Network Working Group A. Bivens
Request for Comments: 4678 IBM Research
Category: Informational September 2006
Server/Application State Protocol v1
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2006).
IESG Note
This RFC is not a candidate for any level of Internet Standard. The
IETF disclaims any knowledge of the fitness of this RFC for any
purpose and in particular notes that the decision to publish is not
based on IETF review for such things as security, congestion control,
or inappropriate interaction with deployed protocols. The RFC Editor
has chosen to publish this document at its discretion. Readers of
this document should exercise caution in evaluating its value for
implementation and deployment. See RFC 3932 for more information.
Abstract
Entities responsible for distributing work across a group of systems
traditionally do not know a great deal about the ability of the
applications on those systems to complete the work in a satisfactory
fashion. Workload management systems traditionally know a great deal
about the health of applications, but have little control over the
rate in which these applications receive work. The
Server/Application State Protocol (SASP) provides a mechanism for
load balancers and workload management systems to communicate better
ways of distributing the existing workload to the group members.
Table of Contents
1. Introduction ....................................................3
1.1. Overview ...................................................3
1.2. Identities .................................................4
2. Requirements Notation ...........................................4
3. Conventions Used in This Document ...............................4
4. General Message Structure .......................................4
4.1. TLV Structure ..............................................6
4.2. Component Types ............................................6
4.3. SASP Protocol Header .......................................7
4.4. Version Negotiation ........................................8
5. Singular Protocol Components ....................................9
5.1. Member Data Component ......................................9
5.2. Group Data Component ......................................11
5.3. Weight Entry Data Component ...............................12
5.4. Member State Instance Component ...........................14
6. Group Protocol Components ......................................15
6.1. Group of Member Data Component ............................15
6.2. Group of Weight Data Component ............................16
6.3. Group of Member State Data Components .....................17
7. Protocol Messages ..............................................17
7.1. Registration Request and Reply ............................18
7.1.1. Registration Request ...............................18
7.1.2. Registration Reply .................................19
7.2. DeRegistration Request and Reply ..........................20
7.2.1. DeRegistration Request .............................21
7.2.2. DeRegistration Reply ...............................22
7.3. Get Weights Request and Reply .............................23
7.3.1. Get Weights Request ................................24
7.3.2. Get Weights Reply ..................................25
7.4. Send Weights ..............................................26
7.5. Set Member State Request and Reply ........................27
7.5.1. Set Member State Request ...........................28
7.5.2. Set Member State Reply .............................29
7.6. Set Load Balancer State Request and Reply .................30
7.6.1. Set LB State Request ...............................30
7.6.2. Set LB State Reply .................................32
8. Example of SASP Message Encoding ...............................32
9. Protocol Flow ..................................................37
9.1. Normal Protocol Flow ......................................37
9.2. Behavior in Error Cases ...................................39
9.3. Example Flow 1: Load Balancer Registration,
Getting Weights, and Application-Side Quiescing ...........41
9.4. Example Flow 2: Set Load Balancer State, Application
Registration, and Load Balancer Group DeRegistration ......43
9.5. Avoiding Single Points of Failure .........................44
10. Security Considerations .......................................45
11. Normative References ..........................................46
Appendix A. Acknowledgements ......................................47
1. Introduction
1.1. Overview
The Server/Application State Protocol is designed to enable load
balancers or schedulers (1) to receive traffic weight recommendations
from Workload Managers, (2) to register with Workload Managers
members of load balancing/scheduling groups, and (3) to enable
Workload Managers to suggest new load balancing group members to load
balancers and schedulers
The figure below shows where the SASP entities are in typical load
balancing topology.
----------
| Group |
-------->|Member 1|<--|
| ---------- |
| |
--------- ---------- | ---------- |
|Request|<------>| Load |---| | Group | |
|Origins|<------>|Balancer|----------->|Member 2|<--|
--------- | |---| ---------- |
---------- | |
^ | ---------- |
| -------->| Group | |
SASP | |Member 3|<--|
------- ---------- |
| |
| -------------------- |
| | Group | SASP |
------>| Workload Manager |<----------
--------------------
Figure 1
SASP is a binary protocol that facilitates communication from load
balancers/schedulers to Workload Managers. The connection between
the Group Workload Manager (GWM) and the load balancer/scheduler is
expected to be a long-running TCP connection. In SASP interactions,
the GWM acts as a SASP server waiting to receive connections from the
other SASP components. Server port 3860 has been registered with the
IANA for SASP communications. It is expected that all SASP
components are configured with the DNS name of the GWM to develop
this connection. Security in SASP is handled by transporting binary
messages over Secure Socket Layer/Transport Layer Security (SSL/TLS).
This document only describes the message format and protocol behavior
above the connection and security layers. Connection and security
aspects including SSL's authentication and encryption will be
implementation specific.
1.2. Identities
SASP identifies a load balancer by a UTF-8 string called a "LB UID".
A group of "equivalent" servers providing a service is identified by
a UTF-8 string called a "Group Name", which is interpreted in the
context of the LB UID. A server is identified by its IP address and
(optional) port and protocol numbers. A GWM is only identified
implicitly as the entity on the other end of the TCP connection from
a load balancer or group member. All of these identifiers are local;
there are no globally unique identifiers. The LB UID and GroupName
fields are unstructured so that components could assign values to
these fields that are meaningful to an administrator. For example,
in many cases, a load balancer would use the name an administrator
provided for the serverfarm group as the groupname in a SASP-
specified group. Since the naming options in industry load balancers
do not carry explicit naming restrictions, SASP naming options also
carry no naming restrictions.
2. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. Conventions Used in This Document
o Load Balancer - Entity responsible for distributing requests
amongst the available members.
o Member - Machine, process, or application used to service
requests.
o Group Workload Manager (GWM) - Entity responsible for reporting or
managing a group of members on multiple machines.
4. General Message Structure
Any string interpreted by the group workload manager is assumed to
use UTF8. Components implementing SASP MUST support the printable
ASCII subrepertoire of UTF8 (0x20-0x7E). Components MAY also choose
to provide support for additional UTF8 character encodings. It is
recommended that customers using SASP-enabled products configure the
string-generating components (load balancers and group members) to
use the same character repertoire.
Many of the SASP structures involve the transfer of multi-byte
integer values. In all cases where multi-byte integer values are
used, they are considered to be in network-byte order (big-endian).
SASP is organized into several message components. For extendibility
and ease of processing, each message component is described in a TLV
(Type, Length, Value) format. An illustration of the SASP structure
can be found in the example below. The first section is the header
followed by the message component type. As mentioned, the header,
message component, and all other components have a TLV format. Each
component value contains a variable number of fields, some of which
refer to upcoming components (explained component descriptions are in
upcoming sections). After the first message component, any number of
additional components may be included (as stipulated in the fields of
the message type).
