1. Field of the Invention
The present invention relates generally to data networks, and more specifically to a technique for distributed load balancing of network traffic across a data network.
2. Background
Content providers on the World Wide Web are willing to pay a great deal of money to guarantee that their content is delivered quickly and accurately to any given client. Accordingly, a great deal of research has been conducted to address the problem of speeding up HTTP transactions conducted between a client and a server, particularly in situations where there is a relatively large propagation delay between the client and the server.
Although the speed of data transmission across the Internet is continuing to increase, the propagation delay associated with the speed of an electrical signal traveling through a wire or fiberoptic cable (i.e. the speed of light) cannot be reduced. Such delays are becoming a significant factor in the overall propagation delay between the server and client. In order to reduce the overall propagation delay between a given server and a given client, conventional techniques have resorted to replicating the server system, and placing multiple copies of the replicated server system at locations as near as possible to the client.
Thus, for example, a common technique used by content providers is to store content from the host server in co-location spaces that are geographically distributed over a wide area. The co-location spaces form an overlay network that is more costly and less flexible, but provide better service than the traditional Internet. Typically the ISPs which manage the co-location spaces charge the content provider for each megabyte stored in the co-location space. The co-location spaces may be implemented as proxy servers, which pull specific data from the host server in response to specific client requests, or may be implemented as fully replicated servers which include all the information of the host server.
Although the use of co-location spaces will help reduce the overall propagation delay between a server and client, another issue which arises relates to the problem of determining how an arbitrary client is redirected to the nearest replica or proxy server, particularly where it is not known ahead of time which clients will be asking for information and where the clients are located. Some conventional techniques have been implemented to address this problem, but typically require the use of a gateway router.
An alternate technique for predicting, for a given client, the nearest replica or proxy server to that client has been developed by Akamai Technologies, Inc. (of Cambridge, Mass.). The proprietary Akamai routing technique involves constructing a network map of the Internet topology. The network map information is stored in a central network operating center or NOC which is located on a specific Akamai server. When a client attempts to access a content provider""s site which is part of the Akamai overlay network of co-location servers, the client will initiate a DNS resolution request, which is resolved by the NOC server. The NOC dynamically resolves the requested domain name to a co-location server address that is nearest topologically to the client, using information from the network map.
However, in order for Akamai""s routing technique to be successfully implemented, the network topology map must be continually updated and maintained. According to at least one school of thought, however, maintaining an accurate Internet topology may be nearly impossible since the Internet topology is dynamically changing and is exponentially growing in size and complexity each day.
More importantly, the Akaimi routing technique is limited only to resolving DNS queries implemented using DNS protocol. Currently, the Akaimi technique for re-routing clients to a nearest proxy server is not extendable to other protocols such as, for example, TCP. Thus, for example, when a client obtains a particular IP address of a server, and subsequently attempts to initiate a TCP connection with that server, the Akaimi technique can not be used to re-route the client to establish a TCP connection with a topologically closer proxy server.
Accordingly, in light of the foregoing, there exists a continual need to develop alternative solutions for providing fast and efficient routing and load balancing of web traffic across data networks.
According to specific embodiments of the present invention, a technique is provided for routing a client device to access a specific client server in a data network. The data network may include at least one host server, a sub-network of client servers associated with the at least one host server, and at least one client system. According to one embodiment, the data network corresponds to the Internet, wherein the at least one host server corresponds to the host server of a content provider, the sub-network of client servers corresponds to an overlay network of proxy or replica servers.
The technique of the present invention provides a solution to the problem of routing or redirecting a given client to a replica or proxy server which has a relatively shortest propagation delay to the client. According to the technique of the present invention, a network device referred to as an intercept server sits in front of a host server, and intercepts packets routed to the host server. When desired, packets which are intercepted by the intercept server are replicated, encapsulated and tunneled to selected client servers in the overlay network. The tunneled packets are received and processed by each of the selected client servers, whereupon each of the selected client servers generates a respective spoofed response to the source device identified in the header of the originally intercepted packet. Further, according to the technique of the present invention, each of the selected client servers transmits its respective spoofed response to the identified source device at substantially the same time. The client server associated with the spoofed response which is first received at the identified source device is considered to have the relatively shortest propagation delay to the identified source device, and is identified as the successful client server. Thereafter, the source device will be directed or redirected to communicate directly with the successful client server when subsequently attempting to access information from the host server.
