Load balancing array packet routing system
First Claim
1. A process for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:
- designating a first load balancing server of the load balancing array of servers as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests;
requesting, by the scheduler, assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address;
in response to receiving a request packet from a requesting client at the scheduler, routing and load balancing the request packet to a second load balancing server among the load balancing array of servers;
in response to receiving the request packet at the second load balancing server, the second load balancing server decrypting the response, packet of an SSL session, routing and load balancing the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server;
in response to receiving the response packet at the second load balancing server, the second load balancing server encrypting the response packet of the SSL session and sending the response packet directly to the requesting client;
prior to the sending step, the second load balancing server parsing an outgoing markup language page in the response packet to identify given content served by a content delivery network; and
the second load balancing server modifying URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients.
6 Assignments
0 Petitions
Accused Products
Abstract
A decrypting load balancing array system uses a Pentaflow approach to network traffic management that extends across an array of Decrypting Load Balancing Array (DLBA) servers sitting in front of back end Web servers. One of the DLBA servers acts as a scheduler for the array through which all incoming requests are routed. The scheduler routes and load balances the traffic to the other DLBA servers (including itself) in the array. Each DLBA server routes and load balances the incoming request packets to the appropriate back end Web servers. Responses to the requests from the back end Web servers are sent back to the DLBA server which forwards the response directly to the requesting client. SSL packets are decrypted in the DLBA server before being routed to a back end Web server, allowing the DLBA server to schedule SSL sessions to back end Web servers based on a cookie or session ID. Response packets are encrypted by the DLBA server before being forwarded to the client. The invention also uses cookie injection to map a client to a specific back end Web server. In addition, any DLBA server in the array is capable of taking over the scheduler functionality in case of scheduler failure. URL based scheduling and hash scheduling of request packets with keepalive connections is easily performed due to the invention'"'"'s architecture.
64 Citations
28 Claims
-
1. A process for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:
-
designating a first load balancing server of the load balancing array of servers as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests; requesting, by the scheduler, assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address; in response to receiving a request packet from a requesting client at the scheduler, routing and load balancing the request packet to a second load balancing server among the load balancing array of servers; in response to receiving the request packet at the second load balancing server, the second load balancing server decrypting the response, packet of an SSL session, routing and load balancing the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server; in response to receiving the response packet at the second load balancing server, the second load balancing server encrypting the response packet of the SSL session and sending the response packet directly to the requesting client; prior to the sending step, the second load balancing server parsing an outgoing markup language page in the response packet to identify given content served by a content delivery network; and the second load balancing server modifying URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for routing packets through a decrypting load balancing array of servers across a network in a computer environment, the load balancing array of servers support decrypting and encrypting SSL requests and performing SSL session scheduling, comprising:
-
a first load balancing server of the load balancing array of servers designated as a scheduler that schedules both HTTP and HTTPS traffic including HTTP GET requests; the scheduler requests assignment of a virtual IP address to the scheduler, wherein incoming packets over a network from requesting clients destined for the load balancing array of servers are routed through the scheduler via the virtual IP address; the scheduler routes and load balances a request packet from a requesting client to a second load balancing server among the load balancing array of servers; the second load balancing server receives the request packet, decrypts the response packet of an SSL session, routes and load balances the request packet to a back end Web server among a cluster of back end Web servers, wherein the back end Web server'"'"'s response packet to the request packet is sent to the second load balancing server; the second load balancing server receives the response packet, encrypts the response packet of the SSL session and sends the response packet directly to the requesting client; a module for parsing, by the second load balancing server, an outgoing markup language page in the response packet to identify given content served by a content delivery network; and a module for modifying, by the second load balancing server, URLs for the given content in the markup language page so that the given content is served from the content delivery network in response to requests from requesting clients. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification