoodandclickOK.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
10
Rethink Server Load Balancer Testing
9. Noticetheinterfacelistatthetopofthescreen.ItlistsInterfaces1-4andanExternal;onlytwointerfacesandtheexternalarerequiredforthistest.Delete Interface 3 and Interface 4byselectingtheinterfaceandthenclicking the close buttonthatappearsonthetab.Whenpromptedabouttheremovaloftheinterface,selectYes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
11
Rethink Server Load Balancer Testing
10. ConfigurealltherequiredIPinformationforInterface1.OncealltheIPinformationhasbeenentered,clicktheApply ChangesbuttonandthentheSave Networkbutton.
11. SelecttheInterface 2tabandagainconfigurealltherequiredIPinformation,makingsuretochangetheTypefromVirtual RoutertoHost.Oncetheconfigurationhasbeencompleted,clickApply ChangesandtheSave Networkbutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
12
Rethink Server Load Balancer Testing
12. SelecttheExternaltab.AnentryisalreadypresentintheSubnetsection.Deletethisentrybyselectingthetrashcanbutton.
13. Oncetheentryisdeleted,anewentrymustbecreated.EnterintheIPaddressinformationintheMinimum IP AddressandMaximum IP Addressfields.ClicktheAdd Rangebuttononcecompleted.Again,clicktheSave Networkbutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
13
Rethink Server Load Balancer Testing
14. SelecttheReturn to PreviousScreenbutton.
15. UnderDevice Under Test(s),verifythatBreakingPoint Defaultisselected,andunderNetwork Neighborhood(s)verifythatthenewlycreatedoneisselected.ClickAcceptoncecompleted.
16. WhenpromptedaboutswitchingNetworkNeighborhoodsbecausethecurrentonehasmoreinterfacesselectYes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
14
Rethink Server Load Balancer Testing
17. SelectAdd a Test ComponentfromTestQuickSteps.
18. SelectSession Sender (L4)fromtheSelect a component typewindow.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
15
Rethink Server Load Balancer Testing
19. Wewillnowperformstep3oftheTestQuickSteps.RenamethecomponentfromSession SendertoTCP Sessions.VerifythattheActivecheckboxisselected.ClickApply Changesoncecompleted.
20. SelecttheInterfacestab.VerifythattheExternal Servercheckboxisselected.ForInterface1,verifythattheClientcheckboxisselected,andforInterface2verifythattheServercheckboxisselected.ClickApply Changesoncecompleted.
21. SelecttheParameterstab.Thisiswhereallthetestcriteriawillbedefinedandconfiguredforthistest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
16
Rethink Server Load Balancer Testing
22. Noteveryparameterwillbechanged.ThefirstonethatshouldbechangedisTCP Session Duration (segments).Changethevaluefrom20to0.ThiswillallowforahigherrateofTCPconnectionspersecondtobeestablished.ClickApply Changesoncecompleted.
23. ThenextparameterthatneedstobechangedistheMinimum data rate.Itiscurrentlysetto200andneedstobechangedto1000.ThisvalueisinMegabits/second.Again,clickApply Changesoncecompleted.
24. ThenextparameterthatneedstobechangedisthePort distribution typeunderDestination Port.UsethedropdownmenuandchangethevaluetoConstant.Also,changetheMinimum port numberfrom6to80(oraknownopenportonyourloadbalancer).ClickApplyChangesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
17
Rethink Server Load Balancer Testing
25. UnderSessionRampDistribution,changetheRamp Up BehaviorfromFull Open toFull Open + Data + Close.ForRamp Up Seconds,enteravalueof148010.Thisisacalculatedvalue;wewishtoattempttoconnect750,000TCPconnections/second.Initially,10,000connectionswillbeestablished,andthenanother50every10secondsthereafter.Weadd10secondsfortheinitial10,000TCPconnections.Asamathematicalexpressionitwouldlooklikethis:((((750000-10000)/50)*10)+10.WemustmakesuretheRamp Up Secondsisalongenoughperiodoftimetocompletethisprocess.Provide30secondsfortheRamp Downperiod.Youwillhavetoscrolldownforthisfield.ClickApply Changes.
26. ScrolldowntotheRampUpProfile.UsetheRamp Up Profile TypedropdownmenuandchangethevaluetoStair Step.TheMinimum Connection RateisthenumberofTCPconnectionsthatwillbeusedatthestartofthetest.Enteravalueof10000.AswewishtodeterminethemaximumnumberofTCPconnectionsthatarepossiblepersecondenteravalueof750000intheMaximum Connection Rate.Enteravalueof50fortheIncrement N connections per secondandenteravalueof10forEvery N seconds.Thiswilladdanadditional50TCPconnectionattemptsevery10seconds.Thisvaluecanbeincreasedforashortertest,buttheresultsmightnotbeasaccurate.Pleasenote,youwillneedtoscrolldowntolocatesomeofthesefields.ClickApply Changesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
18
Rethink Server Load Balancer Testing
27. UnderSession Configuration,setbothMaximum Simultaneous SessionsandMaximum Sessions Per Secondtotheirmaximumvalues.ClickApply Changesoncecompleted.
28. Nootherparametersneedtobeconfigured.MakesuretheTest Statushasagreencheckmarknexttoit.Ifthereisnot,determinewhatiswrongbyselectingTest Statusandviewingtheerrors.
29. BeforeweselectSaveandRunfromTestQuickSteps,edittheTest Information Description.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
19
Rethink Server Load Balancer Testing
30. SelectSave and RunfromTest Quick Steps.
31. Ifthetesthasnotpreviouslybeensaved,enteranameforthetestandclickSave.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
20
Rethink Server Load Balancer Testing
32. Whilethetestisrunning,selecttheTCP tab.
33. Oncethetesthascompletedrunning,verifythatitsuccessfullypassed.ClickClose.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
21
Rethink Server Load Balancer Testing
34. InthelowerleftcorneroftheReal Time Statisticswindow,selectthegraphbuttontoviewdetailedresults.Thiswillopentheresultsinanewbrowserwindow.
35. Gotothebrowser.Ontheleftsideisthenavigationpanel,whereyoucannavigateandbrowsetheresults.Theresultsandtestinformationwillbedisplayedontherightsideofthebrowser.
36. ExpandtheTest Results for TCP Sessionsfolder,andthenexpandtheDetailsfolder.SelectTCP Connection Rate.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
22
Rethink Server Load Balancer Testing
37. OnceTCP Connection Ratehasbeenselected,agraphwilldisplaytheClientandServerattemptrate,establishrateandcloserate.Also,atableisdisplayedshowingthevaluesusedtocreatethegraph.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
23
Rethink Server Load Balancer Testing
38. Usingthetable,itispossibletodeterminethemaximumTCP Connection Rate.FromtheClient establish rate (TCP Sessions/s) column,locatethehighestvalue.Usingthegraph,findthehighestClientestablishratetodeterminethetimethehighestClientestablishratehappened.WiththeDUTusedinthistest,itlookslikeithappenedatabout11,270secondswitharateof75,237.9TCPSessions/s.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
24
Rethink Server Load Balancer Testing
39. AnotherinterestingmetricistheTCP Response Time.SelecttheTCP Response Timeinthenavigationalpanel.ThisgraphshowsthetimeittookforaTCPresponsetobemade.Thequickertheresponsetimes,thebetter.
