White paper

Load balancing basics

Updated 12-07
Table of Contents
Overview
Traditional load balancing..................................................................................................................... 3
Improving network traffic management................................................................................................. 4
Accelerating application performance................................................................................................... 4
Application-aware delivery.................................................................................................................... 6
Conclusion............................................................................................................................................7
About Citrix NetScaler...........................................................................................................................7

Glossary of terms
Appendix A............................................................................................................................................8
Overview
As the global business environment has evolved, companies have
significantly expanded their reliance on remote and mobile access
to business applications over the Internet. Applications that must
be available to employees in the field, in branch offices and in
home offices are increasingly delivered via a corporate intranet or
portal. Further, for many organizations, externally facing websites
are an integral component of day-in/day-out business interactions
with customers, suppliers and partners. In addition, due to the
incorporation of Web 2.0 functionality, applications have become
far more dynamic and interactive compared to their predecessors.
For all these reasons, businesses recognize they cannot function
effectively without a robust solution to ensure uninterrupted,
secure and high-performance access to network-based business
applications and corporate websites.
This reliance upon Internet-delivered applications has also
changed how businesses look at their underlying network
infrastructure. On one hand, organizations understanding of how
critical network infrastructure works has never been higher. On
the other, companies want to know explicitly how the network
is enhancing their ability to deliver new application services.
To a business, the networks value is not its own availability,
performance and security, but rather its ability to improve
the availability, performance and security of the businesses
applications it serves.
As such, networks must evolve from highways designed to push
packets into more-active participants in the end-to-end delivery of
application services. For this to occur, many components of the
network will need to evolve at a fundamental level.
Traditional load balancing
What has traditionally been known as load balancing is one such
component. Load balancers sit at a critical junction between users
and the applications they access, which are typically hosted on
servers. They are designed to evenly distribute among available
servers the user requests that come in over the network so an
individual server does not become overwhelmed with traffic. Basic
load balancers direct traffic based on Layer 4 the connection
layer of the Open System Interconnection (OSI) model. Layer 4
load balancers look at the packets addressing information IP
address and port number and must support:

