Load Balancers

Overview

This page lists the load balancers currently set up within Link11 WAAP.

Load balancers are added and managed outside of the UI; for assistance in changing or configuring load balancers, contact support.

Load balancer administration involves two primary activities:

Attachment of one or more security certificates.
For Link11 load balancers supporting a multi-regional or multi-cluster planet, configuring the preferred traffic routing (optional).

Attaching certificates

You can select or change the SSL certificate attached to a load balancer. Selecting the Attach Certificate button displays this dialog:

The certificates available for selection are those defined within the SSL Certificate list.

Configuring traffic routing

When a public-cloud load balancer is used, Link11 automatically routes traffic to the customer planet for processing.

When Link11 cloud load balancing is used, and the customer planet has multiple clusters or spans geographic regions, admins have additional control over traffic routing.

Note: in this discussion, "one" load balancer is a conceptual representation. Physically, it represent multiple load balancing instances, running simultaneously in multiple locations.

For each load balancer, admins can specify the preferred datacenter, i.e. the preferred regional instance of Link11 WAAP to scrub the traffic.

The UI offers the selection of one Preferred datacenter; this will be the destination for traffic from all locations where that load balancer is running.
If more granularity is needed, the API can be used to set a different preference for each location.

How traffic is routed

When traffic is received, the system will route the traffic as follows:

If a Preferred datacenter was selected, and that datacenter is up, it receives the traffic.
If a Preferred datacenter was selected, but that datacenter is currently down, traffic is balanced across all available datacenters.
If a Preferred datacenter was not selected, traffic is sent to the datacenter closest to the load balancer.

In the above, Preferred datacenter refers to any preference, whether specified via the UI or API. See this discussion about using the API correctly.

Multiple datacenters processing a client session

In certain situations, a single client session might be processed in more than one datacenter.

This can occur when Frankfurt is the destination for traffic. In the interface, "Frankfurt" represents two physical datacenters in the Frankfurt region. The system can send traffic to either one.

This can also occur when a preferred datacenter is, or becomes, unavailable. The system will route its traffic elsewhere, as described above, but will continue monitoring the preferred datacenter. Once it becomes available, traffic will be routed there again.

When a client session is processed by multiple datacenters, this has no impact on analytics or most traffic scrubbing. However, it can delay enforcement of Rate Limit Rules, because each datacenter will only have processed a subset of the client's requests.

PreviousSSL NextCertificates

Last updated 12 days ago

Was this helpful?