40. SelectTCP Concurrent ConnectionsundertheDetailfolder.Agraphandatableoftheresultswillbedisplayed.Thegraphisbasedontheresultsfoundinthetable.TheybothprovideavalueforthenumberofClientconcurrentTCPsessions.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
25
Rethink Server Load Balancer Testing
41. AnotherinterestingmetricthatcanbeviewedistheFrame Data Rate.Again,thisisundertheDetailfolder.TheFrame Data Ratewillshowthedata transmit rateandthedata receive ratethatoccurredthroughoutthetest.
This test is just a starting point. Other more complex Layer 4 tests are possible. The following are some examples:
• Maximum TCP Open Rate (full open of clients, do not close client connections)
• Maximum TCP with Opening and Closing clients at same time.
• Throughput tests with varying number of clients.
• Increased number of supported back-end servers to 10%, 25%, 50%, 75% and 100%.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
26
Rethink Server Load Balancer Testing
HTTP Load Balancer Test
RFC:• RFC 1945 – Hypertext Transfer Protocol – HTTP/1.0
• RFC 2616 – Hypertext Transfer Protocol – HTTP/1.1
Overview:
The BreakingPoint Storm CTM will simulate the HTTP protocol. The BreakingPoint Storm CTM will simulate both the client and the server.
The server will respond with different page sizes to help mimic a more realistic Web browsing session. The load balancer will distribute the
connections to the simulated Web servers, and we can determine the number of connections per second possible with the configuration of
the load balancer.
Objective:
Determine the number of HTTP connections per second possible.
Setup:
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
27
Rethink Server Load Balancer Testing
1. OpenyourfavoriteWebbrowserandconnecttotheBreakingPointStormCTM.Oncethepagehasloaded,selectStart BreakingPoint Systems Control Center.
2. LogintotheBreakingPointdevicebyenteringyourLogin IDandPassword.Oncedone,selecttheLoginbutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
28
Rethink Server Load Balancer Testing
3. Reservetherequiredportstorunthetest.
4. Next,selectTestNew Testtostartwithconfiguringthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
29
Rethink Server Load Balancer Testing
5. Toconfigurethetest,wewillusetheTest Quick Steps.SelectSelect the DUT/Networkfromthelist.
6. Intheprevioustest,wecreatedaNetworkNeighborhood;sincethetestsetuphasnotchanged,itispossibletoreusethatNetworkNeighborhood.SelectBreakingPoint DefaultastheDevice Under Test(s)andthepreviouslycreatedNetwork Neighborhood.ClickAcceptoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
30
Rethink Server Load Balancer Testing
7. UsingtheTest Quick Steps,selectAdd a Test Component.
8. SelectApplication Simulator (L7)asthecomponenttype.ClickCloseonceselected.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
31
Rethink Server Load Balancer Testing
9. UndertheInformationtab,enteranamefortheApplicationSimulatorcomponentandClickApply Changes.
10. SelecttheInterfacestab.EnabletheExternal ServerandmakesureInterface1issetasaClientandInterface2issetasaServer.OncecompletedclickApply Changes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
32
Rethink Server Load Balancer Testing
11. BeforetheParametersofthetestcanbeconfigured,SuperFlowsmustbecreatedandconfigured.FromtheManagersdropdownmenu,selectApplication Manager.
12. Whenpromptedaboutsavingthetest,selectYes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
33
Rethink Server Load Balancer Testing
13. EnteranameforthetestintherequiredfieldandclickSave.
14. SelecttheSuperFlowstab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
34
Rethink Server Load Balancer Testing
15. AnewSuperFlowmustbecreated.ClicktheCreate a new Super Flow (‘+’)button(locatedunderthelistofSuperFlows).
16. EnteranamefortheSuperFlowthatwillbeeasytorecallwhencreatingtheAppProfile.ClickOKoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
35
Rethink Server Load Balancer Testing
17. ClicktheManage HostsbuttonunderStep 1 – Define Hosts.
18. Aclientandaserverhostshouldalreadybecreated.Nootherhostsarerequired.ClickCloseoncecompleted.
19. Next,theflowsmustbedefined.InStep 2 – Define Flows,makesureClientissettoClientandServerissettoServer.UsetheProtocoldropdownmenutoselectHTTPandthenclickAdd Flow (‘+’).
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
36
Rethink Server Load Balancer Testing
20. Next,anactionforthisflowmustbedefined.InStep 3 – Define Actions,usetheActiondropdownmenuandselectClient: GET,andthenselectServer: Response 200 (OK).Afterselectingeachaction,makesuretoclicktheAdd Action (‘+’)button.Also,makesurethattheFlowisselectedfromStep2oryouwillnotbeabletoaddanaction.
21. Next,theActionsmustbeconfigured.SelecttheClient GETaction(firstoneinthelist)andselectthe{…}button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
37
Rethink Server Load Balancer Testing
22. MakesureTransaction FlagisenabledandsettoContinueandthatEnable persistent HTTP sessionsisenabledandsettooff.Everythingelseshouldbedisabled.OncetheconfigurationiscompletedclickApply Changes.
23. SelectServer Response 200 (OK)intheActionlistandclickthe{…}button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
38
Rethink Server Load Balancer Testing
24. Mostofthedefaultsarealreadyconfiguredcorrectly.DoublechecktomakesureTransactionFlagissettoContinue,HTTPCompressionissettonone,Keep Aliveisoff,Generate ‘Content-MD5’ headerisoff,andEnable chunked encodingisoff.Also,makesureHTTP chunk response sizeissetto64.Scrolldownsotherestofthelistisvisible.
25. SetRandom response min lengthtoavalueof1024.Thiswillmaketheserverrespondwitha1kpage.DisableRandom response max length.ClickApply Changesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
39
Rethink Server Load Balancer Testing
26. TheconfigurationforthisSuperFlowiscomplete.ClickSave Super Flow.
27. Repeatsteps14to25creating 3 new Super FlowsandeachshouldhaveauniquenameandbeconfiguredwithaRandom response min lengthvalueof4k,8k,or12k.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
40
Rethink Server Load Balancer Testing
28. OnelastSuperFlowneedstobecreated.ThisSuperFlowwilltransmitFlashdatafromtheservertotheclient.Repeatsteps14to22.OnceintheResponse200(OK)editorchangeTransaction FlagtoEnd.Also,makesureHTTP Compressionissettonone,Keep Aliveissettooff,Generate ‘Content-MD5’ headerissettooff,andEnable chunked encodingissettooff.Next,changeContent-Typetovideo/flvandFile GeneratortoFlash (video/flv).Scrolldownuntiltherestoftheparametersarevisible.