-------------------------------------------------
| |T| Type (SASP Header Type) |
| SASP |----------------------------------|
| Header |L| Length of SASP header TLV |
| |----------------------------------|
| |V| Header fields |
|-----------------------------------------------|
| |T| Type (Message Type) |
| Message |----------------------------------|
| Type |L| Length of this Message Type TLV|
| Component |----------------------------------|
| |V| Component fields |
|-----------------------------------------------|
| |T| Type (Component Type) |
| |----------------------------------|
|Component-1 |L| Length of this TLV |
| |----------------------------------|
| |V| Component fields |
|-----------------------------------------------|
| ... |
|-----------------------------------------------|
| |T| Type (Component Type) |
| |----------------------------------|
|Component-n |L| Length of this TLV |
| |----------------------------------|
| |V| Component fields |
-------------------------------------------------
Figure 2
4.1. TLV Structure
An illustration of the TLV format is shown below. The Type is a
two-byte field containing a binary value for the component type. The
Length is a two-byte field containing the size of the TLV in bytes
(including the Type and Length fields). The Value field is a
variable-length field that actually contains the data of the
component.
< xxxx xxxx xxxx xxxx, xxxx xxxx xxxx xxxx, xxxx...........xxxx >
|-----------------| |-----------------| |-----------------|
Type(2 bytes) Length(2 bytes) Value(variable)
Figure 3
4.2. Component Types
The TLV structure requires a type value for each protocol component.
All SASP types are listed in this section.
Reserved 0x0000-0x1000
Message Types
Registration Request 0x1010
Registration Reply 0x1015
DeRegistration Request 0x1020
DeRegistration Reply 0x1025
Get Weights Request 0x1030
Get Weights Reply 0x1035
Send Weights 0x1040
Set Load Balancer State Request 0x1050
Set Load Balancer State Reply 0x1055
Set Member State Request 0x1060
Set Member State Reply 0x1065
Utility Component Types
SASP Header 0x2010
Singular Component Types
Member Data 0x3010
Group Data 0x3011
Weight Entry Data 0x3012
Member State Instance 0x3013
Group Component Types
Group of Member Data 0x4010
Group of Weight Entry Data 0x4011
Group of Member State Data 0x4012
Reserved 0xF000-0xFFFF
4.3. SASP Protocol Header
An illustration of the SASP Header is found in the table below. It
is expected that every message will start with the SASP Protocol
Header component.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SASP header type (0x2010) | Size of this TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version | Message Length
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Message ID
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
+-+-+-+-+-+-+-+-+
Figure 4
o Version: The version of the protocol used in this message.
o Message Length: A 4-byte signed integer value representing the
total length of the SASP message. It is said to be a signed
4-byte value to make any Java implementations easier (or any other
implementations without unsigned values); however, no negative
lengths are valid.
o Message ID: Each request message is given a 4-byte Message ID by
the message originator, which is simply returned in the Message ID
field of the reply. This field is meant to assist the requester
in correlating replies to the appropriate request when many
requests have been sent. In the Send Weights message (the only
message transaction that has no reply), this field serves no
purpose.
4.4. Version Negotiation
To negotiate the version of the protocol used by the entities
involved in the connection, the GWM views the version included in the
load balancer request as the load balancer's proposed version.
If the GWM supports the version proposed by the load balancer, it
will respond to the connection with the appropriate response code and
the load balancer's proposed version in the response header. This
proposed version should be the version used for all messages in this
connection.
If the GWM does not support the version proposed by the load
balancer, the GWM will respond with a "message not understood"
response code and the GWM's highest supported SASP version in the
version field of the response header. This is an indication for the
load balancer to come down to GWM's SASP version level.
5. Singular Protocol Components
The most basic of SASP components are singular components because
they describe a single instance of a member, member resource, member
weight, or group. Some of the SASP components reuse other SASP
components. When this is the case, any component being reused by a
base component will simply be given immediately following the base
component. Some examples of this technique are seen and explained in
the Weight Entry and Member State Instance components.
5.1. Member Data Component
The member data component describes a particular member and is
referred to by other components.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member Data Type (0x3010) | Size of this TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Protocol | Port | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ +
| |
+ IP Address of Member +
| |
+ +-+-+-+-+-+-+-+-+
| | Label Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Label .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5
o Protocol: The assigned number of the IP transport layer used in
the Protocol Field of the IP header. These are defined in
[RFC1700]; however, a current list is maintained at
http://www.iana.org.
for example: TCP = 0x06, UDP = 0x11, etc.
o Port: The port number used for communication to the member.
*** A value of 0 can be given for the Protocol and Port to signify
a system level member. However, 0 shouldn't be perceived as a
wildcard for either Port or Protocol fields (i.e., a
deregistration request that includes a MemberData component with a
0 for the port doesn't mean deregister all applications listening
on any port of that IP and protocol).
o IP Address: The current format is described by the following 16
bytes, where IPv4 addresses are represented as "IPv4-compatible
IPv6 addresses" [RFC4291]. In the following example, the x's and
zeros represent 4-bit hex values. The x's describe arbitrary hex
values.
IPv4 Address: 00 00 00 00 00 00 00 00 00 00 00 00 xx xx xx xx
IPv6 Address: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx
o Label length: The length, in bytes, of the label string to follow.
o Label: A UTF8 string that may be set while registering a member.
This string is opaque to the GWM and is simply included with any
correspondence containing the member data component. Note that
the size of this label is <= 255 bytes. Because UTF8 character
encodings may be up to 6 bytes, care must be exercised by the load
balancer or member to make sure the UTF8 string it sends the GWM
is in fact <= 255 bytes.
5.2. Group Data Component
The group data component simply describes a group with which to
associate other singular components.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Data Type (0x3011) | Size of this TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| LB UID Length | |
+-+-+-+-+-+-+-+-+ +
. .
. LB UID .
. .
+ +-+-+-+-+-+-+-+-+
| |Group Name Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. Group Name .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6
o LB UID Length: Length of the LB UID to follow (in bytes).
o LB UID: A UTF8 string used as a unique identifier and a context
for the Group Name (e.g., a UTF8 representation of the MAC address
of the load balancer or some type of Universally Unique Identifier
(UUID)). This string is used by the Group Workload Manager to
associate application registration and deregistration, and to set
state messages with the correct load balancer. This unique
identifier should not be any longer than 64 bytes.
o Group Name Len: Length of the Group Name field to follow (in
bytes).
o Group Name: A UTF8 string the load balancer has chosen to tell the
Group Workload Manager that members being registered with this
Group Name are equivalent in function. In Get Weight and
DeRegistration messages, the Group Name may be omitted (Group Name
Length = 0) to indicate all groups from the associated load
balancer.
5.3. Weight Entry Data Component
The Weight Entry Component is used by the get and send weight
messages to associate a weight with a particular member (or Member
Data). It also uses an opaque member state field and a general
member flags field to denote extra information about a member
(described below). When the Weight Entry component is used, the
Member Data TLV it refers to is listed first, immediately followed by
the Weight Entry TLV.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member Data Type (0x3010) | Size of this Member Data TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. Member Data Fields .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight Entry Type (0x3012) | Size of this Weight Entry TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| State Field | Flags Field | Weight |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7
o State Field: This field is used by the member to communicate state
information to the scheduler. The information placed in this
field is opaque to the GWM and will simply be forwarded to the
scheduler with the member weights. There are no defined values
for this field.
o Flags Field: This field has several flag values that describe
several attributes of the member.
