1. Field of the Invention
The present invention relates generally to a virtual connection manager that maintains virtual connections from outside machines to a local machine or group of machines. Locally initiated outbound connections from the physical machines that are established with designated outside machines are virtualized. The source IP address of the packets sent on the connection is changed to a virtual IP address that corresponds to a virtual machine. The existence of the outbound locally initiated connections may be taken into consideration when inbound remotely initiated connections are assigned to an available physical machine using a load balancing scheme.
2. Relationship to the Art
A Local Director connection manager that manages connections from remote clients to a local group of web servers is described in the patent applications referenced above. The Local Director manages requests from remote clients to IP addresses corresponding to virtual machines implemented on the Local Director by translating the destination IP address and port number of incoming packets to the destination IP address and port number of a real machine (also referred to as a physical machine) that the Local Director has at its disposal to handle connections for the virtual machines that the Local Director is implementing. Likewise, the Local Director simulates responses from the virtual machines to the remote clients by translating the source IP address and port number of the real machines that the Local Director has at its disposal to the source IP address and port numbers of the virtual machines that the Local Director is implementing.
Thus, the outside clients establish a connection that appears to be a connection to a virtual machine corresponding to destination IP address and destination port number selected by the client. The Local Director translates IP addresses and port numbers of inbound and outbound packets so that packets from the client are directed to a real machine that is selected by the Local Director to handle the virtual connection and packets from the real machine appear to the client to have originated from the virtual machine.
It should be noted that the terms client and server are used to refer to remote machines and local machines, respectively. In certain systems, the client and server designations may actually be reversed and it should be remembered that the following description could equally apply to a local virtual clients and remote servers. Furthermore, although the invention will be specifically described as relating to the Local Director it should be appreciated that the method and apparatus described herein would be applicable to other connection managers that maintain information about the state of various virtual connections. Therefore, the terms Local Director and connection manager are used interchangeably throughout this specification.
Two important functions that the Local Director performs are efficiently allocating or load balancing new connections from outside clients among the group of physical machines that are available to handle connections and hiding the physical machine IP addresses from the outside clients. As described above, these functions are performed for all connections from outside clients made to virtual IP addresses supported by the Local Director.
It would also be useful if locally generated connections initiated by physical machines that are connected to the Local Director could selectively be virtualized, that is, have the source IP address in packets that correspond to such connections be translated into a virtual IP address. Translating the source IP address for packets sent by the physical machines for remotely initiated connections causes clients to believe they are communicating with a virtual machine. It would be useful if translating the source IP addresses of packets for locally generated connections could cause clients to believe that a virtual machine has initiated a connection.
Load balancing of locally initiated connections is not necessary since the physical machine that is initiating the connection will be the physical machine that is assigned to the connection. However, it would be useful if locally initiated connections could be considered when load balancing new remotely initiated connections among a group of physical machines. A physical machine that is available to the Local Director may in some cases have a significant portion or even a majority of its processing resources devoted to handling connections initiated by the physical machine. For example, if FTP is being used, then a client may initiate a control connection that requires only a small amount of bandwidth. As a result of the control connection, an individual physical server may then initiate a data connection that requires much greater bandwidth.
What is needed, therefore, is a system and method for virtualizing locally generated connections and for providing a load balancing scheme that factors in locally generated connections when a remotely generated connection is being allocated to a local physical machine.
Accordingly, a system and method has been developed for designating certain physical machines as physical machines that will be virtualized when those physical machines initiate outside connections. A static physical machine object data structure keeps track of the virtual source address that replaces the physical machine IP address and packets sent by the physical machine. A pointer may be included to a physical machine object that represents the physical machine if the physical machine is also available to handle incoming connections that were initiated by a remote party. The pointer to the physical machine object is used to update the physical machine object number of connections so that connections initiated by the physical machine may be counted for the purpose of load balancing. When a SYN packet is intercepted by the Local Director, it checks to see if the source IP address of the packet corresponds to a static physical machine data structure. If it does, then a static connection object is created and other packets received for that connection are translated according to the information in the static connection object.
It should be appreciated that the present invention can be implemented in numerous ways, including as a process, an apparatus, a system, a device, a method, or a computer readable medium. Several inventive embodiments of the present invention are described below.
In one embodiment, locally initiated outbound connections from a physical machine used to implement a virtual machine are virtualized. The virtualization method includes providing a virtual machine object having a virtual IP address that corresponds to the virtual machine. Inbound connections directed to the virtual machine are handled by the physical machine having a physical machine IP address. A static physical machine object is also provided. The static physical machine object contains the virtual IP address and the physical machine IP address. When a SYN packet is intercepted for an outbound connection having a SYN packet source IP address that corresponds to the physical machine IP address and a packet destination address that corresponds to a foreign IP address, it is determined whether the packet source IP address matches the physical machine IP address. If the packet source IP address matches the physical machine IP address, then a connection object is created for handling outbound connections from the physical machine IP address. A counter in a physical machine object is incremented when the connection object is created so that the locally generated connection may be considered for the purpose of load balancing new remotely generated connections.
These and other features and advantages of the present invention will be presented in more detail in the following specification of the invention and the accompanying Figures which illustrate by way of example the principles of the invention.