29. SetRandom response min lengthtoavalueof102400anddisableRandom response max length.ClickApplyChangesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
41
Rethink Server Load Balancer Testing
30. TheconfigurationoftheFlashSuperFlowiscomplete.ClickSave Super Flow.
31. SelecttheApp Profilestab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
42
Rethink Server Load Balancer Testing
32. AnewApplication Profilemustbecreated.TotheApplicationProfile,wewilladdallthenewlycreatedSuperFlows.ThisallowstheabilitytocreateamorecomplextestandhavedifferentSuperFlowsthatcancontaindifferentprotocols.Inthistestscenario,weareusingonlyHTTPtraffic.Selectthe(‘+’)buttontocreateanewApplicationProfile.
33. WhenpromptedenteranamefortheApplication Profile,somethingeasytorememberasthiswillbeusedagainshortly.ClickOKoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
43
Rethink Server Load Balancer Testing
34. LocatethelistofAvailable Super Flows.ThefiveSuperFlowsjustcreatedshouldbeinthelist.Also,thelistmightbelongerthanonepage,somakesuretonavigatethroughallthepagesifneeded.LocateeachofthenewlycreatedSuperFlows,andthenclick the down arrowbuttontoaddtotheApplicationProfile.UsetheShiftbuttontoselectmultipleSuperFlows.
35. SavetheApplicationProfilebyclickingtheSave App Profilebutton.
36. NowthatalltheSuperFlowsandtheApplicationProfilehavebeenconfigured,clicktheReturn to previous screenbuttontoconfiguretherestofthetestparameters.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
44
Rethink Server Load Balancer Testing
37. SelecttheParameterstab.
38. IntheDataRatesection,changeMinimum data rateto1000.ThiswillchangethelinespeedtoGigabit.ClickApply Changesoncecompleted.
39. UndertheSession Ramp Distributionsection,severalparametersneedtobechanged.UsingtheRamp Up Behaviordrop-downmenu,selectFull Open + Data + Close.Next,changeRamp Up Seconds to1460(again,thisisacalculatedvalue;seethefirsttestforhowtocalculateit)andverifySteady-State BehaviorissettoOpen and Close Sessions.Finally,scrolldownuntilthefinalthreeparametersarevisible.ChangeSteady-State Secondsto120,Ramp Down BehaviortoFull CloseandRamp Down Secondsto30.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
45
Rethink Server Load Balancer Testing
40. ChangesarerequiredintheRamp Up Profile.ChangeRamp Up Profile TypetoStair Step.SettheMinimum Connection Rateto500,thiswillbetheinitialnumberofconnectionsattempted.Next,settheMaximum Connection Rateto7300.Scrolldowntoconfigurethelasttwoparameters.SettheIncrement N connections per secondto50.Finally,setEvery N secondsto10.Thelasttwoparametersconfiguredwilladd50newconnectionattemptsevery10seconds.ClickApply Changeswhendone.
41. UndertheSession Configuration,setMaximum Simultaneous Sessionsto7500000andMaximum Sessions Per Secondto750000.ClickApply Changesoncecompleted.
42. Finally,scrolldowntotheApplication Profileparameter.Usingthedrop-downmenu,selectthenewlycreatedApplication ProfileandclickApply Changes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
46
Rethink Server Load Balancer Testing
43. VerifytheTestStatushasagreencheckmark.Ifitdoesnot,clicktheTest Statuslinkandmaketherequiredchanges.
44. UnderTest Quick Steps,selectthefourthoption,Save and Run.
45. Whentheteststarts,theSummarytabdisplaysandprovidesaniceoverviewofwhatishappeningwithinthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
47
Rethink Server Load Balancer Testing
46. SelecttheTCPtabandverifythatconnectionsarebeingsuccessfullyestablished.
47. AnotherniceresourcetoviewistheApplicationtab.Thisprovidesinformationabouteachprotocol(ifmultipleprotocolsarebeingrun).Inthiscase,asonlyHTTPisbeinguseditprovidesthesameinformationascanbeseenontheSummaryandTCPtab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
48
Rethink Server Load Balancer Testing
48. SelecttheTCPtabtoviewtheTCP Connections per second.Althoughthistestdoestakeawhiletorun,besuretomonitorthetest.Atsomepointduringthetest,theAttemptedandSuccessfulrateshoulddiffer.Ifthesestatesdonotdiffer,waituntilthetesthascompleted,andthenredotheparametersandincreasetheMaximum Connection RateandtheRamp Up SecondsaccordinglyasthetestdidnotreachthelimittheLoadbalancerwasabletohandle.
49. Letthetestfinish.Youwillbenotifiedthetestfailed;thisisokay.SelecttheClosebutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
49
Rethink Server Load Balancer Testing
50. SelecttheView the reportbutton.
51. ExpandtheTest Results for HTTP TrafficandthenexpandtheDetailsfolder.SelectSuperflow Summaryinthenavigationpanel.Thiswillshowtheweightofeachpageasconfigured(sinceitwasleftasdefault,eachshouldhaveaweightof20%)andtheEffectiveWeight.TheEffectiveWeightistheactualweightthatwastransmittedtotheDUT.
52. Next,selectComponent Concurrent Flows.ThiswilldisplayagraphandatableofhowmanyTCPFlowswereactiveataspecifictimeduringthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
50
Rethink Server Load Balancer Testing
53. SelectTCP Connection Rate.Again,agraphandatablewillbedisplayed.ThisviewdisplaysverydetailedinformationabouttheclientandserverTCPestablish,closeandattemptedrate.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
51
Rethink Server Load Balancer Testing
54. SelecttheFrame Data Rateview.Thiswilldisplayagraphandtableofthedatarateatcertainintervals.
Other tests can be performed using:
• Different sizes of HTTP pages.
• More or fewer HTTP pages.
• Different types of HTTP pages.
• Increased numbers of supported back-end servers to 10%, 25%, 50%, 75% and 100%.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
52
Rethink Server Load Balancer Testing
HTTPS/SSL
RFC:• RFC 2818 – HTTP Over TLS
Overview:
Load balancers can use SSL to help relieve some of the processing required of a Web server to handle SSL. The client makes an SSL request
to the load balancer, and the load balancer makes a normal unencrypted HTTP request to the Web server. The BreakingPoint Storm CTM will
be configured with two test components. One will be the SSL Clients, and the other will be a Web server. This test will help determine the
load balancer’s ability to offload SSL from the Web server.
Objective:
Determine the ability of the load balancer to handle SSL connections and the rate of SSL Connections per second it can handle.
