1. Four-layer load balancing works on the fourth layer of the OSI model, which is the transport layer. Layer 4 load balancing can only forward the request based on the destination address and source address in the message, but cannot modify or determine the specific type of the requested resource, and then forward it to the server to process the request through the internal scheduling algorithm of the load balancing. Layer 4 load balancing simply provides a reliable end-to-end connection and forwards requests to the backend. The connection is the same from beginning to end. LVS is a typical four-layer load balancing.
2. Seven-layer load balancing works on the seventh application layer of the OSI model, so seven-layer load balancing can perform load balancing based on the requested application layer information, such as allocating to back-end servers based on the requested resource type, rather than based on IP and port selection. The seven-layer load balancing function is richer and more flexible, and it can also make the entire network smarter. As shown in the figure above, the connections at both ends of the seven-layer load balancing (facing the client and the server) are independent.
3. In short, four-layer load balancing is implemented based on IP+port. Seven-layer load balancing is achieved through application layer resources.
The request process of layer seven and layer four
When a user accesses the domain name of a website, DNS will resolve the domain name into a public IP and encapsulate the user’s packet. Because it is across the network, the destination address of the packet will be the public IP of the website to be accessed. The source address is the IP address of the client.
The router first performs an AND operation on the IP requested by the user and finds that it is not in the same network segment, so it forwards the message and specifies the next hop address of the router. During the request process, it will go through Multiple routers finally reach the website’s IP (the public IP on the corporate firewall); the final destination IP address is the website’s public IP.
After accessing the public IP on the firewall, the packet will be forwarded again to the source. The address is the enterprise’s intranet address, and the target address is the IP address corresponding to haproxy. It will be determined based on whether haproxy is a layer 4 load or a layer 7 load; if it is a layer 4 load, haproxy will send the user according to the scheduling algorithm. The request is dispatched to a back-end webserver.
The source address of the message is the address of haproxy, and the destination address is the address of the webserver (the source address and destination address are modified to accurately return the reply message to haproxy to prevent it from being sent to others. server); if haproxy is a seven-layer load, haproxy will establish a connection with the back-end webserver through the TCP three-way handshake again instead of being a forwarder.
Load balancing software
Software that implements load balancing at layer 4 (tcp):
- lvs——>heavyweight
- nginx——>lightweight, with caching function, more flexible regular expressions
- haproxy——>simulates layer 4 forwarding, and is more flexible
at layer 7 ( http) Software that implements reverse proxy:
- haproxy——>Innate skills, fully supports seven-layer proxy, session maintenance, marking, path transfer
- nginx——>Only has better functions on http protocol and mail protocol, and its performance is similar to haproxy ;
- apache——>poor function
Similarities and differences between HAProxy and LVS
1) Both are software load balancing products, but LVS is a soft load balancing based on the Linux operating system, while HAProxy is a soft load balancing based on a third application.
2) LVS is an IP load balancing technology based on four layers, while HAProxy is a comprehensive load balancing solution based on four and seven layers of technology that can provide TCP and HTTP applications.
3) LVS works at the fourth layer of the ISO model, so its status monitoring function is single, while HAProxy is powerful in status monitoring and can support multiple status detection methods such as ports, URLs, and scripts.
4) Although HAProxy is powerful, its overall processing performance is lower than the four-layer mode LVS load balancing, and LVS has network throughput and connection load capabilities close to those of hardware devices.