A. Contact Success Flag (set by the GWM): describes whether the
member is currently running. If the contact success flag is
off, this member should be avoided by the load balancer.
+ xxxx xxx1 The GWM has located this running system or
application.
+ xxxx xxx0 The GWM has not located this running system or
application.
B. Quiesce Flag (set by the load balancer or Member): used when
an administrator would like to temporarily remove a member
from the weight calculation, but not deregister it from the
group. When quiesced, the member will still show up in the
weights, but the quiesce flag will be set, and its weight will
be zero. When the administrator returns this member to
active, the quiesce flag will be 0, and a weight will be
provided. If the quiesce flag is on, this member should be
avoided by the load balancer.
+ xxxx xx1x The member is quiesced.
+ xxxx xx0x The member is active (not quiesced).
C. Registration Flag (set by the GWM): stores how the member was
registered.
+ xxxx x1xx This member has been registered by the load
balancer/scheduler.
+ xxxx x0xx This member has registered itself.
D. Confident Flag (set by the GWM): describes whether the GWM has
knowledge of this member's state. If this flag is off for
only some of the members in the group while the remaining
members have valid weights, the load balancer should avoid
sending work to those members with the confident flag off. If
the confident flag is off for all valid group members, the
load balancer should disregard any recommendation from the GWM
until the confident flag comes back on for at least one
member. In this case where all confident flags are off, the
load balancer should determine the correct distribution of
work by other means (perhaps a different advisor, previously
configured static weights, etc.).
The goal of the confident flag is to convey to the load
balancer that it should look to other methods of distribution
recommendations if the GWM cannot give recommendations for any
of the valid group members. If some members of the group have
the confident flag on but the contact flag off or the quiesced
flag on (meaning these members should always be avoided) while
the remaining members of the group have their confident flag
off, the load balancer should determine the appropriate
distribution of work for those members with the confident flag
off by other means.
+ xxxx 1xxx GWM has determined it has knowledge of the state
of this member.
+ xxxx 0xxx GWM has no knowledge of the state of this member.
E. Leftmost four bits are reserved (0000 xxxx - 1111 xxxx).
o Weight: This field represents the GWM's recommendation for the
relative amount of work that should be sent to this member. This
is a 16-bit field with a possible range of 0 to 65536. Load
balancers should be prepared to receive a wide range of weight
values. Load balancers with limited maximum weight values may
restrict the granularity of management by the GWM and in turn
cause less than optimal performance. Many existing
implementations have supported a minimum raw weight range from 0
to 100.
5.4. Member State Instance Component
The Member State Instance Component is used by the set member state
message to indicate the sender's perceived state of the member
mentioned. This component is used to set values that will ultimately
end up in the WeightEntry component. When the Member State Instance
component is used, the Member Data TLV it refers to is listed first,
immediately followed by the Member State Instance TLV.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member Data Type (0x3010) | Size of this Member Data TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. Member Data Fields .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member State Instance(0x3013) | Size of Member State Inst TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| State Field | Flags Field |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 8
o State Field: This field is used by the member to communicate state
information to the load balancer or scheduler. There are no
defined values for this field.
o Flags Field: This field describes attributes of the member.
Currently the only flag value defined is that of the quiesce flag.
The quiesce flag is used when an administrator would like to
temporarily remove a member from the weight calculation, but not
deregister it from the group. When quiesced, the member will
still show up in the weights, but the quiesce flag will be set,
and its weight will be zero. When the administrator returns this
member to active, the quiesce flag will be 0, and a weight will be
provided.
A. Quiesce Flag
+ xxxx xxx1 The member or load balancer setting this state is
quiescing this member.
+ xxxx xxx0 The member or load balancer setting this state is
placing the member in a non-quiesced state.
B. Leftmost seven bits are reserved (0000 000x - 1111 111x).
6. Group Protocol Components
Group protocol components each contain a collection of related
singular components. In particular, they associate Member Data,
Weight Entry, or Member State Instance components to a particular
Group Data component. In these cases, the particular "Group of x"
component will be immediately followed by the Group Data component.
The Group Data component will be immediately followed by any number
of singular components the group contains. In figures listed in this
document, a component type with an asterisk denotes a component that
is repeated a number of times.
6.1. Group of Member Data Component
The "group of member data" component describes a particular group of
members and is used in the registration message components.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group of Member Data (0x4010) | Size of GroupOfMemberData TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. Group Data TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. *Array of Member Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 9
o Member Count: The number of Member Data Components immediately
following the Group Data structure.
o Array of Member Data Components: There will be as many Member Data
TLVs as Member Count has specified. A load balancer/scheduler
would use these components to pass information that would enable
the Group Workload Manager to identify the members to associate
with this Group Name. The Member Data Component was described in
Section 5.1. In DeRegistration messages, the Member Count may be
set to 0 to indicate all members of a particular group.
6.2. Group of Weight Data Component
The "Group of Weight Data" Component is used by the get and send
weight messages to create a list of Weight Entry Components for a
particular group.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Group Weight Entry Type(0x4011)| Size of GroupOfWeightEntry TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight Entry Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. Group Data TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. *Array of Weight Entry Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 10
o Weight Entry Count: The number of Member Data / Weight Entry
combinations to follow the Group Data TLV.
o Array of Weight Entry Data TLVs: There will be as many [Member
Data / Weight Entry] TLVs as Weight Entry Count has specified.
Each Weight Entry component is preceded by its corresponding
Member Data component as explained in Section 5.3. This Member
Data / Weight Entry data combination will repeat to form as many
Weight Entry items as the Weight Entry Count specifies.
6.3. Group of Member State Data Components
The "group of member state data" component describes a particular set
of members and their corresponding state fields used in the Set
Member State messages.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Group Weight Entry Type(0x4011)| Size of GroupOfWeightEntry TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Member State Instance Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. Group Data TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. *Array of Member State Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 11
o Member State Instance Count: The number of Member Data / Member
State Instance combinations following the Group Data component.
o Array of Member State Data Components: Each Member State Instance
component is immediately preceded by its corresponding Member Data
component as explained in Section 5.4. This Member Data / Member
State Instance combination will repeat to form as many Member
State items as the Member State Instance Count specifies.
7. Protocol Messages
SASP messages are a collection of TLVs (Type, Length, and Value
components). The header has no information as to what type of
message it is part of; the purpose-specific information is in the
message component. This format could facilitate placing more than
one message component in a single message; however, this use of
multiple message components is not supported in every GWM and could
produce indeterminate behavior. Similar to the other protocol
components, when a message component needs to involve other
components, the additional components immediately follow the message
component.
All SASP requests sent to the GWM will be acknowledged with a reply.
The reply contains information requested as well as a single-byte
response code describing the success of the request. SASP defines
some general response codes in the range of 0x00 - 0x3F that may be
used regardless of the response message type. However, some request
types may cause specific error conditions not covered by the general
response codes. The response code range of 0x40 - 0xFF is used for
these message-specific response codes. Any given SASP response will
only contain one response code (depending on the error type). This
section explains the format and purpose of specific SASP messages.