Setup:
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
53
Rethink Server Load Balancer Testing
1. LogintotheBreakingPointStormCTM.
2. Reservetherequiredportstorunthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
54
Rethink Server Load Balancer Testing
3. SelectTestNew Test.
4. SelectSelect the DUT/NetworkfromTest Quick Steps.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
55
Rethink Server Load Balancer Testing
5. ItmightbepossibletoreusetheNetwork Neighborhoodcreatedinthefirsttest.Ifyourconfigurationallowsforthis,youshouldselecttheNetwork Neighborhoodcreatedintheprevioustest.Then,undertheDevice Under Test(s),selecttheBreakingPointDefaultoption.ClickAcceptoncecompletedandgotoStep11. IfyourconfigurationdoesnotallowforthereuseofanexistingNetworkNeighborhood,continuetothenextstep.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
56
Rethink Server Load Balancer Testing
6. ClickOpen network neighborhood screen.
7. LocatetheNetworkNeighborhoodcreatedinthefirsttestandthenclicktheSave Aslink.Thiswillcreateaduplicateforeasierconfigurationchanges.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
57
Rethink Server Load Balancer Testing
8. EnteranameofLoad Balancer SSLforeasyrecognitionforlateruseandclickOK.
9. SelecttheInterface 2tab.MakechangestotheMinimum IP AddressandMaximum IP Addressasrequired.ClickApply ChangesandthenSave Network(thiswillbeenabledafteryouhaveappliedthechanges).
10. ClicktheReturn to previous screenbutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
58
Rethink Server Load Balancer Testing
11. SelectBreakingPoint DefaultfortheDevice Under Test(s).FortheNetwork Neighborhood(s),selecttheNetworkNeighborhoodthatwasjustcreated.ClickAcceptoncecompleted.
12. Whenpromptedaboutthecurrenttestsetupcontainingmoreinterfacesthanthenewlyselectedone,selectYes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
59
Rethink Server Load Balancer Testing
13. SelectAdd a Test ComponentfromTest Quick Steps.
14. SelectSession Sender (L4)forthecomponenttype.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
60
Rethink Server Load Balancer Testing
15. EnteranameofSSL ClientundertheInformationtabandclickApply Changes.
16. SelecttheInterfacestab.EnabletheExternal ServeranddisabletheInterface 2 Serverforthistestcomponent.AnothertestcomponentwillbecreatedlaterthatwillbeusedastheInterface2Server.ClickApply Changesoncecompleted.
17. SelecttheParameterstab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
61
Rethink Server Load Balancer Testing
18. UndertheData Ratesection,changetheMinimum data rateto1000andclickApply Changes.
19. UndertheDestination Portsection,changethePort distribution typefromRandomtoConstant.Also,changetheMinimum port numberto443sincethisisthestandardportforHTTPS.ClickApply Changesoncecompleted.
20. IntheSession Ramp Distributionsection,changetheRamp Up BehaviortoFull Open + Data + Close.Also,changetheRamp Up Secondsto600.Sincethistestinvolvesonlytherampup,nosteady-stateisrequired.ChangetheSteady-State Secondsto0.Finally,changetheRamp Down Secondsto30andclickApply Changes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
62
Rethink Server Load Balancer Testing
21. UndertheRamp Up Profilesection,changetheRamp Up Profile TypetoStair Step.SettheMinimum Connection Rateto2,asthetestwillstep2connectionsevery1second.Also,settheMaximum Connection Rateto1200.Asstatedpreviously,setIncrement N connections per secondto2andtheEvery N secondsto1.
22. SincetheMaximum Connection Rateis1200,youwillneedtosetMaximum Simultaneous SessionsandMaximum Sessions per Secondto15000(thisisthemaximumforSSL/TLS,buttheserateswillnotbereachedinthistest).Also,changetheTarget Minimum Simultaneous SessionsandTarget Minimum Sessions Per Secondto0.ClickApply Changesoncecomplete.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
63
Rethink Server Load Balancer Testing
23. SettheSSL/TLS Configuration.EnabledparametertotrueandchangeMinimum VersiontoTLSv1.ClickApply Changes.
24. LocatetheCA CertificatefieldandselecttheImportlink.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
64
Rethink Server Load Balancer Testing
25. Inthepagethatopens,usetheChoose FilebuttontoselecttheCAcertificatelocatedonyoursystem.ClicktheUploadbuttononceselected.Ifthepagedoesnotopenup,checkthebrowsersettingsanddisablepopupblocking.
26. Backinthemainconfigurationscreen,usetheCA Certificatedrop-downmenutoselectthecertificatejustuploadedtothesystem.ClickApply Changesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
65
Rethink Server Load Balancer Testing
27. Next,theHTTP Serverneedstobecreated.Sincemostoftheparameterswillbethesame,itiseasiertoclonethetestcomponentyoujustcreated.Right-clickonSSL ClientandselectClone Component.
28. SelectthenewcomponentandthentheInformationtab.
29. EnteranameofHTTP ServerforthistestcomponentandclickApply Changes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
66
Rethink Server Load Balancer Testing
30. SelecttheInterfacestabandmakesureonlyInterface 2 Serverisenabled.ClickApply Changesoncecompleted.
31. SelecttheParameterstab.Onemodificationwillbemadetotheexistingparameters.
32. IntheDestination Portsection,locatetheMinimum port number.Thisvalueneedstobechangedto443.ThisisbecauseWebserversdonothandleanyoftheencryption;theloadbalancerhandlestheentireencryptionload.ClickApply Changes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
67
Rethink Server Load Balancer Testing
33. VerifythattheTest Statushasagreencheckmarknexttoit.Ifitdoesnot,selecttheTest Statuslinktoviewtheconfiguration.
34. SelectSave and RunfromTest Quick Steps.
35. Enteranameforthetest,suchasLoad Balancer SSL,andclickSave.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
68
Rethink Server Load Balancer Testing
36. SelecttheTCPtabandmakesureconnectionsarebeingsuccessfullyestablished.
37. Next,selecttheEncryptiontab.VerifythatSSLhandshakesarebeingsuccessfullycompletedfromtheSSL Handshakes per Secondgraph.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
69
Rethink Server Load Balancer Testing
38. ClicktheClosebuttonwhenthetestcompletes.
39. SelecttheView the reportbutton.ThereportwillopeninaWebbrowser.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
70
Rethink Server Load Balancer Testing
40. IntheWebbrowserthatappears,expandTest Results for SSL Client,andthenexpandtheDetailsfolder.NoticealltheSSL/TLSresultsthatarecollected.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
71
Rethink Server Load Balancer Testing
41. ThefirstSSL/TLSresultofinterestistheSSL/TLS Handshake Rate.ThisresultistherateatwhichtheloadbalancerisabletohandleSSL/TLSconnections.SelectSSL/TLS Handshake Ratetoviewtheresults.
42. Noticethatagraphandatableofresultsareloaded.Usingjustthegraph,itispossibletodeterminethatthemostHandshakes Started/soccurredrightaround100secondsbeforeanyHandshakes Aborted/sstartedtooccur.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
72
Rethink Server Load Balancer Testing
43. Scrolldowntothetimestampjustnoted.LocatethevaluerightbeforeanyHandshakesAborted/soccurs(thelastcolumn).Wearelookingforthisvaluebecauseifaconnectionisaborted,thentheloadbalancerisnotabletohandleanymoreSSLconnectionspersecond.Inthecurrentexample,about196SSLHandshakes/sarepossiblefortheloadbalancertohandle.
