1. Field of the Invention
The present invention relates to distributing data traffic load in a network among application proxies that are subscriber aware, such as service gateways that charge for application activity, with load balancers; and, in particular, to distributing the load with more flexibility for different services or different network distances between the load balancer and the application proxy, or both.
2. Description of the Related Art
Networks of general-purpose computer systems connected by external communication links are well known. The networks often include one or more network devices that facilitate the passage of information between the computer systems. A network node is a network device or computer system connected by the communication links. As used herein, an end node is a network node that is configured to originate or terminate communications over the network. In contrast, an intermediate network node facilitates the passage of data between end nodes.
Information is exchanged between network nodes according to one or more of many well known, new or still developing protocols. In this context, a protocol consists of a set of rules defining how the nodes interact with each other based on information sent over the communication links. The protocols are effective at different layers of operation within each node, from generating and receiving physical signals of various types, to selecting a link for transferring those signals, to the format of information indicated by those signals, to identifying which software application executing on a computer system sends or receives the information. The conceptually different layers of protocols for exchanging information over a network are described in the Open Systems Interconnection (OSI) Reference Model. The OSI Reference Model is generally described in more detail in Section 1.1 of the reference book entitled Interconnections Second Edition, by Radia Perlman, published September 1999, which is hereby incorporated by reference as though fully set forth herein.
Communications between nodes are typically effected by exchanging discrete packets of data. Each packet typically comprises 1] header information associated with a particular protocol, and 2] payload information that follows the header information and contains information that may be processed independently of that particular protocol. In some protocols, the packet includes 3] trailer information following the payload and indicating the end of the payload information. The header includes information such as the source of the packet, its destination, the length of the payload, and other properties used by the protocol. Often, the data in the payload for the particular protocol includes a header and payload for a different protocol associated with a different, higher layer of the OSI Reference Model. The header for a particular protocol typically indicates a type for the next protocol contained in its payload. The higher layer protocol is said to be encapsulated in the lower layer protocol. The headers included in a packet traversing multiple heterogeneous networks, such as the Internet, typically include a physical (layer 1) header, a data-link (layer 2) header, an internetwork (layer 3) header and a transport (layer 4) header, as defined by the Open Systems Interconnection (OSI) Reference Model. In networking parlance, a tunnel for data is simply a protocol that encapsulates that data.
Subscribers obtain access to a packet-switched network (PSN) of an Internet Service Provider (ISP) through a Network Access Server (NAS). A subscriber often uses a link-layer protocol to form a temporary tunnel between the subscriber's device and the NAS. The contents of the tunneling protocol payload are not involved in determining the path. The NAS determines whether an entity attempting access is in fact a subscriber authorized to access the network by exchanging packets with an Authentication, Authorization, and Accounting (AAA) server. Example well-known AAA servers include the Remote Authentication Dial In User Service (RADIUS) server, Terminal Access Controller Access Control System (TACACS), and the DIAMETER server. Once the entity is authenticated to be an authorized subscriber, then access is granted to the ISP network, the subscriber is assigned a network layer address, such as an Internet Protocol (IP) address, and internetwork-layer payloads are routed based on the internetwork and higher layer header information.
A modern ISP can offer different services to different subscribers. For example, the rate of data delivery of large Web pages to some subscribers can be increased by compressing the Web pages before delivery and un-compressing the Web pages at a process on the subscriber's own equipment. As is well known in the art, Web pages are transmitted over a network using the Hypertext Transfer Protocol (HTTP), an application-layer (layer 7) protocol. Certain Web pages can be blocked using a Web filtering service. A service that provides some combination of compression, filtering and local caching of Web pages is called Web optimization. Some subscribers use mobile devices, such as cell phones, that have smaller memory and display capacities than other network devices. Web pages are communicated to such mobile devices using special protocols, such as the Wireless Application Protocol (WAP), an application-layer protocol. HTTP payloads are translated to WAP payloads before delivery to these subscribers.
