Load balancing array packet routing system

US 7,340,532 B2
Filed: 02/07/2001
Issued: 03/04/2008
Est. Priority Date: 03/10/2000
Status: Expired due to Term

First Claim

Patent Images

1. A process for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:

designating a first load balancing server of the load balancing array of servers as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests;

requesting, by the scheduler, assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address;

in response to receiving a request packet from a requesting client at the scheduler, routing and load balancing the request packet to a second load balancing server among the load balancing array of servers;

in response to receiving the request packet at the second load balancing server, the second load balancing server decrypting the response, packet of an SSL session, routing and load balancing the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server;

in response to receiving the response packet at the second load balancing server, the second load balancing server encrypting the response packet of the SSL session and sending the response packet directly to the requesting client;

prior to the sending step, the second load balancing server parsing an outgoing markup language page in the response packet to identify given content served by a content delivery network; and

the second load balancing server modifying URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A decrypting load balancing array system uses a Pentaflow approach to network traffic management that extends across an array of Decrypting Load Balancing Array (DLBA) servers sitting in front of back end Web servers. One of the DLBA servers acts as a scheduler for the array through which all incoming requests are routed. The scheduler routes and load balances the traffic to the other DLBA servers (including itself) in the array. Each DLBA server routes and load balances the incoming request packets to the appropriate back end Web servers. Responses to the requests from the back end Web servers are sent back to the DLBA server which forwards the response directly to the requesting client. SSL packets are decrypted in the DLBA server before being routed to a back end Web server, allowing the DLBA server to schedule SSL sessions to back end Web servers based on a cookie or session ID. Response packets are encrypted by the DLBA server before being forwarded to the client. The invention also uses cookie injection to map a client to a specific back end Web server. In addition, any DLBA server in the array is capable of taking over the scheduler functionality in case of scheduler failure. URL based scheduling and hash scheduling of request packets with keepalive connections is easily performed due to the invention'"'"'s architecture.

64 Citations

View as Search Results

28 Claims

1. A process for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:
- designating a first load balancing server of the load balancing array of servers as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests;
  
  requesting, by the scheduler, assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address;
  
  in response to receiving a request packet from a requesting client at the scheduler, routing and load balancing the request packet to a second load balancing server among the load balancing array of servers;
  
  in response to receiving the request packet at the second load balancing server, the second load balancing server decrypting the response, packet of an SSL session, routing and load balancing the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server;
  
  in response to receiving the response packet at the second load balancing server, the second load balancing server encrypting the response packet of the SSL session and sending the response packet directly to the requesting client;
  
  prior to the sending step, the second load balancing server parsing an outgoing markup language page in the response packet to identify given content served by a content delivery network; and
  
  the second load balancing server modifying URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The process of claim 1, wherein the scheduler routes and load balances client requests to itself.
  - 3. The process of claim 1, further comprising the steps of:
    - detecting failure of the scheduler; and
      
      electing a load balancing server among a plurality of load balancing servers as a new scheduler.
  - 4. The process of claim 1, wherein the scheduler detects failure of any load balancing servers among the load balancing array of servers;
    - and wherein the scheduler stops routing packets to any failed load balancing servers.
  - 5. The process of claim 1, wherein the second load balancing server schedules sessions to back end Web servers based on a cookie or session ID.
  - 6. The process of claim 1, wherein the second load balancing server uses cookie injection to map a client to a specific back end Web server.
  - 7. The process of claim 1, wherein the second load balancing server decrypts a request packet in an SSL session before routing and load balancing the request packet to a back end Web server.
  - 8. The process of claim 7, wherein the second load balancing server encrypts a response packet in an SSL session before sending the response packet directly to the requesting client.
  - 9. The process of claim 1, wherein the second load balancing server establishes a connection with the requesting client and the requesting client keeps the connection alive with the load balancing server.
  - 10. The process of claim 9, wherein the second load balancing server performs URL based scheduling of request packets.
  - 11. The process of claim 9, wherein the second load balancing server performs hash scheduling of request packets.
  - 12. The process of claim 1, wherein the second load balancing server maintains persistent connections in paths requiring persistent connections;
    - and wherein the second load balancing server uses hash group based persistence to maintain its persistence tables.
  - 13. The process of. claim 1, wherein the second load balancing server detects when a back end Web server fails;
    - and wherein the second load balancing server stops routing request packets to failed back end Web servers.
  - 14. The process of claim 1, wherein HTML pages that have modified URLs are cached to improve performance.