44. Next,selecttheSSL/TLSHandshakesview.Agraphandtablewillload.Again,locatethevaluerightbeforeanyHandshakes Abortedhappened.ThisisthemaximumnumberofSSL/TLSconnectionstheloadbalancerisabletohandlebeforeconnectionsareaborted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
73
Rethink Server Load Balancer Testing
45. SelectSSL/TLS Transactionsnext.ThisresultviewwillshowabreakdownofSSLtransactionsstartedandfinishedinagraphandtableview.
46. Next,selecttheSSL/TLS Data Ratesview.Thiswillprovideabreakdownoftheprotocoldataratewithtimestamps.YoucanseehowaddedSSLconnectionswillstresstheloadbalancer’snetworkingcapability.
Additional variations of this test can be performed using:
• Different encryption algorithm.
• Different types of Certificates.
• Increased the numbers of supported back-end servers to 10%, 25%, 50%, 75% and 100%
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
74
Rethink Server Load Balancer Testing
HTTP Caching
RFC:• RFC 2616 – Hypertext Transfer Protocol – HTTP/1.1
Overview:
To help relieve some of the stress on Web servers, load balancers are able to cache static items. The test will be configured with two test
components. One will be configured with static data, and the second will be configured with dynamic data. This test will use several images
and several Web pages to help determine a load balancer’s ability to cache the required items.
Objective:
Determine the ability of a load balancer to cache static data and relieve stress from Web servers.
Setup:
This test will require the use of several images. Before starting with the test configuration, either find or create images of
the following sizes:
• 4k
• 8k
• 16k
• 24k
• 188k
• 476k
• 720k
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
75
Rethink Server Load Balancer Testing
1. LogintotheBreakingPointStormCTMSystem.
2. StartanewtestbyselectingTestNew Test.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
76
Rethink Server Load Balancer Testing
3. Select the DUT/NetworkfromTest Quick Steps.
4. SelectBreakingPoint DefaultastheDevice Under Test(s).FortheNetwork Neighborhood(s)selecttheNetworkNeighborhoodcreatedduringthefirsttest.ClickAcceptoncecompleted.
5. Ifpromptedthatthecurrenttestsetupcontainsmoreinterfacesthanthenewlyselectedone,selectYes.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
77
Rethink Server Load Balancer Testing
6. SelectAdd a Test ComponentfromTest Quick Steps.
7. SelectApplication Simulator (L7)fromtheSelect a component typewindow.
8. Twotestcomponentswillberequiredforthistest.Again,selectAdd a Test ComponentandselectApplication Simulator (L7).Onewillbeusedfortheimagingcachingandtheotherwillbeusedfordynamicdata.Whenthetestconfigurationisdone,therewillbetwoApplicationSimulatorsinthetest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
78
Rethink Server Load Balancer Testing
9. SelectthefirstApplication SimulatorcomponentandchangethenametoNon Caching ImagesandclickApply Changes.
10. SelectthesecondApplication SimulatorandchangethenametoCaching Images.ClickApply Changesoncecompleted.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
79
Rethink Server Load Balancer Testing
11. SuperFlowswillneedtobecreatedusingseveraldifferentimagesofdifferentsizes.FortheNon Caching Imagescomponent,wecanreusetheonecreatedfortheHTTPtest.Select ManagersApplication Manager.
12. Whenpromptedaboutsavingthetest,selectYes.
13. EnteranameofImage CachingwhenpromptedintheSave Test Asdialogbox.ClickSaveoncefinished.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
80
Rethink Server Load Balancer Testing
14. SelecttheSuper Flowstab.
15. LocateandselectoneoftheSuper Flowscreatedduringthefirsttest.ThenselecttheSave Asoption.ThiswillcreateacopyoftheselectedSuperFlow,allowingforquickerconfiguration.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
81
Rethink Server Load Balancer Testing
16. Enteraneasy-to-remembernamefortheSuperFlow,suchas4kImage.ClickOKoncefinished.
17. UnderStep 3 – Define Actions,selecttheseconditem.Selectthe{…}buttontoedittheaction.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
82
Rethink Server Load Balancer Testing
18. Scrolldowntothebottomofthenewwindow.DisableRandom response min length.SelecttheImport URI for response datalink.ThiswillopenanewwindowthatwillallowfortheimagestobeuploadedtotheBreakingPointStormCTM.
19. Inthenewlyopenedpage,clicktheChoose Filebutton.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
83
Rethink Server Load Balancer Testing
20. Browsetothelocationofthestoredimagesandchoosethecorrectone.Oncecompleted,clicktheUploadbutton.
21. Repeatthepreviousstepwiththeremainingimages.ThiscanalsobedonewhencreatingeachSuperFlow.Whenyouaredoneuploadingalltheimages,closetheWebpage.
22. Enablethe“URIforresponsedata”andusingthedropdownmenu,selectthecorrectimagefile.Oncecompletedclick“ApplyChanges”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
84
Rethink Server Load Balancer Testing
23. Clickthe“SaveSuperFlow”buttonwhendone.
24. Repeatsteps16–18and23–24withtheremainingimagefiles.
25. OncealltheSuperFlowshavebeencreated,selecttheAppProfiletab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
85
Rethink Server Load Balancer Testing
26. Selectthe“CreateanewApplicationProfile(‘+’)”button.
27. Enteranameforeasyrecognitionlater,suchas“NonImageCache”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
86
Rethink Server Load Balancer Testing
28. SelectallthenewlycreatedSuperFlowsandclickthedownarrowbutton.
29. MakesurealltheSuperFlowshavebeenaddedandthenclickthe“SaveAppProfile”button.
30. Clickthe“Returntopreviousscreen”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
87
Rethink Server Load Balancer Testing
31. TheNonCachingImagestestcomponentwillbeconfiguredfirst.MakesurethefirsttestcomponentisselectedandthenselecttheInterfacestab.EnabletheExternalServerandthenclick“ApplyChanges”.
32. Next,selecttheParameterstab.
33. UnderDataRate,changethe“Minimumdatarate”to“500”andclick“ApplyChanges”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
88
Rethink Server Load Balancer Testing
34. SeveralchangesarerequiredundertheSessionRampDistributionsection.First,changethe“RampUpSeconds”to“5”.Changethe“Steady-StateSeconds”to“600”andthe“RampDownBehavior”to“30”.Oncecompleted,click“ApplyChanges”.
35. SeveralchangesarerequiredundertheSessionConfigurationsection.First,changethe“MaximumSimultaneousSessions”to“1500”and“MaximumSessionsPerSecond”to“100”.Next,changethe“TargetMinimumSessionsPerSecond”to“1500”.Click“ApplyChanges”whendone.