7.1. Registration Request and Reply
This exchange happens between the load balancer/scheduler and the
Group Workload Manager as well as between the Group Workload Manager
and the member to register the members in a group specified by Group
Name. Applications are identified with an IP address, Protocol, and
Port. Systems are identified only with an IP Address (Port = 0x0000
and Protocol = 0x00). All members in a group have equivalent
functionality, so the Group Workload Manager can direct routers, load
balancers, and schedulers to any member in the group. Even though
registrations can come from either the load balancer/scheduler or the
actual member, member-initiated registrations will only be considered if
the Trust flag has been set with a Set LB State message.
EID 20 (Verified) is as follows:Section: 7.1
Original Text:
...will only be considered if
the Trust flag is set while the state of the load balancer/scheduler is set.
Corrected Text:
... will only be considered if
the Trust flag has been set with a Set LB State message.
Notes:
also applies to section 7.2
from pending
7.1.1. Registration Request
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Registration Req. Type(0x1010)| Size of Registration Req. TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flag Field | Group of Member Data Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. *Array of Group of Member Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*There will be as many Group of Member Data Components as "Group of
Member Data Count" has specified.
Figure 12
o Flag Field
A. Load Balancer Flag
+ xxxx xxx1 The entity sending this message is the load
balancer.
+ xxxx xxx0 The entity sending this message is an
Application.
B. Leftmost seven bits are reserved (0000 000x - 1111 111x).
o Group of Member Data Count: The number of "Group of Member Data"
components immediately following the Registration Request
component.
o Array of Group of Member Data Components: Each "Group of Member
Data" component is immediately followed by Group Data Components
and its Member Data components (as described in Section 6.1). In
the case where several of these "Group of Member Data" components
may be present, the second "Group of Member Data" component only
appears after all of the internal components that are referred to
by the first "Group of Member Data" component are listed. The
format is the same for all subsequent "Group of Member Data"
components in the message.
7.1.2. Registration Reply
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Registration Reply Type(0x1015)| Size of Registration Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Figure 13
o General SASP return codes (0x00 - 0x3F)
* 0x00 Successful
* 0x10 Message not understood
* 0x11 GWM will not accept this message from the sender. Reasons
for this include the following:
a. The message was not sent by a LB and trust flag is off
b. LB attempted to address members of a different LB in the
message
c. Vendor specific criteria for this message type were not met.
o Message-Specific return codes (0x40 - 0xFF)
* 0x40 Member already registered
* 0x44 Duplicate Member in Request
* 0x45 Invalid Group (determined by the GWM)
* 0x50 Invalid Group Name Size (size == 0)
* 0x51 Invalid LB UID Size (size == 0 or > max)
* 0x61 Member is registering itself, but LB hasn't yet contacted
the GWM. This registration will not be processed.
**The Invalid Group error return code refers to the LB or member
attempting to form a group that the GWM considers invalid. For
example, some GWM vendors may not support the registration of both
System and Application members in the same group. To determine what
can cause a GWM to return this error code, the vendor's documentation
must be consulted.
7.2. DeRegistration Request and Reply
This exchange happens between the load balancer/scheduler and the
Group Workload Manager as well as between the Group Workload Manager
and the Member to deregister members from a group specified by Group
Name with the Group Workload Manager. Even though deregistrations
can come from either the load balancer/scheduler or the actual
member, member-initiated deregistrations will only be considered if
the Trust flag is set with a Set LB State message.
7.2.1. DeRegistration Request
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DeRegistration Req.Type(0x1020)|Size of DeRegistration Req. TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flag Field | Reason | Group of Member Data Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. *Array of Group of Member Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*There will be as many Group of Member Data Components as "Group of
Member Data Count" has specified.
Figure 14
o Flag Field
A. Load Balancer Flag
+ xxxx xxx1 The entity sending this message is the load
balancer.
+ xxxx xxx0 The entity sending this message is an
Application.
B. Leftmost seven bits are reserved (0000 000x - 1111 111x).
o Reason: Byte describing the reason for deregistering the group or
instance.
A. SASP-defined Reason Codes (0x00-0x7F)
+ 0x00 No reason given.
+ 0x01 Learned and Purposeful, i.e., a human has deconfigured
this member from the load balancer configuration.
+ 0x80-0xFF Open for vendor specific deregistration reason
codes.
o Group of Member Data Count: The number of "Group of Member Data"
components immediately following the DeRegistration Request
component.
o Array of Group of Member Data Components: Each "Group of Member
Data" component is immediately followed by Group Data Components
and its Member Data components (as described in Section 6.1). In
this case, where several of these "Group of Member Data"
components may be present, the second "Group of Member Data"
component only appears after all of the internal components that
are referred to by the first "Group of Member Data" component are
listed. The format is the same for all subsequent "Group of
Member Data" components in the message.
** If Member Count equals zero in the Group of Member Data component,
the Group Workload Manager will deregister the entire group.
** Recall that the Group Data Component contains both a Unique LB
Identifier field and a Group Name field. If the Group Data component
has no Group Name (GroupData's Group Name Length==0), the Group
Workload Manager will deregister all groups associated with this load
balancer.
7.2.2. DeRegistration Reply
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| DeReg. Reply Type(0x1025) | Size of DeReg. Reply TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Figure 15
o Return Code: A byte return code indicating the status of action
taken.
A. General SASP return codes (0x00 - 0x3F)
+ 0x00 Successful
+ 0x10 Message not understood
+ 0x11 GWM will not accept this message from the sender.
Reasons for this include the following:
a. The message was not sent by a LB and trust flag is off
b. LB attempted to address members of a different LB in the
message
c. Vendor specific criteria for this message type were not
met.
B. Message-Specific return codes (0x40 - 0xFF)
+ 0x41 Application or System not registered
+ 0x42 Unknown Group Name
+ 0x43 Unknown LB UID
+ 0x44 Duplicate Member in Request
+ 0x46 Duplicate Group in Request (for remove all
members/groups requests)
+ 0x51 Invalid LB UID Size (size == 0 or > max)
+ 0x61 Member is deregistering itself, but LB hasn't yet
contacted the GWM. This deregistration will not be
processed.
7.3. Get Weights Request and Reply
This exchange happens between the load balancer/scheduler and the
Group Workload Manager to get weights for the groups specified in the
list of GroupData objects. In the case of application load balancing
(balancing workloads between applications with the same
functionality), the load balancer would call the Group Workload
Manager every Interval (parameter returned by the Group Workload
Manager below) to get an array of weights and associated members
(e.g., Application1 20, SecondCopyOfApplication 30,
ThirdCopyOfApplication 5). The load balancer then uses these weights
to determine the fashion in which work will be sent to each of the
members. For example, in the case of weighted round robin, the load
balancer/scheduler would then send a request to Application1, the
next to SecondCopyOfApplication, and the next to
ThirdCopyOfApplication. After 15 requests, the load
balancer/scheduler would only send work to Application1 and
SecondCopyOfApplication. After an additional 30 requests, the load
balancer/scheduler would only send requests to
SecondCopyofApplication. After another 10 requests, the load
balancer/scheduler product would start over using the weights of 20,
30, and 5 again; or if the Interval number of seconds have passed,
the load balancer/scheduler would get a new set of weights.
