SoftLayer Fundamentals Connecting to Th 1283769

© 2014 IBM Corporation

SoftLayer Fundamentals Connecting to the Cloud – SoftLayer Networking, Part 2

© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.

Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

IBM®, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of

IBM trademarks is available on the web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Intel and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other

countries.

Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.

Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.

Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.

CDNLayer®, CloudLayer®, KnowledgeLayer®, RescueLayer®, SoftLayer®, and StorageLayer® are trademarks or registered

trademarks of SoftLayer, Inc., an IBM Company.

Other company, product, or service names may be trademarks or service marks of others.

The information contained in this document has been submitted to any formal IBM test and is distributed on an “as is” basis

without any warranty either express or implied. The use of this information or the implementation of any of these techniques is a customer responsibility and depends on the customer's ability to evaluate and integrate them into the customer’s operational

environment. While each item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the

same or similar results will result elsewhere. Customers attempting to adapt these techniques to their own environment do so at their own risk.

© Copyright International Business Machines Corporation 2014. All rights reserved. This document may not be

reproduced in whole or in part without the prior written permission of IBM. Note to U.S. Government Users – Documentation

related to restricted rights – Use , duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp.

Trademarks

2


Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 3

Meet your speakers

Jody Cefola is the SoftLayer Channels Integration leader focused on

partner enablement from IBM. Jody had 10 years in channel development

and execution working with all types of partners and international

experience with channel execution in Europe and Asia Pacific.

Steven W. Schiffer is an advisory architect for the IBM Global Technology

Services (GTS) Global Cloud Ecosystem team. Steven has more than five

years of experience with IBM cloud architecture (both private and public

infrastructures). He holds a Masters of Science in IT Management from the

University of Texas at Dallas and a bachelor’s degree in Computer Science

from the University of North Texas.



Your cloud strategy is your business strategy

Pacesetters use cloud to surface insights from data. They reimagine business

models, make better decisions and serve customers in new ways to create winning

business outcomes.

With so much at stake, you don't want just any cloud…

Source: IBM Center for Applied Insights Under cloud cover: How leaders are accelerating competitive differentiation that surveyed

802 cloud decision makers and users, spanning 13 countries and 24 industries.

2x the revenue growth

Almost

2.5x higher gross profit

growth than peers

Nearly



Tap into SoftLayer. Leverage significant investment to build

skills starting with SoftLayer Fundamentals

7.6 Revenue growth for Business Partners who have embraced

cloud2 7.6 2.5X

7.6 of CIO’s who are reengineering IT plan to look for outside

help – new skills, tools and capabilites3 7.6 66%

Sources: 1. Forrester Research, Cloud Channel Trends, 2013 to 2014, February 2013, 2. IDC: Worldwide channel and alliances 2013 top 10 predictions, January 2013,3. IBM CIO

study, 2011,

7.6 value for service channel partners has become technical

training1

7.6 #1



SoftLayer Fundamentals is a series of technical webinars to

provide knowledge on the capabilities to help build solutions

Webinar

Date Topic # Topic

February 25 1 Changing the landscape, not the definition - SoftLayer overview

February 27 2 One size does not fit all – Defining the SoftLayer cloud architecture

March 4 3 Connecting to the cloud – SoftLayer network options, part 1


March 11 5 Keep safe – Securing your virtual instances

March 13 6 Storing your data – Understanding SoftLayer storage options

March 18 7 Flexible and on demand – Understanding SoftLayer managed services

March 20 8 You can’t manage what you don’t monitor – SoftLayer management and

monitoring

March 25 9 Evaluating cloud providers - Leveraging SoftLayer differentiators

For general SoftLayer overview presentations

Lance Crosby, SoftLayer CEO, main tent at IBM PWLC: http://www.youtube.com/watch?v=t9h2cXwcUvA

Grow your cloud business - leveraging the IBM acquisition of SoftLayer:

https://engage.vevent.com/rt/ibm~1017?token=NTU2MTY1MjY0MDAxMjExMDgxN0NIRUNLX0RBVEVfQU5EX0VOVFJJ

RVNfQ09VTlQ

http://www.youtube.com/watch?v=t9h2cXwcUvA

https://engage.vevent.com/rt/ibm~1017?token=NTU2MTY1MjY0MDAxMjExMDgxN0NIRUNLX0RBVEVfQU5EX0VOVFJJRVNfQ09VTlQ

https://engage.vevent.com/rt/ibm~1017?token=NTU2MTY1MjY0MDAxMjExMDgxN0NIRUNLX0RBVEVfQU5EX0VOVFJJRVNfQ09VTlQ

© Copyright IBM Corp. 2014. All rights reserved.