15. An apparatus for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:
- a first load balancing server of the load balancing array of servers designated as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests;
  
  the scheduler requests assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address;
  
  the scheduler routes and load balances a request packet from a requesting client to a second load balancing server among the load balancing array of servers;
  
  the second load balancing server receives the request packet, decrypts the response packet of an SSL session, routes and load balances the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server;
  
  the second load balancing server receives the response packet, encrypts the response packet of the SSL session and sends the response packet directly to the requesting client;
  
  a module for parsing, by the second load balancing server, an outgoing markup language page in the response packet to identify given content served by a content delivery network; and
  
  a module for modifying, by the second load balancing server, URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 16. The apparatus of claim 15, wherein the scheduler routes and load balances client requests to itself.
  - 17. The apparatus of claim 15, further comprising:
    - a module for detecting failure of the scheduler; and
      
      a module for electing a load balancing server among a plurality of load balancing servers as a new scheduler.
  - 18. The apparatus of claim 15, wherein the scheduler detects failure of any load balancing servers among the load balancing array of servers;
    - and wherein the scheduler stops routing packets to any failed load balancing servers.
  - 19. The apparatus of claim 15, wherein the second load balancing server schedules sessions to back end Web servers based on a cookie or session ID.
  - 20. The apparatus of claim 15, wherein the second load balancing server uses cookie injection to map a client to a specific back end Web server.
  - 21. The apparatus of claim 15, wherein the second load balancing server decrypts the request packet when it is an SSL session before routing and load balancing the request packet to a back end Web server.
  - 22. The apparatus of claim 21, wherein the second load balancing server encrypts the response packet when it is an SSL session before sending the response packet directly to the requesting client.
  - 23. The apparatus of claim 15, wherein the second load balancing server establishes a connection with the requesting client and the requesting client keeps the connection alive with the load balancing server.
  - 24. The apparatus of claim 23, wherein the second load balancing server performs EJRL based scheduling of request packets.
  - 25. The apparatus of claim 23, wherein the second load balancing server performs hash scheduling of request packets.
  - 26. The apparatus of claim 15, wherein the second load balancing server maintains persistent connections in paths requiring persistent connections;
    - and wherein the load balancing server uses hash group based persistence to maintain its persistence tables.
  - 27. The apparatus of claim 15, wherein second the load balancing server detects when a back end Web server fails;
    - and wherein the second load balancing server stops routing request packets to failed back end Web servers.
  - 28. The apparatus of claim 15, wherein HTML pages that have modified URLs are cached to improve performance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Akamai Technologies, Inc.
Original Assignee
Akamai Technologies, Inc.
Inventors
Swildens, Eric Sven-Johan
Primary Examiner(s)
PATEL, HARESH N

Application Number

US09/779,071
Publication Number

US 20010034792A1
Time in Patent Office

2,582 Days
Field of Search

709/238, 709223-225, 709/243, 709/227, 709228-231, 709/203, 709/239, 709/226, 709200-202, 709217-219, 718/105, 718102-104, 715/513, 717/114, 719/310, 719/317
US Class Current

709/238
CPC Class Codes

H04L 63/0471   applying encryption by an i...

H04L 67/1001   for accessing one among a p...

H04L 67/10015   Access to distributed or re...

H04L 67/1008   based on parameters of serv...

H04L 67/1023   based on a hash applied to ...

H04L 67/1027   Persistence of sessions dur...

H04L 67/1034   Reaction to server failures...

H04L 9/40   Network security protocols

Load balancing array packet routing system

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Load balancing array packet routing system

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others