7.3.1. Get Weights Request
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Get Weights Req. Type(0x1030) | Size of Get Weights Req. TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group Data Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. *Array of Group Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*There will be as many Group Data Components as "Group Data Count"
has specified.
Figure 16
o Group Data Count: The number of "Group Data" components
immediately following the Get Weights Request TLV.
o Array of Group Data Components: This array of Group Data
Components lists the groups for which the load balancer wants to
get weights.
** If there is no group name in the Group Data structure of the Get
Weights Request, the load balancer is requesting weights for all
groups registered for the load balancer.
7.3.2. Get Weights Reply
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Get Weights Reply Type(0x1035)| Size of Get Weights Reply TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code | Interval | Group of Weight
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Entry Data Count| |
+-+-+-+-+-+-+-+-+ +
. .
. *Group of Weight Entry Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* There will be as many Group of Weight Entry Data Components as
"Group of Weight Entry Data Count" has specified.
Figure 17
o Return Code: A byte return code indicating the status of action
taken.
A. General SASP return codes (0x00 - 0x3F)
+ 0x00 Successful
+ 0x10 Message not understood
+ 0x11 GWM will not accept this message from the sender.
Reasons for this include the following:
a. LB attempted to address members of a different LB in the
message
b. Vendor specific criteria for this message type were not
met.
B. Message-Specific return codes (0x40 - 0xFF)
+ 0x42 Unknown Group Name
+ 0x43 Unknown LB UID
+ 0x46 Duplicate Group in Request
+ 0x51 Invalid LB uid Size (size == 0 or > max)
o Interval: These two bytes indicate a recommended polling interval
(number of seconds) for the load balancer to use. The Group
Workload Manager is stating that any polling interval smaller than
the suggested interval would probably retrieve values before they
have had a chance to change.
EID 950 (Verified) is as follows:Section: 7.3.2
Original Text:
o Interval: These two bytes indicate a recommended polling interval
for the load balancer to use. The Group Workload Manager is
stating that any polling interval smaller than the suggested
interval would probably retrieve values before they have had a
chance to change.
Corrected Text:
o Interval: These two bytes indicate a recommended polling interval
(number of seconds) for the load balancer to use. The Group
Workload Manager is stating that any polling interval smaller than
the suggested interval would probably retrieve values before they
have had a chance to change.
Notes:
does not mention the intended *unit* for this Interval -- seconds / centiseconds / milliseconds ???
Section 7.3 seems to say the Intervals are in seconds.
from pending
o Group of Weight Entry Data Components: Each "Group of Weight Data"
component is immediately followed by Group Data Components and its
Weight Entry Data components (as described in Section 6.2). In
this case, where several "Group of Weight Data" components may be
present, the second "Group of Weight Data" component only appears
after all of the internal components that are referred to by the
first "Group of Weight Data" component are listed. The format is
the same for all subsequent "Group of Weight Data" components in
the message.
7.4. Send Weights
This exchange happens between the Group Workload Manager and the load
balancer/scheduler to send the new weights for the group specified in
Group Name. This message is unique in that it is the only message
exchange initiated by the Group Workload Manager and the only message
that has no reply. In the case of application load balancing
(balancing workloads between applications with the same
functionality), the Group Workload Manager would message the load
balancer at a possibly dynamic interval (chosen by the Group Workload
Manager) to send an array of weights and associated members (e.g.,
Application1 20, SecondCopyOfApplication 30, ThirdCopyOfApplication
5). The load balancer then uses these weights to determine the
fashion in which work will be sent to each of the members. For
example, in the case of weighted round robin, the load
balancer/scheduler would then send a request to Application1, the
next to SecondCopyOfApplication, and the next to
ThirdCopyOfApplication. After 15 requests, the load
balancer/scheduler would only send work to Application1 and
SecondCopyOfApplication. After another 30 requests, the load
balancer/scheduler would only send requests to
SecondCopyofApplication. After an additional 10 requests, the load
balancer/scheduler product would start over using the weights of 20,
30, and 5 again, if it has not yet received a new set of weights.
The Group Workload Manager only sends this message if the Push flag
has been enabled using a Set Load Balancer State message.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Send Weights Type(0x1040) | Size of Send Weights TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Group of Weight Data Count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. *Group of Weight Entry Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* There will be as many Group of Weight Entry Data Components as
"Group of Weight Data Count" has specified.
Figure 18
o Group of Weight Entry Data Components: Each "Group of Weight Data"
component is immediately followed by Group Data Components and its
Weight Entry Data components (as described in Section 6.2). In
this case, where several "Group of Weight Data" components may be
present, the second "Group of Weight Data" component only appears
after all of the internal components that are referred to by the
first "Group of Weight Data" component are listed. The format is
the same for all subsequent "Group of Weight Data" components in
the message.
7.5. Set Member State Request and Reply
This is a special exchange that can take place between the load
balancer and the Group Workload Manager or between the Member and the
Group Workload Manager to pass information about the state of the
member including placing the member in quiesced or non-quiesced
states. In particular, the load balancer/scheduler can use this
message to quiesce a set of members. Members can also use this
message to quiesce themselves as well as to pass certain state
information to the load balancer/scheduler that is opaque to the
Group Workload Manager. This opaque state information is passed to
the load balancer/scheduler with the weights during get and send
weight messages.
7.5.1. Set Member State Request
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|SetMemberState Req.Type(0x1060)|Size of SetMemberState Req. TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flag Field | Group of MemberStateData Count| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
. .
. *Array of Group of Member State Data Components .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*There will be as many Group of Member State Data Components as
"Group of Member State Data Count" has specified.
Figure 19
o Flag Field
A. Load Balancer Flag
+ xxxx xxx1 The entity sending this message is the load
balancer.
+ xxxx xxx0 The entity sending this message is an
Application.
B. Leftmost seven bits are reserved (0000 000x - 1111 111x).
o Group of Member State Data Count: The number of "Group of Member
State Data" components immediately following the Set Member State
Request TLV.
o Array of Group of Member Data Components: Each "Group of Member
State Data" component is immediately followed by Group Data
Components and its Member State Instance components (as described
in Section 6.3). In the case where several "Group of Member State
Data" components may be present, the second "Group of Member State
Data" component only appears after all of the internal components
that are referred to by the first "Group of Member State Data"
component are listed. The format is the same for all subsequent
"Group of Member State Data" components in the message.
7.5.2. Set Member State Reply
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set Member State Reply(0x1065)|Size of SetMemberStateReply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
EID 949 (Verified) is as follows:Section: 7.5.2
Original Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set Member State Reply(0x1025)|Size of SetMemberStateReply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Corrected Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set Member State Reply(0x1065)|Size of SetMemberStateReply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Notes:
Assuming the correct values are in section 4.2. Further, 7.5.1. Set Member State Request has 1060, agreeing with section 4.2.
from pending
Figure 20
o Return Code: A byte return code indicating the status of action
taken.