Upon completion of this webinar, you should be able to:

• Understand load balancing

• Know the difference between global and local

balancing

• Order a local and a global load balancer

• Configure services in a local load balancer

• Understand the different SoftLayer firewalls

• Understand IP addresses in SoftLayer

• Using SoftLayer’s Domain Name Service

• Interfacing with SoftLayer VLANs

7

Connecting to the cloud – SoftLayer Networking Part 2



In this topic, you will learn about

• VIP options for load balancing

• Various balancing methods

Balancing data with SoftLayer local load balancer



Balancing data with SoftLayer local load balancer

The SoftLayer local load balancing is based on Array Networks and utilizes industry-

standard techniques. These techniques include round-robin, lowest latency, least

connections, shortest response, and IP persistence to balance traffic among two or more

servers. Local load balancing can be activated and configured in real-time, with servers

added to or removed from the balancing pool on-demand with little or no downtime.

Be aware of the following regarding local load balancing:

• Public network VLAN load balancing only.

• Local load balancing is limited to Layer 4.

• No console access; managed through the Customer Portal.

http://www.arraynetworks.com



• Common (shared) load balancing

deployment

• Only one virtual IP address provided:

250 VIP connections per second

(with SSL option)

500 VIP connections per second

(with SSL option)

1,000 VIP connections per second

(with SSL option)


• Dedicated load balancing deployment

• Up to eight virtual IP addresses:


with SSL only

100,000 VIP connections per

second with SSL only

Selecting VIP options

VIP

connections

per second



Round

robin

Shortest

response

Least

connections

Consistent

hash IP

VIP

connections

per second

SoftLayer data center

Local

load

balancer

The local load balancer utilizes round robin, shortest response, least connections,

and consistent hash IP as methods to balance traffic among two or more servers in a

data center.

Balancing methods



Round

robin

Shortest

response

Least

connections

Consistent

hash IP

VIP

connections

per second

SoftLayer data center

Local

load

balancer

Routing to servers




• Examples of global load balancing

configurations

• VIP options for global load balancing

• Various balancing methods

• Citrix NetScaler load balancer

Balancing data with SoftLayer global load balancer



The SoftLayer global load balancer is based on F5 Networks and allows you to load

balance your websites between servers in different physical data center locations. By

using an Anycast DNS system, the global load balancer is capable of providing highly

redundant DNS resolution to clients as well as direct clients to the optimal data center site

relative to location.

Be aware of the following regarding global load balancing:

• No console access; managed through the Customer Portal.

• Anycast DNS system is capable of providing redundant DNS resolution to clients and

directing clients to data center sites relative to location.

• Global load balancing is limited to Layer 4.

• Servers are added to or removed from the balancing pool on demand.

SoftLayer global load balancer

http://www.f5.com



Below are two examples of how the configure the global load balancer – simple and

complex.

Configuring examples

Example

Simple configuration A simple configuration of the global load balancer consists of two

servers in two different locations. With geography-based load

balancing, users are directed to the data center location to which

they are closest. In the event of a failure of either server, traffic is

directed to the remaining server.

Complex

configuration

A complex configuration of the global load balancer consists of

the global load balancer connecting to multiple local load

balancers at each physical location, with an additional fallback

location available in the event all sites fail.



VIP

connections

per second

Selecting VIP options

Deployment options:

• 50 VIP connections per second




• 1,000 VIP connections per second



Weighted

round robin

Geography

Round

robin

Failover

VIP

connections

per second

Global

load

balancer

The global load balancer utilizes weight round robin, geography, round robin, and

failover as methods to balance traffic among two or more servers in one or more data

centers.

Resides in

all SoftLayer

data centers

and PoPs

Balancing methods



VIP

connections

per second

SoftLayer data center 1 Global

Load

balancer SoftLayer data center 2

Routing to servers

Weighted

round robin

Geography

Round

robin

Failover

Resides in

all SoftLayer

data centers

and PoPs



Using the SoftLayer Citrix NetScaler load balancer

The SoftLayer Citrix NetScaler load balancer is a web application delivery appliance. It is

designed to accelerate application performance, and ensure application availability and

protection while substantially lowering costs.

Citrix NetScaler load balancer is

• Available for deployment in both public and private networks in SoftLayer.

• Only option to load balance non-public network-facing servers and virtual instances.

• Allowed up to, and including, Layer 7.

• Includes 5 TB of public outbound bandwidth and unlimited private network bandwidth per

device.