Other embodiments of the present invention are directed to a method and computer program product for routing a client device to access a specific server in a data network. The data network includes a sub-network of client servers which are configured to include information corresponding to information stored on at least one host server. A first packet is received from a source device. Information relating to the first packet is then forwarded to a first portion of client servers in the sub-network. Each of the first portion of client servers is then caused to transmit, at substantially the same time, a respective spoofed response to the source device. Each spoofed response may be generated using information from the first packet. According to a specific embodiment, a successful client server may then be identified as being associated with generating a particular spoofed response that was first received at the source device. An ID of the source device may then be binded with an ID of the successful client server in order to cause subsequent requests from the source device to access information from the host server to be routed to the successful client server device for processing. Further, according to a specific implementation, the first packet received from the source device may correspond to a SYN segment of a TCP protocol for communicating with the host server. Additionally, each spoofed response may comprise a SYN, ACK segment which includes a unique sequence number relating to an identity of the client server which generated the spoofed response.
Additional embodiments of the present invention are directed to a method and computer program product for routing traffic in a data network. The data network comprises a sub-network of client servers configured to include information corresponding to information stored on at least one host server. A first packet from a source device is received at a first network device. The source device is identified using information from the first packet. Using the identified source device information, a first portion of the client servers is then selected for forwarding information relating to the first packet. Information relating to the first packet is then forwarded to the first portion of client servers. Each of the first portion of client servers is then caused to transmit a respective spoofed response to the source device at substantially the same time. According to a specific embodiment, the selection of the first portion of client servers may include at least one preferred client server associated with the identified source device, and may further include at least one randomly selected client server from the sub-network of client servers.
Further embodiments of the present invention are directed to a method and computer program product for routing traffic in a data network. The data network includes a sub-network of client servers configured to include information corresponding to information stored on at least one host server. A tunneled packet transmitted from an intercept server is received at a first client server. The tunneled packet includes encapsulated information related to a first packet intercepted by the intercept server. The first packet includes a source address and a destination address. The source address corresponds to a source device which generated the first packet. The first packet information relates to a request to open a communication connection with a host server. The first client server generates a first spoofed response to the first packet request using information from the received tunneled packet. The first spoofed response further includes information for identifying the first client server which generated the first spoofed response. The first spoofed response is then transmitted to the source device. According to a specific implementation, the first packet corresponds to a SYN segment of a communication utilizing a TCP protocol. Further, according to this embodiment, the first spoofed response comprises a SYN, ACK segment which includes a first sequence number relating to an identity of the first client server.
An alternate embodiment of the present invention is directed to a system for routing a client device to access a specific server in a data network. The system comprises a sub-network of client servers configured to include information corresponding to information stored on at least one host server. The system may further comprise at least one intercept server configured to intercept at least one packet routed to a host server. The intercept server is further configured to identify a source device which generated the intercepted packet. The intercept server may further be configured to forward information relating to the first packet to a selected portion of client servers. Further, the intercept server may be configured to cause each of the selected client servers to transmit a respective spoofed response to the source device at substantially the same time.
Another embodiment of the present invention is directed to a network device comprising at least one CPU and memory. The memory may include a first portion of memory configured to store content information which is substantially similar to content information stored on at least one host server in a data network. The network device may further comprise at least one interface for receiving a tunneled packet from an intercept server. The tunneled packet may include encapsulated information relating to a first packet intercepted by the intercept server. The first packet may include a source address and destination address, wherein the source address corresponds to a source device associated with generating the first packet. The first packet information may relate to a request to open a communication connection with the host server. The network device may be further configured to generate, using information from the received tunneled packet, a first spoofed response to the source device request, wherein the first spoofed response includes information for identifying the first client server which generated the first spoofed response. Additionally, the network device may further be configured to transmit the first spoofed response to the source device.
An alternate embodiment of the present invention is directed to a system for routing a source device to access a specific server in a data network. The system comprises a sub-network of client servers configured to include information corresponding to information stored on at least one host server. The system further includes at least one intercept server configured to intercept at least one packet addressed to a host server. The intercepted packet includes information for identifying a source device associated with the packet. The intercept server is further configured to forward information relating to the intercepted packet to a selected portion of the client servers in the sub-network. Each of the selected client servers is configured to transmit, at substantially the same time, a respective spoofed response to the source device, wherein each spoofed response is generated using information from the intercepted packet. According to a specific implementation, the intercept server is configured to identify a successful client server which generated a spoofed response that was first received at the source device. The intercept server is further configured to bind an ID of the source device with an ID of the successful client server device. In this way, subsequent requests from the source device to access information from the host server may be forwarded to the successful client server for processing.
Additional objects, features and advantages of the various aspects of the present invention will become apparent from the following description of its preferred embodiments, which description should be taken in conjunction with the accompanying drawings.