A. General SASP return codes (0x00 - 0x3F)
+ 0x00 Successful
+ 0x10 Message not understood
+ 0x11 GWM will not accept this message from the sender.
Reasons for this include the following:
a. The message was not sent by a LB and trust flag is off
b. LB attempted to address members of a different LB in the
message
c. Vendor specific criteria for this message type were not
met.
B. Message-Specific return codes (0x40 - 0xFF)
+ 0x41 Application or System not registered
+ 0x42 Unknown Group Name
+ 0x43 Unknown LB UID
+ 0x44 Duplicate Member in Request
+ 0x46 Duplicate Group in Request
+ 0x50 Invalid Group Name Size (size == 0)
+ 0x51 Invalid LB UID Size (size == 0 or > than max)
+ 0x61 Member is setting state for itself, but LB hasn't yet
contacted the GWM. This request will not be processed.
7.6. Set Load Balancer State Request and Reply
This is an exchange that can take place between the load balancer and
the Group Workload Manager to pass information about the state (and
partial configuration) of the load balancer.
7.6.1. Set LB State Request
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Set LB State Req. Type (0x1050)| Size of Set LB State Req. TLV |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| LB UID Length | |
+-+-+-+-+-+-+-+-+ +
. .
. LB UID .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| LB Health | LB Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 21
o LB UID Length: one-byte length field describing the size of the
following LB UID.
o LB UID: This should be the same unique identifier given when
registering group members for this particular load balancer.
o LB Health: This field gives the load balancer a chance to pass in
a metric describing its own health or state.
0x00 - 0x7F Least Healthy - Most Healthy
0x80 - 0xFF Reserved
o LB Flags:
A. Push Flag
+ xxxx xxx1 The load balancer should receive weights through
the Send Weights message (GWM pushes weights to load
balancer). Even if this flag is set, the GWM must still
respond accordingly to any Get Weights messages from the
load balancer.
+ xxxx xxx0 The load balancer will send a Get Weights message
to get the new weights. This is the default behavior.
(load balancer pulls weights from GWM).
B. Trust Flag
+ xxxx xx1x Trust any member-initiated registration,
deregistration, or set state message. Immediately reflect
the registration, deregistration, or new state in the
weights sent.
+ xxxx xx0x Do not trust any member-initiated registration,
deregistration, or set state message. Registration,
Deregistration, and State Setting of members can only occur
from the load balancer. Discard any member-initiated
registration, deregistration, or set state message. This
is the default behavior.
C. No Change / No Send Flag
+ xxxx x1xx The GWM must not include members whose weights
and state (i.e., contact and quiesce flags) have not
changed since they were last sent.
+ xxxx x0xx The GWM must include the weights of all group
members when sending the weights to this load balancer
(including members whose weights and state have not
changed). This is the default behavior.
D. Leftmost five bits are reserved (0000 0xxx - 1111 1xxx).
7.6.2. Set LB State Reply
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. SASP Header TLV .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set LB State Reply (0x1055) | Size of Set LB State Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
EID 2129 (Verified) is as follows:Section: 7.6.2
Original Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set LB State Reply (0x1025) | Size of Set LB State Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Corrected Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set LB State Reply (0x1055) | Size of Set LB State Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Notes:
Assuming the correct values are in section 4.2.
from pending
EID 951 (Verified) is as follows:Section: 7.6.2
Original Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set LB State Reply (0x1025) | Size of Set LB State Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Corrected Text:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Set LB State Reply (0x1055) | Size of Set LB State Reply TLV|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Return Code |
+-+-+-+-+-+-+-+-+
Notes:
Assuming the correct values are in section 4.2.
from pending
Figure 22
o Return Code: A byte return code indicating the status of action
taken.
A. General SASP return codes (0x00 - 0x3F)
+ 0x00 Successful
+ 0x10 Message not understood
+ 0x11 GWM will not accept this message from the sender.
Reasons for this include the following:
a. LB attempted to address the state of a different LB
b. Vendor specific criteria for this message type were not
met.
B. Message-Specific return codes (0x40 - 0xFF)
+ 0x51 Invalid LB UID Size (size == 0 or > max)
-8. Example of SASP Message Encoding
EID 946 (Verified) is as follows:Section: 99
Original Text:Corrected Text:
-
Notes:
Section 7.3.2 says: "o Interval: These two bytes indicate a recommended polling interval for the load balancer to use. The Group Workload Manager is stating that any polling interval smaller than the suggested interval would probably retrieve values before they have had a chance to change."
but it does not mention the intended *unit* for this Interval.
from pending
This section provides an example of the actual SASP message encoding.
For this example, we will look at a sample GetWeights Reply in which
two webservers are registered to a serverfarm called FARM1. The IP
addresses of the two webservers are 10.10.10.1 and 10.10.10.2.
Currently the GWM has a weight of 40 for 10.10.10.1 and 20 for
10.10.10.2. The load balancer has a unique Identifier of "LB1" and
the message example was sent by the GWM in response to a request
(MessageID: 0x32000000) for FARM1's weights.
The TLVs necessary for this message are shown in the following list.