The deployment options for Citrix NetScaler Standard and Platinum Editions are

• 10 Mbps, 200 Mbps, and 1 Gbps.

• One, two, four, eight, or 16 public IP addresses.



Using the SoftLayer Citrix NetScaler load balancer (cont.)

Standard Edition Platinum Edition

• TCP buffering

• TCP multiplexing

• SSL offload and

acceleration

• Client and server TCP

optimizations

• L4 DoS defenses

• Layer 7 content filtering

• HTTP rewrite

• URL rewrite

• Citrix Access Gateway

• Layer 4 load balancing

• Layer 7 content

switching

• AppExpert rate controls

• IPv6

• TCP buffering

• TCP multiplexing

• SSL offload and

acceleration

• Cache redirection

• Client and server TCP

optimizations

• Citrix AppCompress for

HTTP

• Citrix AppCache

• L4 DoS defenses

• Layer 7 content filtering

• HTTP rewrite

• URL rewrite

• Citrix Access Gateway

• Layer 7 DoS defenses

• NetScaler Application

Firewall

• Layer 4 load balancing

• Layer 7 content

switching

• AppExpert rate controls

• IPv6

• Global server load

balancing

• Surge protection

• Priority queuing




• Managed firewalls

• FortiGate security appliance

• Vyatta gateway appliance

Setting up firewalls in SoftLayer



SoftLayer’s hardware firewalls utilize the Fortinet FortiGate 300 Series firewalls. You

select from a dedicated hardware firewall or a standard hardware firewall based on your

need.

• Dedicated firewalls protect one, multiple, or all servers that share the same VLAN for

the highest assurance of uptime.

• Standard firewalls provide individual servers an additional layer of server security.

The firewalls are provisioned on demand without service interruptions.

Working with SoftLayer’s managed firewall



Working with SoftLayer’s managed firewall (cont.)

Dedicated hardware firewalls Standard (shared) hardware firewall

Deployment options:

• 1 Gbps dedicated

• 1 Gbps dedicated with high availability

Deployment options:

• 10 Mbps

• 100 Mbps

• 1 Gbps

• Protect an entire defined VLAN.

• Designed rules to be applied to entire

VLAN or to single servers in defined

VLAN.

• Managed through customer portal and

API.

• Provides firewall, anti-virus, and

intrusion prevention.

• Applied to individual servers (dedicated

server or CCI)

• Designed rules for all IPs assigned to

designated server or for a single IP

address on the server

• Managed through Customer Portal and

API

• Provides firewall and anti-virus based

security.



The deployment options for the FortiGate security application are single deployment or

high availability.

The hardware is the same as the SoftLayer managed hardware firewall offering

(FortiGate 300 series).

There is direct access to the FortiGate's console and native management tools. The

console and tools provide complete, granular control over advanced firewall and security

features. These security features include anti-virus, intrusion detection, intrusion

prevention, and VPN capabilities (IPSec, PPTP, and L2TP).

Using the FortiGate security appliance



The Vyatta gateway appliance is designed to allow for advanced network routing and

configuration of a portion of or the entire account for a customer in SoftLayer.

Using the Vyatta gateway appliance

Deployment options

CPU RAM Disk configuration Disk options

Xeon Quad Core 1230 3.2

Ghz

Xeon Quad Core 1270 3.4

Ghz

4 GB

8 GB

12 GB

16 GB

32 GB

JBOD

RAID 0

RAID 1

RAID 5

RAID 10

SATA

SATA 10K

SCSI 10K

SCSI 15K

SSD



Capabilities:

• IPSec VPN tunnels

• NAT

• Firewall services

• Router services

All Vyatta capabilities can be managed through either the SSH shell CLI or by connecting

to the Vyatta Network OS GUI via the SoftLayer VPN and private IP address.

Note: A customer may not have a

SoftLayer shared or dedicated firewall

service and a Vyatta network gateway

device assigned to the same VLAN.

Using the Vyatta gateway appliance (cont.)



In this topic, you will learn about SoftLayer IP

addresses.

Establishing additional IP address blocks



Understanding IP addresses in SoftLayer

IP block type Description

Static IP block

A block of IP Addresses that are routed directly to a specific IP on

the network.

Portable IP block Any IP block that can be used on multiple servers within a single

VLAN concurrently. Portable IP address are switchable within a

VLAN from server to server. There are two types of portable IP

blocks:

• Routed to VLAN is a static IP block that is routed to an entire

VLAN rather than a specific IP address. This IP block provides

the customer access to all IPs within the block.