36. For“ApplicationProfile”,selectthenewlycreatedApplicationProfileandclick“ApplyChanges”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
89
Rethink Server Load Balancer Testing
37. SelecttheCachingImagestestcomponentandrepeatsteps32to36sincetheconfigurationisexactlythesame.
38. For“ApplicationProfile”,selecttheApplicationProfilecreatedinthefirsttest.Click“ApplyChanges”oncecompleted.
39. VerifythattheTestStatushasagreencheckmark.Ifitdoesnot,clicktheTestStatuslinkandfixtheindicatedproblems.
40. Ifdesired,enteraDescriptionunderTestInformation.
41. Finally,click“SaveandRun”fromTestQuickSteps.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
90
Rethink Server Load Balancer Testing
42. Oncetheteststarts,selecttheTCPtab.Verifythatconnectionsarebeingsuccessfullyestablished.
43. Oncethetesthascompleted,closethedialogbox.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
91
Rethink Server Load Balancer Testing
44. Clickthe“Viewthereport”button.
45. Eachtestcomponentwillcontainitsownresultssection.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
92
Rethink Server Load Balancer Testing
46. First,expandTestResultsfor“NonCachingImages”andthenexpandthe“Detail”folder.Select“TCPServerStateMachine”fromthelist.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
93
Rethink Server Load Balancer Testing
47. ThegraphshowsthatServerState“ESTABLISHED”(TCPSessions)isstableduringtherunningofthetest.Also,scrolldowntheServerState“ESTABLISHED”(TCPSessions)columntoverifytherequestsweremadetotheserverforthepages.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
94
Rethink Server Load Balancer Testing
48. Next,expandTestResultsfor“CachingImages”andthenexpandthe“Detail”folder.Select“TCPServerStateMachine”fromthelist.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
95
Rethink Server Load Balancer Testing
49. Thegraphshowstheinitial‘ServerState“ESTABLISHED”(TCPSessions)’connections,andoncetheloadbalancerstartstocachethepages,theconnectionsstop.Scrolldownthe‘ServerState“ESTABLISHED”(TCPSessions)’columntoverifythatlargeamountsofrequestswerenotmadetotheserverforthepages.
Variations of this test can be performed as follows:
• Larger number of images
• Larger number of static pages
• Longer test duration
• Increase the number of supported backend servers to 10%, 25%, 50%, 75% and 100%
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
96
Rethink Server Load Balancer Testing
Dual Traffic HTTP and IMAP
RFC:• RFC 2616 – Hypertext Transfer Protocol – HTTP/1.1
• RFC 3501 – Internet Massage Access Protocol – Version 4rev1
Overview:
The load balancer should be configured with both port 80 (default HTTP) and 143 (default IMAP) open. The BreakingPoint Storm CTM
will be configured with two test components. The first test component will use the HTTP protocol and the second one will use IMAP. The
BreakingPoint Storm CTM will act as both the client and server for each protocol. Each test component will be configured to step the
connection rate at a different interval. The results will be viewed to determine how the load balancer is able to handle multiple traffic streams
from multiple protocols.
Objective:
Determine the load balancer’s ability to handle multiple protocols and process the incoming data at a reasonable rate.
Setup:
1. LogintotheBreakingPointStormCTM.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
97
Rethink Server Load Balancer Testing
2. Reservetherequiredportstorunthetest.
3. SelectTestNewTest.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
98
Rethink Server Load Balancer Testing
4. “SelecttheDUT/Network”fromTestQuickSteps.
5. ThistestwillrequirebothHTTPandIMAPservers,soanewNetworkNeighborhoodwillbecreated.Clickthe“Opennetworkneighborhoodscreen”link.
6. SelecttheNetworkNeighborhoodcreatedinthefirsttestandselect“SaveAs”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
99
Rethink Server Load Balancer Testing
7. WhenpromptedforanewnamefortheNetworkNeighborhood,enterin“IMAP/HTTP”foreasyrecognitionlater.
8. Interface1isalreadyconfiguredcorrectly.SelecttheInterface2tabandclickthe“Createanewdomain(‘+’)”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
100
Rethink Server Load Balancer Testing
9. Whenpromptedforaname,enter“IMAP”andclick“OK”.
10. Mostoftheconfigurationiscorrect.Updatethe“MinimumIPAddress”andthe“MaximumIPAddress”asrequired.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
101
Rethink Server Load Balancer Testing
Click“ApplyChanges”oncecompleted.
11.SelecttheExternaltabandclickthe“Createanewdomain(‘+’)”button.
12. Whenpromptedforaname,enter“IMAP”andclick“OK”.
13. SelectIMAPfromtheDomainslistandselecttheentryintheSubnetsection.Clickthe“Delete”buttontodeletethe
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
102
Rethink Server Load Balancer Testing
entry.
14. Forthenewsubnet,disablethe“UseAddressRange”option.EnterintheconfiguredIPAddressoftheexternalinterfacetouse.Click“AddRange”oncecompleted.
15. VerifythattheIPhasbeenaddedtotheSubnetfield,andthenselectthe“TestPaths”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
103
Rethink Server Load Balancer Testing
16. Select“Specificallydefinedtestpaths”.Then,usingthedropdownmenus,makesurethefirstoneissetto“Interface1:default”andthesecondoneissetto“External:IMAP”.Click“Add”toaddthetestpath.Click“Close”oncecompleted.
17. Finally,clickthe“SaveNetwork”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
104
Rethink Server Load Balancer Testing
18. Clickthe“Returntopreviousscreen”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
105
Rethink Server Load Balancer Testing
19. IntheDeviceUnderTest(s)section,select“BreakingPointDefault”.IntheNetworkNeighborhood(s)sectionselectthenewlycreatedIMAP/HTTPNetworkNeighborhood.Click“Accept”.
20. Whenpromptedthatthecurrenttestsetupcontainsmoreinterfacesthanthenewlyselectedone,click“Yes”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
106
Rethink Server Load Balancer Testing
21. Select“AddaTestComponent”fromTestQuickSteps.Thistestrequirestwotestcomponents.YouwillconfiguretheHTTPcomponentfirst.
22. Inthe“Selectacomponenttype”window,select“ApplicationSimulator(L7)”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
107
Rethink Server Load Balancer Testing
23. UndertheInformationtab,enter“HTTP”asthenameofthetestcomponentandclick“ApplyChanges”.
24. SelecttheInterfacestab.EnabletheExternalServerandmakesureInterface1ClientisenabledandInterface2Serverisenabled.Also,verifyeachdomainissettodefault.Click“ApplyChanges”oncefinished.
25. Next,selecttheParameterstab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
108
Rethink Server Load Balancer Testing
26. Changethe“Minimumdatarate”to“700”andclick“ApplyChanges”.
27. UndertheSessionRampDistributionsection,change“RampUpBehavior”to“FullOpen+Data+Close”.Changethe“RampUpSeconds”to“600”andchangethe“Steady-StateSeconds”to“0”,andchange“RampDownSeconds”to“30”.Click“ApplyChanges”whendone.