1. SASP Header TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x2010 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x000D |
|-----------|---------|------------|
| | Version | 1 byte | 0x01 |
| |---------|---------|------------|
|V| Mesg Len| 4 bytes | 0x0000 006A|
| |---------|---------|------------|
| | Mesg ID | 4 bytes | 0x3200 0000|
------------------------------------
Figure 23
2. Get Weights Reply TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x1035 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0009 |
|-----------|---------|------------|
| | RetCode | 1 byte | 0x00 |
| |---------|---------|------------|
|V| Interval| 2 bytes | 0x0040 |
| |---------|---------|------------|
| |GWD Count| 2 bytes | 0x0001 |
------------------------------------
*GWD Count = Group of Weight Data Count
Figure 24
3. Group of Weight Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x4011 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0006 |
|-----------|---------|------------|
|V| WE Count| 2 bytes | 0x0002 |
------------------------------------
*WE Count = Weight Entry Count
Figure 25
4. Group Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x3011 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x000E |
|-----------|---------|------------|
| |LBUID len| 1 byte | 0x03 |
| |---------|---------|------------|
| | LBUID | 3 bytes | "LB1" or |
| | | | 0x4C 42 31 |
|V|---------|---------|------------|
| |GroupName| 1 byte | 0x05 |
| | Length | | |
| |---------|---------|------------|
| | Group | | "FARM1" or |
| | Name | 5 bytes | 0x46 41 52 |
| | | | 4D 31 |
------------------------------------
Figure 26
5. Member Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x3010 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0018 |
|-----------|---------|------------|
| | Protocol| 1 byte | 0x06 |
| |---------|---------|------------|
| | Port | 2 bytes | 0x0050 |
| |---------|---------|------------|
|V| IP |16 bytes | 0x0000 0000|
| | Address | | 0000 0000|
| | | | 0000 0000|
| | | | 0A0A 0A01|
| |---------|---------|------------|
| |Label Len| 1 byte | 0x00 |
| |---------|---------|------------|
| | Label | 0 bytes | |
------------------------------------
Figure 27
6. Weight Entry Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x3012 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0008 |
|-----------|---------|------------|
| | State | 1 byte | 0x00 |
| |---------|---------|------------|
|V| Flags | 1 byte | 0x0D |
| |---------|---------|------------|
| | Weight | 2 bytes | 0x0028 |
------------------------------------
Figure 28
7. Member Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x3010 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0018 |
|-----------|---------|------------|
| | Protocol| 1 byte | 0x06 |
| |---------|---------|------------|
| | Port | 2 bytes | 0x0050 |
| |---------|---------|------------|
|V| IP |16 bytes | 0x0000 0000|
| | Address | | 0000 0000|
| | | | 0000 0000|
| | | | 0A0A 0A02|
| |---------|---------|------------|
| |Label Len| 1 byte | 0x00 |
| |---------|---------|------------|
| | Label | 0 bytes | |
------------------------------------
Figure 29
8. Weight Entry Data TLV
------------------------------------
| | Field | Size | Value |
|-----------|---------|------------|
|T| Type | 2 bytes | 0x3012 |
|-----------|---------|------------|
|L| Length | 2 bytes | 0x0008 |
|-----------|---------|------------|
| | State | 1 byte | 0x00 |
| |---------|---------|------------|
|V| Flags | 1 byte | 0x0D |
| |---------|---------|------------|
| | Weight | 2 bytes | 0x0014 |
------------------------------------
Figure 30
A hex stream representing this same message is below:
20 10 00 0D 01 00 00 00 6A 32 00 00 00 10 35 00 09 00 00 40
00 01 40 11 00 06 00 02 30 11 00 0E 03 4C 42 31 05 46 41 52
4D 31 30 10 00 18 06 00 50 00 00 00 00 00 00 00 00 00 00 00
00 0A 0A 0A 01 00 30 12 00 08 00 0D 00 28 30 10 00 18 06 00
50 00 00 00 00 00 00 00 00 00 00 00 00 0A 0A 0A 02 00 30 12
00 08 00 0D 00 14
(106 bytes)
9. Protocol Flow
This section describes the expected general flow of the SASP
messages.
9.1. Normal Protocol Flow
SASP first starts with a connection from an LB to the GWM. This is
expected to be a long-running connection and will be used for many
messages. After establishing the connection, the LB either registers
a group of members or sets a Trust flag to allow the members to
register themselves. The Trust flag is set using a Set LB State
Request (both message flows are shown below).
Registration from load balancer
------------ Registration Request ------------------
| |----------------------->| |
| Load | | Group Workload |
| Balancer | Registration Reply | Manager |
| |<-----------------------| |
------------ ------------------
Set LB State from load balancer
------------ Set LB State Request ------------------
| |----------------------->| |
| Load | | Group Workload |
| Balancer | Set LB State Reply | Manager |
| |<-----------------------| |
------------ ------------------
Figure 31
The connection can start with other requests, but any other request
would likely result in an error (unless this connection is a
reconnection that has happened a short period of time after the
original connection). For example, if the load balancer issues a
deregistration request as its first message, it will receive an error
because it has not registered any groups.
The load balancer always drops all state information after a loss of
connection and can recover it using a GetWeights message. The
establishment of a new connection causes the GWM to assume that the
old one is broken. In this case, the GWM will keep all state for the
load balancer for a limited time after a detected break. After the
limited time has expired, all state for the broken connection will be
discarded by the GWM.
Registration of group members may be done at any time. A load
balancer can register anywhere from one group with one member to many
groups of many members. The member may also register itself if the
Trust flag has been set and it knows the appropriate load balancer
information. Registrations will add to groups that already exist,
but return errors if any of the registered members already exist.
In the case of system load balancing, the representation of a member
is only the member's IP address with a 0 used as the value for the
port and protocol. In the case of application load balancing, the
representation of a member is the member's IP address and the
Application's port and protocol.
Deregistration of group members may be done at any time. A load
balancer can deregister anywhere from one group with one member to
many groups of many members. The LB may also deregister entire
groups or deregister all of its groups at once. The member may also
deregister itself if the Trust flag has been set and it knows the
appropriate load balancer information.
Once members are registered, the GWM will start the monitoring and
weight computation processes to determine weights to be sent back to
the load balancer. At any time the load balancer may issue a
GetWeights message and ask for the weights for members in a
particular group. The LB may also set a flag telling the GWM to send
the weights without waiting for the GetWeights message. If this flag
is set, the GWM will send the weights at an interval it feels is
appropriate (the interval could change depending on the algorithm
used and variance of the weights generated).
At any time the LB or a particular member may quiesce the member
through the use of a SetMemberState message. In this case, the
member's weight will always be zero, and the quiesce flag will be
turned on when sending its weight. Members may also use this message
to send an opaque state value that will also be presented when
sending weights.
At any time, the load balancer may choose to send the GWM a
SetLBState request to configure its interaction. The message allows
the load balancer to set the Push, Trust, and NoChange_NoSend flags.
It also allows the load balancer to pass a health value to the GWM to
be displayed.
9.2. Behavior in Error Cases
While behaviors in many error conditions will be product specific,
the following error cases should have the following expected
behavior.
Case: The protocol is violated in an unrecoverable manner by either
end of the connection.
Behavior: Either end of the connection may choose to disconnect to
avoid future message synchronization problems. The state kept
when disconnected is vendor specific.
Case: LB or application attempts to connect to the GWM before the
GWM is fully up and running.
Behavior: The LB or application should wait at least 20 seconds to
retry the connection.
Case: Members attempt to register or deregister themselves before
the LB develops the connection with the GWM.
Behavior: In this case, the members would receive a reply with an
error code signifying that there is no LB registered with that LB
UID.
Case: Member registers or deregisters for an LB who has not set the
Trust flag.
Behavior: GWM will send Member a reply containing an error code.
Case: LB asks for weights for a group that doesn't exist.
Behavior: GWM will send LB a reply containing an error code.
Case: LB or Member attempts to register a member that is already
registered in that group.
Behavior: GWM will send sender a reply containing an error code.
Case: LB or Member attempts to deregister a member or group that
doesn't exist.
Behavior: GWM will send sender a reply containing an error code.
Case: LB or Member tries to set state for a non-registered server.
Behavior: GWM will send sender a reply containing an error code.
Case: LB tries to Get Weights for an unregistered group.
Behavior: GWM will send LB a reply containing an error code.