• Secondary to VLAN is designed to be used within a virtual

environment. It requires that the network, gateway, and

broadcast IPs be bound directly to the VLAN rendering these IPs

unusable by the customer. This block is used in conjunction with

a virtual machine. (To have one usable IP address for a server

you need at least four IP addresses in a block.)

Each SoftLayer server (virtual or bare metal) comes with one primary IPv4 address.

Additional IP blocks are available in quantities of one, two, four, eight, 16, or 32.



Understanding IP addresses in SoftLayer (cont.)

Global IP's provide IP flexibility by letting users shift workloads between servers (even in

different data centers). Global IPs also provide IP persistence by allowing for transitions

between servers and virtual instance’s. This is a direct competitor to Amazon Elastic IPs,

without the limitation of being defined to a specific region.

Deployment options include:

• Monthly charge per deployed IP address.

• IP destination change through the customer portal or API commands.



In this topic, you will learn about SoftLayer’s

Domain Name System offering.

Using SoftLayer’s Domain Name System service



A customer has four options for using a named server with their SoftLayer infrastructure:

1. Use your (the customer’s) domain name registrar name servers to manage your (the

customer’s) domain names.

2. Use SoftLayer name servers to manage your domain names.

3. Use a third party DNS service to manage your domain names.

4. Run your own name servers on your server to manage your domain names.

SoftLayer DNS services:

• Public option (SoftLayer manages the customer’s domain). Public name servers act

as authoritative name servers for domain names that reside in SoftLayer DNS

servers and are managed through Customer Portal. These servers "answer" and

"resolve" domain names to a company’s IP address for the general Internet

population.

• Private Network. Resolving name servers are located on the private network and act

as DNS resolvers for a customer’s server. The private resolvers slave from SoftLayer

public name servers so they are always up to date. This is a convenience service for

customers.

Using Domain Name System (DNS)



What is a VLAN?

Virtual LAN (VLAN) is a networking concept in which network interfaces on different

routers, switches, and servers act as if they're on the same local network broadcast

domain.

How are VLANs used by SoftLayer?

SoftLayer servers are provisioned on “private VLANs” that are created per router (in a

data center) for the public and private networks. See the diagram below.

Describing a VLAN

VLAN

1

VLAN

2

VLAN

3

VLAN

4

VLAN

5

VLAN

6

Public network Private network

DC1

DC2

DC3



Spanning

• VLAN spanning is turned off by default.

• VLAN spanning enables a server or virtual instance connection to multiple VLANs

and data centers on the SoftLayer private network.

• IPs on the private VLANs in a customer account will be able to communicate once

spanning is enabled. There is no current discrete spanning separation.

• Five minutes to 15 minutes to activate VLAN spanning.

• Option is available to span private VLAN of two separate SoftLayer accounts.

• Cost is $25 per account.



• A customer can

segment their

provisioned

physical and

virtual servers

onto one or more

private VLANs.

• Customer VLANs

across one or

more data centers

can be

interconnected via

the SoftLayer

private network.

• Distributed denial

of service (DDoS)

protection is

provided on the

SoftLayer public

network via Cisco

Guard devices.

Planning an advanced VLAN design



? ?

Questions



Leading Edge

Trusted

Completely Free

Recommended actions

Sign up for a free 1 month trial account:

http://www.softlayer.com/info/free-

cloud/skills100

Within 60 days, register as a SoftLayer

partner with a viable SL opportunity (time

frame, workload, configuration) at:

http://www.softlayer.com/partners/ibm-

partners

http://www.softlayer.com/info/free-cloud

http://www.softlayer.com/info/free-cloud/skills100



http://www.softlayer.com/partners/ibm-partners





Attend other SoftLayer Fundamentals webinars or download

the replay and materials at your convenience

Please remember to download the glossary of terms

Webinar

Date Topic # Topic

February 25 1 Changing the landscape, not the definition - SoftLayer overview

February 27 2 One size does not fit all – Defining the SoftLayer cloud architecture



March 11 5 Keep safe – Securing your virtual instances

March 13 6 Storing your data – Understanding SoftLayer storage options

March 18 7 Flexible and on demand – Understanding SoftLayer managed services

March 20 8 You can’t manage what you don’t monitor – SoftLayer management and

monitoring

March 25 9 Evaluating cloud providers - Leveraging SoftLayer differentiators

37

SoftLayer Fundamentals Connecting to Th 1283769

Documents

Transcript of SoftLayer Fundamentals Connecting to Th 1283769