28. UndertheRampUpProfilesection,changethe“RampUpProfileType”to“StairStep”..Also,changethe“MinimumConnectionRate”to“25”andthe“MaximumConnectionRate”to“1525”(600seconds/10seconds=60*25=1500+25initialconnections).Updatethe“IncrementNconnectionspersecond”to“25”and“EveryNseconds”to“10”.Someoftheparameterchangeswillrequirescrolling.Click“ApplyChanges”whendone.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
109
Rethink Server Load Balancer Testing
29. Change“ApplicationProfile”to“HTTPLoadBalancer”andclick“ApplyChanges”.
30. SelectManagersApplicationManager.
31. Whenpromptedaboutunsaveddataforthelastselectedtest,select“Yes”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
110
Rethink Server Load Balancer Testing
32. Savethetestas“DualTrafficHTTPIMAP”.
33. SuperFlowsneedtobecreatedbeforetheApplicationProfilecanbeconfigured.SelecttheSuperFlowstab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
111
Rethink Server Load Balancer Testing
34. Clickthe“CreateanewSuperFlow(‘+)”button.
35. WhenpromptedtonametheSuperFlow,enter“IMAPLoadBalancer”andclick“OK”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
112
Rethink Server Load Balancer Testing
36. Clickthe“ManageHosts”buttonunder“Step1–DefineHosts”.
37. Twohostsshouldalreadybecreated:aClientandaServer.Click“Close”.
38. In“Step2–DefineHosts”,select“Client”astheClientand“Server”astheServer.FortheProtocol,select“IMAPv4-Advanced”andclickthe“AddFlow(‘+’)”button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
113
Rethink Server Load Balancer Testing
39. In“Step3–DefineActions”,usingthe“CreateaNewAction”dropdownmenu,select“Client:Login”andclickthe“AddAction(‘+’)”button.Repeatthisstepwiththe“Client:RetrieveMail”and“Client:Quit”Actions.
40. Selectthe“Login”actionandselectthe{…}button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
114
Rethink Server Load Balancer Testing
41. IntheLoginwindowthatappears,makesurethe“TransactionFlag”isenabledandsetto“Continue”.Verify”StartingTagvalue(0==Random)isenabledandsetto“1”.Click“ApplyChanges”.
42. Selectthe“RetrieveMailAction”andclickthe{…}button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
115
Rethink Server Load Balancer Testing
43. IntheRetrieveMailwindow,makesurethe“TransactionFlag”isenabledandsetto“Continue”.Verify“StartingTagvalue(0==Random)”isenabledandsetto“15”.Nothingelseshouldbeenabled.Click“ApplyChanges”.
44. Selectthe“QuitAction”andclickthe{…}.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
116
Rethink Server Load Balancer Testing
45. IntheQuitwindow,verifythatthe“TransactionFlag”isenabledandsetto“Continue”.Verify“StartingTagvalue(0==Random)”isenabledandsetto“23”.Click“ApplyChanges”.
46. Oncealltheconfigurationof“Step3–DefineActions”hasbeencompleted,clickthe“SaveSuperFlow”button.
47. SelecttheAppProfilestab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
117
Rethink Server Load Balancer Testing
48. Clickthe“CreateanewAppProfile(‘+’)”button.
49. EnteraneasytorecallnameforthenewAppProfile(e.g.,IMAPLoadBalancer).
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
118
Rethink Server Load Balancer Testing
50. SelectthenewlycreatedSuperFlowandclickthedownarrowbutton.NavigatingthelistofSuperFlowsmightberequiredtolocatethenewlycreatedSuperFlow.
51. Clickthe“SaveAppProfile”button.
52. Clickthe“Returntopreviousscreen”button.Thiswillbringyoubacktothemainconfigurationscreen.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
119
Rethink Server Load Balancer Testing
53. Right-clickonthe“HTTP”testcomponentandselect“CloneComponent”.
54. SelectthenewtestcomponentandclickontheInformationtab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
120
Rethink Server Load Balancer Testing
55. Renamethetestcomponentto“IMAP”andclick“ApplyChanges”.
56. SelecttheInterfacestab.MakesureExternalisenabledandsettoIMAP,Interface1Clientisenabledandsettodefault.Finally,makesureInterface2ServerisenabledandsettoIMAP.Click“ApplyChanges”.
57. SelecttheParameterstab.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
121
Rethink Server Load Balancer Testing
58. Underthe“DataRate”section,changethe“Minimumdatarate”to“300”andclick“ApplyChanges”.
59. UndertheRampUpProfilesection,change“MinimumConnectionRate”to“3”and“MaximumConnectionRate”to“1803”(600seconds*3newconnectionsper1+3initialconnections).Update“IncrementNconnectionspersecond”to“3”and“EveryNseconds”to“”1.Click“ApplyChanges”oncecompleted.
60. ScrolldowntotheApplicationProfilesection.Usingthe“ApplicationProfile”dropdownmenu,selectthe“IMAPLoadBalancer”profile.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
122
Rethink Server Load Balancer Testing
61. Verifythatthe“TestStatus”isagreencheckmark.Ifitisnot,selectthe“TestStatus”linktoviewtheproblems.Thesemustbecorrectedbeforethetestcanberun.
62. Editthetestdescriptionbyclickingthe“EditDescription”linklocatedundertheDescriptionareaoftheTestInformationsection.
63. Select“SaveandRun”fromTestQuickSteps.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
123
Rethink Server Load Balancer Testing
64. Whentheteststartsrunning,theSummarytabwillbevisible.ThisviewprovidesgreatdetailfortheentiretestfromTCPConnectionRatetoBandwidth.
65. Formorein-depthinformationoneachprotocol,selectthe“Application”tab.MakesureundertheApplicationscolumn“imapadv”and“httpadv”areselected.Thisviewwillprovidedetailsabouteachprotocolbeingtransmitted.
66. Oncethetestfinishes,awindowwillappearwithanotificationthatthetesthaspassed.Click“Close”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
124
Rethink Server Load Balancer Testing
67. Clickthe“Viewthereport”button.
68. AWebbrowserpagewillopen.NoticeinthenavigationpanelthatresultsarepresentforHTTP,IMAPandaggregatedstatistics.
69. Expandthe“TestresultsforIMAP”folderandselect“TCPSetupTime”.Ashortersetuptimeissuperiorastheloadbalancerisabletohandletheloadandstillquicklyreacttonewincomingconnections.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
125
Rethink Server Load Balancer Testing
70. Select“TCPCloseTime”.Again,ashorterclosetimeisbetterastheTCPconnectionclosesandfreesthoseresources.
71. ExpandtheDetailsfolderandselect“TCPConnectionRate”.Agraphandatableoftheresultswillbevisible.ThisresultviewshowshowtheconnectionratewassteppedupandhowtheClientandtheServerhandledthem.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
126
Rethink Server Load Balancer Testing
72. Selectthe“FrameDataRate”view.Thiswillshowagraphandatable.Fromthisview,itispossibletodeterminethedatatransmitanddatareceiverateatspecificintervalsthroughoutthetests.
73. Repeatthepreviousfourstepsexpectunderthe“TestResultsforIMAP”toviewtheIMAPresults.
74. Finally,expandthe“TestResultsforAggregateStatistics”andexpandthe“Detail”folder.Selectthe“EthernetDataRates”view.Thisviewwillshowtransmitandreceiveratesforbothprotocolscombined.