9.3. Example Flow 1: Load Balancer Registration, Getting Weights, and
Application-Side Quiescing
Load Group Workload
Balancer Manager
| |
| 1) Registration Request |
|------------------------>|
|<------------------------|
| Registration Reply |
| |
| 2) Set LB State Request |
|------------------------>|
|<------------------------|
| Set LB State Reply |
| |
| 3) Get Weights Request |
|------------------------>|
|<------------------------|
| Get Weights Reply |
| | 4) Set Member State Req. --------
| |<-------------------------|Member|
| |------------------------->| A |
| | Set Member State Reply --------
| |
| | 5) Set Member State Req. --------
| |<-------------------------|Member|
| |------------------------->| C |
| | Set Member State Reply --------
| |
| 6) Get Weights Request |
|------------------------>|
|<------------------------|
| Get Weights Reply |
| |
| | 7) Set Member State Req. --------
| |<-------------------------|Member|
| |------------------------->| C |
| | Set Member State Reply --------
| |
| 8) Get Weights Request |
|------------------------>|
|<------------------------|
| Get Weights Reply |
| |
Figure 32
1. The LB registers Members A, B, and C in a group named GRP1. The
GWM replies with no error.
2. The LB turns its trust flag on by issuing a Set LB State message:
LB Health: 0x00 Flags: 0000 0010
3. The LB sends a Get Weights message for GRP1 and gets the reply:
Members Opaque State Flags Weight
-------- ------------ --------- ------
Member A 0x00 0000 1101 20
Member B 0x00 0000 1101 40
Member C 0x00 0000 1101 5
4. Member A sends a Set Member State message with flags:
Members Opaque State Flags
-------- ------------ ---------
Member A 0x32 0000 0000
5. Member C sends a Set Member State message to quiesce itself with
the following flags:
Members Opaque State Flags
-------- ------------ ---------
Member C 0x0A 0000 0001
6. The LB sends the Get Weights message for GRP1 and receives the
following:
Members Opaque State Flags Weight
-------- ------------ --------- ------
Member A 0x32 0000 1101 20
Member B 0x00 0000 1101 40
Member C 0x0A 0000 1111 5
7. Member C sends a Set Member State message to resume (un-quiesce
itself) with the following flags:
Members Opaque State Flags
-------- ------------ ---------
Member C 0x0A 0000 0000
8. The LB sends a Get Weights message for GRP1 and gets the reply:
Members Opaque State Flags Weight
-------- ------------ --------- ------
Member A 0x32 0000 1101 20
Member B 0x00 0000 1101 40
Member C 0x0A 0000 1101 5
9.4. Example Flow 2: Set Load Balancer State, Application
Registration, and Load Balancer Group DeRegistration
Load Group Workload
Balancer Manager
| |
| 1) Set LB State Request |
|------------------------>|
|<------------------------|
| Set LB State Reply |
| |
| | 2) Registration Request --------
| |<-------------------------|Member|
| |------------------------->| A |
| | Registration Reply --------
| |
| | 3) Registration Request --------
| |<-------------------------|Member|
| |------------------------->| B |
| | Registration Reply --------
| |
| 4) Send Weights Mesg |
|<------------------------|
| |
| | 5) Registration Request --------
| |<-------------------------|Member|
| |------------------------->| C |
| | Registration Reply --------
| |
| 6) Send Weights Mesg |
|<------------------------|
| |
|7) Deregistration Request|
|------------------------>|
|<------------------------|
| Deregistration Reply |
| |
Figure 39
1. The LB sets its state with the Set LB State message and the
following parameters.
Health: 0x7F Flags: 0000 0011
2. Member A registers itself for work in GRP1 using the Register
message.
3. Member B registers itself for work in GRP1 using the Register
message.
4. The GWM issues a Send Weights message to the LB.
Members Opaque State Flags Weight
-------- ------------ --------- ------
Member A 0x00 0000 1001 20
Member B 0x00 0000 1001 40
5. Member C registers itself for work in GRP1 using the Register
message.
6. The GWM issues a Send Weights message to the LB.
Members Opaque State Flags Weight
-------- ------------ --------- ------
Member A 0x00 0000 1001 20
Member B 0x00 0000 1001 40
Member C 0x00 0000 1001 5
7. LB deregisters GRP1 by using the DeRegister message with the
Member Data Count = 0
9.5. Avoiding Single Points of Failure
o To avoid having a single point of failure at the load balancer, an
administrator may choose to have multiple load balancers in his or
her environment. SASP provides for the GWM to keep track of
multiple load balancers through the use of load balancer unique
identifiers (LB UIDs).
o To avoid having a single point of failure at the GWM or enhance
the load balancing strategy by utilizing the strengths of several
different GWMs, an administrator may choose to have multiple GWMs
in his or her environment. In this case, the load balancer would
connect to multiple GWMs and register the same groups with
corresponding members. The load balancer may choose to coordinate
the recommendations of each GWM by any method it chooses (e.g.,
statistical combination such as averaging). The coordination of
weights from multiple GWMs is product specific and not addressed
in this protocol.
10. Security Considerations
SASP is a binary stream expected to be transported over a TCP
connection. To secure this protocol, it is expected that
implementers of the protocol use a secure mode of transport such as
SSL/TLS. Discussions around security concerns have been listed
below:
Security Issue: In insecure environments, if the LB UID becomes
known by another system, the other system could initiate a
connection and send messages to the GWM causing the GWM to replace
the previous (possibly valid) connection for the new (potentially
bad) connection.
Solution: This may not be a concern if the load balancer and GWM are
in protected parts of the network. If the administrator is
concerned about this vulnerability, she should use SSL or TLS to
provide authentication for the connection. When using SSL or TLS
to secure the connection, the administrator SHOULD use both server
and client authentication through client and server certificates.
The GWM will trust any certificate that is signed by an authority
it's been configured to trust.
Security Issue: In insecure environments, if the load balancer turns
the Trust Flag on, any member or other system can send a
Registration Message and be included in the serverfarm to receive
work. A person with bad intentions and the correct information
could exploit this feature and register his own application to
receive work. His counterfeit application could capture valuable
data from unsuspecting clients as their transactions are sent to
his system.
Solution: This may not be a concern if the GWM and its members are
in protected parts of the network. If the administrator is
concerned about this vulnerability, she should use SSL or TLS to
provide authentication for the member connections. When using SSL
or TLS to authenticate the connection, the administrator would
need to explicitly install valid certificates on each component
while at the same time establishing the trusted certificates of
each component. This would make certain that only those trusted
components would be permitted to connect to the GWM.
11. Normative References
[RFC1700] Reynolds, J. and J. Postel, "Assigned Numbers", STD 2,
RFC 1700, October 1994.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006.
Appendix A. Acknowledgements
The author gratefully acknowledges contributions by Mark Albert,
David McCowan, John Fenton, Derek Huckaby, Dyan Collins, and Stefano
Testa. Mark Albert, David McCowan, John Fenton, Derek Huckaby, Dyan
Collins, and Stefano Testa were supported for this work by Cisco
Systems Inc.
The author would also like to thank John Arwe, Dave Bostjancic, Brian
Carpenter, Donna Dillenberger, Gus Kassimis, and Thomas Narten for
their efforts in the creation and refining of this work.
Author's Address
Alan Bivens
IBM T.J. Watson Research Center
19 Skyline Drive
Hawthorne, NY 10532
US
EMail: jbivens@us.ibm.com
Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78 and at www.rfc-editor.org/copyright.html, and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).