Global Server Load Balancing (GSLB) is a technology which directs network traffic to a group of data centers in various geographical locations. Each data center provides similar application services, and client traffic is directed to the optimal site with the best performance for each client. GSLB monitors the health and responsiveness of each site, and like Server Load Balancing, directs traffic to the site with the best response times.
Load Balancing is a general term which provides:
- High-availability and disaster recovery and business continutiy for services or resources
- Scalability by teaming multiple resources and services
- High-performance distributing workloads to the best performing services
Server Load Balancing provides Load Balancing services to an array of servers, generally, located at a single site or data center.
GSLB provides Load Balancing to multiple sites or data centers including the following services:
- High-availability or disaster recovery and business continutiy for environments with multiple data center sites and services located in different locations. If a site fails, GSLB systems respond by redirecting end-users and clients to alternate available sites.
- Scalability is provided, allowing organizations to provide services from multiple data centers, placed in strategic locations anywhere in the world
- Performance gains are achieved by distributing client workload requests to multiple sites. GSLB is geo-location aware and directs client requests to the closest data center location based on geography or network performance.
How Global Server Load Balancing Works
Client systems route to network application servers based on the data center servers IP address(s). Clients get this IP address from the local ISP DNS servers.
GSLB acts as Internet DNS services and provides the IP address to local clients accessing data center services. GSLB systems intelligently calculate the most appropriate site to direct client traffic. Client traffic is directed, or load balanced, to sites depending on policies configured in the GSLB system.
GSLB include the following services:
- Traffic routing of client traffic to most appropriate data center site
- Monitoring of the health, availability and loading for each data center
- Redirect client traffic away from a failed or unhealthy site
- Calculate client geographical locations to direct traffic for optimal site selection
- Control and optimize multi-site data center deployments with management policies
- Deliver SLA expectations to customers
- Meet regulatory requirements for countries with specific in-country restrictions
- Provide customized content specific for countries, regions or languages
How Standard DNS Works
Since GSLB technology directs client traffic using the DNS protocol, we will step through the steps a network client uses to retrieve the IP address of a web service. GSLB will perform the same function as a DNS server with additional intelligence.
When a web browser connects to a web server over the Internet, the following steps occur:
- A client web browser attempts to connect to the web site with the URL such as http://somewebserver.com
- The client queries the DNS servers provided by the local ISP
- The ISP DNS servers query the Internet Root DNS system for the DNS servers which are the Authoritative DNS Servers for SomeWebServer.com
- The Internet Root DNS servers return the IP address for the Authoritative DNS servers which is managed by the SomeWebServer.com operations
- The local ISP DNS servers then query the Authoritative DNS servers for SomeWebServer.com and receives the IP address
- Making a query from a local DNS server to an Authoritative DNS server is a called recursive DNS query
- The web browser now has the IP address and can communicate with the web server
How GSLB Provides DNS
Since client traffic is routed to servers based on the IP address retrieved from DNS, DNS services can be extended to intelligently direct clients to any number of data center sites hosting services. GSLB systems act as Authoritative DNS servers, and as such can direct client traffic to any data center site hosting the application service.
When clients query for a DNS address, the GSLB system can intelligently calculate the most appropriate site to provide services. Each client DNS query can be responded to by the GSLB system and responses are provided on a client by client basis. GSLB systems can therefor provide the functionality of a Server Load Balancer over geographically distributed data center locations, anywhere in the world.
The following are the steps for a client web browser to connect to a multi-site web service with GSLB technology. The client system is not aware of GSLB.
- A GSLB system is acting as the organization’s Authoritative DNS servers. It provides the responses to requests for the IP address of SomeWebSite.com
- The client web browser queries the local ISP DNS servers for the IP address
- The ISP DNS servers query the GSLB systems. The GSLB calculates the most optimum site to direct the client system and replies with that sites server IP address.
- The GSLB system records the IP address of the remote ISP DNS servers. The ISP DNS servers provided to their customers are typically located geographically to the client systems.
- From the local DNS server address, GSLB can deduce the geographical location of the client
- Using Load Balancing algorithms, traffic control policies and the geographical location of the client, GSLB can intelligently direct the client to the most optimal site.
GSLB provides intelligent DNS Authoritative DNS services, interacting with local ISP DNS servers. Multiple data center sites each have systems providing redundant DNS and GSLB services.
GSLB as a DNS Proxy
GSLB are typically implemented as a DNS proxy server. GSLB systems are generally not appropriate as core DNS servers. GSLB systems do not provide a complete implementation of DNS such as provided by Microsoft Active Directory and others.
GSLB use as a DNS Proxy
- Continues to use the existing DNS infrastructure without changes to the DNS server configuration
- Does not require delegations or sub-domains. Existing DNS structures are maintained.
- DNS responses are modified by the GSLB systems as required by the configured policy. All other DNS responses will be passed through unchanged.
How DNS Proxy Works
- All DNS queries arriving at the DNS proxy IP address are forwarded to your existing DNS server.
- The authoritative record for the zones on the root servers should point to the DNS proxy IP address on the GSLB system
Combined Server Load Balancers and GSLB
Application health and availability provided by Server Load Balancers (SLB) can be leveraged by GSLB systems. SLB systems can send server and application performance and health data to GSLB systems. This combination provides a power mechanism to provide application level disaster recovery.
Client requests can be redirected based on availability or health of individual application services.
Since the GSLB system records the client’s ISP DNS server address, using geo-location services, the GSLB system can:
- Send client connections to the "closest" physical data center
- Guarantee regulatory compliance for countries requiring client to be served by physically located in-country
- Route traffic based on traffic policies such as bandwidth utilization, network costs, exceeding bandwidth thresholds and others
GSLB systems can monitor loading and site health when either paired with SLB systems or network monitoring and management systems.
GSLB systems record the number of client connections directed to each site and can calculated general loading for each site. When GSLB systems are deployed to geographical regions, the network performances to local and remote data center sites and to individual clients can be monitored and used in GSLB load balancing calculations
Load Balancing can be based on multiple criteria:
- Route client connections to the data center that has least client connections
- Route client connections to the data center with the most available active servers
- Route client connections around failed or unresponsive sites
- DNS Load Balancing
- Server Load Balancing
- Network Load Balancing
- Internet Load Balancing
How A10 Can Help
A10 Networks Global Server Load Balancing features are incorporated into the Thunder platform which includes a broad set of security and networking technologies. The features included creates a robust GSLB solution. The Thunder platform includes a rich array of security features which protect the Internet facing GSLB systems.
- Stateful and Web Application Firewall (WAF) – DNS systems are constantly threatened by attacks. The Thunder platform has built-in firewall systems with specific protections against DNS based attacks
- High Availability – A10 GSLB systems can be configured in high availability clusters for mission critical operations requirements
- DDoS Prevention – DDoS attacks on DNS and GSLB systems can cause considerable harm. The Thunder platform includes A10’s advanced DDoS Mitigation.
The Thunder platform also includes the A10 Application Delivery Controller product providing advanced award-winning technologies.
- Application Delivery Controller (ADC) – including traffic steering and chained services, application and subscriber awareness and a large array of add-on services for Data Loss Prevention, Malware Prevention, URL Filtering, Network Control and many more.
- Server Load Balancing – GSLB can be used with SLB to provide a combined server and site load balancing solution.
A10's GSLB functionality extends load balancing to a global geographic scale by offering a choice of DNS Proxy or DNS Server methods. A10's GSLB adds another layer of availability and performance to applications with minimal impact to your existing DNS architecture.