Other mixed traffic tests can also be performed, below are some examples:
• Increase the number of connections to greater stress the load balancer
• A longer test run time
• Create an Application Profile that uses mix traffic
• Use different protocols to test how they affect the Load balancer
• Increase the number of supported backend servers to 10%, 25%, 50%, 75% and 100%
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
127
Rethink Server Load Balancer Testing
BlockFuzzer
Overview:
A Security test component will be added to the test. The Security test component will be configured to transmit a security Strike. This
provides the ability to test a load balancer’s capability to handle malformed packets or errors within the packets. The results will be
examined to determine the load balancer’s ability to block the Strikes.
Objective:
Determine the ability of the load balancer to handle malformed packets.
Setup:
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
128
Rethink Server Load Balancer Testing
1. Witheachtest,afuzzerportionshouldbeaddedaftertheinitialtesttotesttheloadbalancer’sabilitytohandleerrors.
2. SelectMangersAttackManager.
3. Clickthe“Createanewattackseries”buttonunderthe“AttackSeries”listtocreateanewAttackSeries.
4. Whenprompted,enteranameforthenewAttackSeriesandclick“Ok”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
129
Rethink Server Load Balancer Testing
5. Next,clickthe“Addnewstrike/strikeset”buttonunderthe“StrikesandStrikesets”listtoopentheStrikeBrowser.
6. Selectthe“Strikes”radiobuttonforthe“ReturnType”andintheKeywordslocate“fuzzer”.Clickthe“Search”button.Inthereturnedlist,locate“/strikes/fuzzers/flowfuzzer/blocktypes.xml”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
130
Rethink Server Load Balancer Testing
7. ClicktherightarrowbuttontoaddtheStriketothe“Strike/Strikesets”list.Clickthe“AddStrike”buttononcecompleted.
8. OncebackinthemainAttackManagerwindow,clickthe{…}button.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
131
Rethink Server Load Balancer Testing
9. Locatethe“SELF.AppSimSmartflow”optionandsetittothedesiredSuperFlow.Click“ApplyChanges”andthen“Close”.
10. Clickthe“Returntopreviousscreenbutton”.Thiswillbringyoubacktothecurrenttestconfiguration.
11. Select“AddaTestComponent”optionintheTestQuickStepssection.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
132
Rethink Server Load Balancer Testing
12. SelectaSecuritytestcomponent.
13. UndertheInformationTaboftheSecuritytestcomponent,enteranameandclick“ApplyChanges”.
14. SelecttheInterfacestab.VerifythattheExternalServerisenabled,Interface1Clientisenabled,andInterface2Serverisdisabled.Click“ApplyChanges”.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
133
Rethink Server Load Balancer Testing
15. SelecttheParameterstabandlocatetheAttackSeriesoption.Usingthedropdownmenu,locatethenewlycreatedAttackSeriesandclick“ApplyChanges”oncecompleted.
16. UndertheApplicationSimulatortestcomponent,decreasethe“Minimumdatarate”undertheParameterstab.Click“ApplyChanges”oncecompleted.
17. VerifytheTestStatushasagreencheckmark,andthenclick“SaveandRun”underTestQuickSteps.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
134
Rethink Server Load Balancer Testing
18. Afterlookingattheothermetricswhilethetestisunderway,selecttheAttackstab.VerifytheAttackhasbeenblocked.
19. Oncethetesthasruntocompletion,viewtheresultsthesamewaywaspreviouslydone.
20. Testresultswillbeavailableforthe“FuzzerHTTPFlash”testcomponent(oryourdefinednamed).
21. Expandthe“TestResultsforFuzzerHTTPFlash”folderandselect“StrikeResults”.Verifythe“TotalStrikeCount”hasavalueof1Strikeand“StrikeBlocked”hasavalueof1Striketoo.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
135
Rethink Server Load Balancer Testing
Load Balancer Configuration
The configuration used in these tests is not very complex. Three different clusters were configured, one for HTTP, one for Mail, and finally
one for SSL. Each cluster contains 6 servers.
The Mail Cluster has an external IP address of 10.0.255.20 and uses only port 143.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
136
Rethink Server Load Balancer Testing
Each of the 6 mail servers has a unique IP Address and uses port 143.
The only difference with the HTTP Cluster is an external IP address of 10.0.255.10 and uses port 80. Also, the only difference with the SSL
Cluster is an external IP address of 10.0.255.30 and the use of port 443. Also, the SSL Cluster requires a Certificate to use.
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
137
Rethink Server Load Balancer Testing
About BreakingPointBreakingPoint pioneered the first and only Cyber Tomography Machine
(CTM) to expose previously impossible-to-detect stress fractures within
cyber infrastructure components before they are exploited to compromise
customer data, corporate assets, brand reputation and even national security.
BreakingPoint products are the standard by which the world’s governments,
enterprises, and service providers optimize the resiliency of their cyber
infrastructures. For more information, visit www.breakingpoint.com.
BreakingPoint Storm CTM
BreakingPoint has pioneered Cyber Tomography with the introduction of
the BreakingPoint Storm CTM, enabling users to see for the first time the
virtual stress fractures lurking within their cyber infrastructure through the
simulation of crippling attacks, high-stress traffic load and millions of users.
BreakingPoint Storm CTM is a three-slot chassis that provides the equivalent
performance and simulation of racks and racks of servers, including:
• 40 Gigabits per second of blended stateful application traffic
• 30 million concurrent TCP sessions
• 1.5 million TCP sessions per second
• 600,000+ complete TCP sessions per second
• 80,000+ SSL sessions per second
• 100+ stateful applications
• 4,500+ live security strikes
BreakingPoint Resources
Hardening cyber infrastructure is not easy work, but nothing that is this
important has ever been easy. Enterprises, service providers, government
agencies and equipment vendors are under pressure to establish a cyber
infrastructure that can not only repel attack but is resilient to application
sprawl and maximum load. BreakingPoint’s Cyber Tomography Machine
(CTM) provides the technology and solutions that allow these organizations
to create a hardened and resilient cyber infrastructure. BreakingPoint also
provides the very latest industry resources to make this process that much
easier, including Resiliency Methodologies, How-to Guides, white papers,
webcasts, and a newsletter. To learn more, visit
www.breakingpoint.com/resources.
BreakingPoint Labs Community
Join discussions on the latest developments in hardening cyber
infrastructure. BreakingPoint Labs brings together a diverse community of
people leveraging the most current insight to harden cyber infrastructure to
withstand crippling attack and high-stress application load.
Visit www.breakingpointlabs.com.
Contact BreakingPoint
Learn more about BreakingPoint
products and services by contacting a
representative in your area.
1.866.352.6691 U.S. Toll Free
www.breakingpoint.com
BreakingPoint Global Headquarters
3900 North Capital of Texas Highway
Austin, TX 78746
email: [email protected]
tel: 512.821.6000
toll-free: 866.352.6691
BreakingPoint EMEA Sales Office
Paris, France
email: [email protected]
tel: + 33 6 08 40 43 93
BreakingPoint APAC Sales Office
Suite 2901, Building #5, Wanda Plaza
No. 93 Jianguo Road
Chaoyang District, Beijing, 100022, China
email: [email protected]
tel: + 86 10 5960 3162