Network protocols may be modeled as a layer of protocols from layer 1 to layer 7. For example, the IP protocol is modeled to be at layer-3, the TCP protocol is at layer-4, and various applications are at layer-7. The switching of network traffic using layer 4-7 information is well known.
A layer-4 switch, also sometimes referred to as a layer-4 load balancer, uses the four tuple information carried in a TCP/IP and UDP/IP packet to make a switching decision—for example, switching an incoming Web server request packet based on a hash of the four tuple information to one of the available server computers. As a result, processing load may be distributed across the available pool of servers, and this distribution of processing load is often called “load balancing.”
A layer-4 Performance Enhancing Proxy (PEP) is a layer-4 switch that performs further processing of layer-4 information with the goal of improving the performance in specific networking environments. One type of proxy is a TCP proxy that splits a TCP connection and performs the TCP protocol processing on each part. In some environments, connection splitting is beneficial, particularly when used in conjunction with environment specific enhancements.
A typical use of a layer-4 PEP is to connect networks that have different characteristics—for example, to connect a LAN/MAN/WAN Ethernet network to a Wireless LAN (WLAN) or a satellite network. Required features of a standard conforming PEP is described in RFC3135, and includes, as a base requirement, to be able to switch the network traffic from a first TCP connection to a second TCP connection, and in addition to have support in the TCP protocol implementation for the different network types.
A PEP typically employs a fully featured high performance TCP stack in addition to the standard features of a high performance TCP implementation as defined by RFC793, RFC1122, RFC2525, RFC2988, RFC2414, RFC1323, RFC2581, and RFC2474. Additional features may include stretch ACK (ACK moderation) with per-connection configurable inter-ACK spacing for asymmetric channels. Other useful features include byte counting, rather than ACK counting, to improve the sender's behavior when the receiver is using stretch ACKs; RTT based send pacing to reduce burstiness over long distance paths and/or paths with limited buffering capacity; advanced congestion control schemes designed for long distance or high error rate links (such as High-Speed TCP, and rate-halving); and the ability to perform rate control rather than standard window based congestion control over links with relatively high error rates (for example, wireless links).
A layer-7 switch uses information at layers above layer-4 to make a switching decision. For example, it is common practice to distribute databases across the available servers and then to direct, also referred to as “to switch”, the incoming request packets to the appropriate sever based on the data requested. For example, a database that stores street address map information might be distributed among several servers according to geographical location. A web server street-map-information request, in this case, is processed to determine the requested street address and, based on the requested street address, the request is switched to the appropriate server (i.e., the server that holds the street-map information for the requested address). The address information in this case is contained in layer-7 information such as an HTTP or XML request, that is encapsulated within L4 TCP payload, and the processing includes first processing the TCP payload, and then processing the layer-7 information within the TCP payload.
Another example of a layer-7 switch is an iSCSI storage switch that examines the iSCSI header and the SCSI Control Data Block (CDB) before deciding where to send the SCSI command. The switching decision in this case may be based on a switching table that associates SCSI storage blocks with a storage server and with a storage controller within that storage server. In this case, the switch examines the iSCSI header information and the CDB block information received on a TCP connection to make the switching decision to the appropriate storage node, based on the storage switching table. The processing may include first computing a cyclic redundancy check (CRC) on the iSCSI header and/or data information. The iSCSI switch in this example may either be centralized or distributed and form part of the storage controllers.
A protocol proxy may further be used in the role of a protocol “gateway”. For the sake of illustration, an example layer 4 protocol gateway would receive data encapsulated in UDP payload on one “connection” (an association between two processes described by the 4-tuple source and destination IP addresses, and source and destination UDP port numbers) and forward at least a part of that data encapsulated in TCP payload on another connection. This allows the use of each protocol in the appropriate environment, and takes advantage of the benefits of the protocol without requiring it to be used end-to-end. In this specific example, the benefits of UDP, e.g. simplicity and low overhead, are obtained on the first connection (which could be over a reliable local area network), whereas the benefits of TCP, e.g. reliability and congestion control, are obtained on the second connection (which could be over the Internet at large).