To deliver these special services, service gateways are included in the ISP packet switched networks. Service gateways are processes that operate on intermediate network devices between the source and the destination of data packets. The service gateways use a payload in a data packet to provide the networking service. Example services include payload translation, just described, and other payload changes, as well as special billing, rating, filtering services and other services that do not modify the contents of a payload. For example, Web compression gateways compress HTTP payloads of data packets directed to a subscriber's device and un-compress HTTP payloads of data packets originating from a subscriber's device. A WAP 1.x gateway converts HTTP payloads of data packets directed to a subscriber's device to WAP 1.x payloads and converts WAP 1.x payloads of data packets originating from a subscriber's device to HTTP payloads. Some ISPs offer different services to different subscribers. These are subscriber-aware services.
To ensure that a service gateway for a service offered by the ISP is included in packet-switched paths from the subscriber to any destination on the network accessed by the ISP network, the service gateway is included as a proxy for an actual destination used to set up a subscriber's session on the network. For example, AAA server traffic for a NAS is directed to a service gateway, which serves as a proxy for the AAA server. A subscriber-aware service gateway monitors the AAA server traffic to determine the remote user's network identifier and whether the remote user has subscribed to the service provided by the gateway. For example, the service gateway monitors RADIUS to determine mapping of subscriber ID to currently assigned network ID; and, in addition, RADIUS is used to relay information on users' subscribed service profile to the network elements from a back-end database, typically behind the RADIUS server.
It is common for an ISP to include a cluster of service gateways so the service can be scaled to the number of subscribers. To distribute traffic among the service gateways in the cluster, a load balancer process is included in the path between the NAS (or other end node) and the cluster of service gateways. ISPs that include clusters of service gateways and load balancers also configure the load balancer as a proxy for the AAA server. For subscriber-aware services, the load balancer should send all traffic from the same subscriber, and the associated control plane traffic (RADIUS) generated by the NAS on this subscribers behalf, to the same service gateway in the cluster for the duration of the subscriber's network session. In some approaches, a sticky table is formed at the load balancer to store an entry that associates a particular subscriber with a particular service gateway for the duration of the session. When the session is ended, the entry is deleted from the sticky table. The sticky table is formed by monitoring the AAA traffic. Content-aware load-balancing is available from Cisco System, Incorporated of San Jose, Calif. as described in “Cisco IOS Software Release 12.1(11b)E for Supervisor Engines of the Cisco Catalyst 6500 Series Switch and Cisco 7600 Series Internet,” Product Bulletin 1687, 2002, the entire contents of which are hereby incorporated by reference as if fully set forth herein. At the time of this writing, Product Bulletin 1687 is available at the Internet domain www.cisco.com in a file named prod_bulletin09186a00800923b0.htm in the directory /en/US/products/hw/routers/ps368.
While suitable for many purposes, there are some deficiencies with the prior approaches. One deficiency is that all traffic that comes through the NAS and hits the load balancer is directed to the service gateway cluster. This is not desirable for all traffic. For example, a WAP gateway or Web optimizer gateway is useful for HTTP payloads but the extra routing to the gateway and the gateway processing adds latency to the delivery of data from the mobile device. Increased latency is particularly undesirable for delay-sensitive applications such as a voice over IP. Thus it is preferable to directly route the voice over IP data and only send the Web traffic to the WAP or Web Optimizer gateway. Furthermore, directing all traffic to the service gateway increases the load on the service gateway.
Another deficiency is that current load balancers direct traffic to a service gateway using link-layer addresses. Such an approach requires that the service gateway cluster be connected to the same network segment as the load balancer. A network segment is a portion of the network between intermediate network nodes. In some circumstances it may be desirable to place the load balancers closer to each of multiple, widely-spaced NASs that are on different network segments. The requirement forces the ISP to place at least one service gateway on each network segment connected to a load balancer; and, makes it difficult for the ISP to cluster service gateways and achieve the benefits of greater scalability.
Based on the foregoing description, there is a clear need for service gateway load balancers that do not suffer all the deficiencies of prior art approaches. In particular there is a need for a service gateway load balancer that is subscriber aware and efficiently directs pertinent traffic to a service gateway but lets other traffic that does not use the service be routed directly to its destination. Also, there is a particular need for a service gateway load balancer that does not require the service gateway to be on the same network segment as the load balancer.