Server health checks that determine whether individual servers
are up or down
Load balancing algorithms that determine which of the up
application servers will receive the request
The most common algorithm is a round-robin that prompts the
load balancer to go down the list of servers from top to bottom
and then begin again. However, this assumes all requests
will have a similar load and duration, and that all servers are
available. More-advanced algorithms use factors such as server
utilization level and current-connection counts to select the most
appropriate server.
Initially, load-balancing capabilities were built directly into the
application software or the operating system of the underlying
application server. These approaches transitioned into using
application-neutral, purpose-built, network-based appliances.
Network-based appliances enable load-balancing of all
applications, not just those with built-in functionality.
In addition to these advancements, the load balancing process
itself needs to evolve from simple packet delivery to application
delivery. The increasing demands for high availability, reliability
and security of application access are driving the need for
load balancers to provide not only traditional networking traffic
management functions, but also a comprehensive set of network-
level and application-level services.
To ensure the business is getting the investment protection to
meet both near and longer-term requirements, todays load-
balancing solutions should provide the following functionality as
part of either the base offering, or as post-deployment software
upgrades:
Network traffic management functionality to ensure application
availability and even distribution of load across a server farm or
multiple farms
Application acceleration functionality to accelerate application
performance by 5X or more
Application-aware delivery functionality to protect applications
and their data, control access and monitor end-user
performance
Improving network traffic management
Layer 4 load balancing
Directing traffic based upon IP address and port number has
become standard functionality, but that doesnt diminish its
importance. Solutions must support a wide variety of load-
balancing algorithms that direct traffic based upon network, server
and application loads.
Session persistence: In some cases it is important to have a
single server handle all of a users transactions for the length of
that session. The obvious one is online shopping. Regardless
of how the user jumps around looking at brochure content,
their shopping cart entries have to go to the same place all
the time. Session persistence ties the requests from one
client to the same server node. Common functionality used
to maintain session persistence includes cookies and header
IDs. However, maintaining persistence for the latest generation
of applications can require basing persistence on application-
specific content (e.g., a transaction ID in an XML document)
carried in the payload body.
Server health monitoring: Health checks to ensure a servers
availability can prevent directing of a request to a failed server.
At a basic level, the load balancer can keep checking the
server port to determine its status. However, just because
the network and server are responding doesnt mean the
application itself is available. Solutions should be able to
check the health of the applications themselves when marking
servers or services up or down.
Layer 7 request switching
To advance to the next generation of traffic management,
load balancers began to use Layer 7 of the OSI model the
application layer to read the packet payload instead of just
the addressing information to determine the best place to send
the traffic. Content switching at Layer 7 provides intelligent traffic
management, enabling application-layer information such as client
type, requested URL, cookie information and application software
usage to be used to optimize delivery, without requiring changes
to Layer 4 network addressing.
Switching at Layer 7 instead of at the connection level (Layer
4) enables better utilization of server resources. For example,
because different types of content have different requirements
for CPU usage, I/O throughput, etc., it is possible to increase
efficiency by using some servers to handle transactions, and
others to provide storage or other functions. Also, with Layer 7
request switching, certain users can be directed to higher-power
servers to provide the highest service level.
Global server load balancing
In addition to enhancing load balancing with Layer 7 request
switching, organizations can benefit from global server load
balancing (GSLB) across the entire enterprise. GSLB balances
requests from users across a geographically distributed set of
server farms based on health, load or proximity. Effective solutions
support several load-balancing algorithms (e.g., least response
time, least packets), as well as geographic proximity and network
proximity, to intelligently distribute the load across multiple
datacenters. GSLB gives network administrators the ability to
provide high availability and optimal application performance
for remote users worldwide. Other benefits include reducing
bandwidth costs and latency.
As part of a comprehensive business continuity solution, global
server load balancing transparently ensures that requests are
routed only to datacenters or failover sites that are operating
normally. GSLB technology gives IT administrators the ability
to create policies defining site health based upon site status,
connection load and packet rate. By continuously monitoring
the health of each datacenter and associated network links,
GSLB solutions maintain a global view of the entire hosting
infrastructures status. In the event that a hosting site cannot
meet the criteria of the health policy, further incoming requests
are automatically directed to sites still deemed healthy. When
availability is restored, new requests are transparently directed
back to the original site.
High application availability with Global Server Load
Balancing
A U.S. beverage company needed a solution to load-
balance requests from global users to access a mission-
critical application over the web. Through global server
load balancing capability, the solution directs user
requests to the optimal server, provides high availability,
maximizes server resources, and provides traffic
management for the companys multi-site enterprise.
Accelerating application performance
Initially, users were willing to accept slow application performance
in exchange for the convenient, widely available access the Web
provides. But not any more. Users now expect applications
delivered via the Internet to offer performance similar to that of
locally deployed applications. The flexibility to add functionality

that accelerates application performance has become critical
in meeting the larger business goal of successfully delivering
applications over the Internet.
All too often, problems with application performance are deemed
to be a function of server hardware after network infrastructure
has been ruled out. Although the server has a direct impact on
processing performance, it is not necessarily directly related to
application performance. There needs to be a distinction between
processing and application performance. Simply increasing
processing power in a server may have little or no effect on
application performance and scalability. The same may be said for
adding load-balanced servers to cope with increased load.
Offloading tedious or repetitive processes from application servers
can free them to perform their main functions of serving content.
Offloading also enables servers to scale up beyond their original
capacity while accelerating application content delivery.
Following are important technologies that can enhance basic
load balancing by reducing server workload and accelerating
application performance:
Caching: Caching static content can help relieve the burden
on servers. However, more and more applications rely upon
content that is dynamically generated each time a request is
made. In many cases, the same content (e.g., sales reports)
is repetitively generated for every user. The load balancer
can store content in a cache so that some requests can be
handled without contacting the server. Caching dynamic
content can accelerate application performance by up to 30X.
Using caching to optimize server performance
A government organization overseeing public transport
was experiencing huge growth in traffic needed to ensure
its public website could cope with more users, as well
as unpredictable spikes in Web traffic. Because much
of the information requested on the site is repetitive, the
solution caches all commonly required content such
as HTML, images, PDFs, JavaScript and XML. Removing
this burden from the Web server infrastructure optimized
existing servers and considerably improved response
times. Up to 40 percent of all server requests are
delivered entirely from the cache.

Compression: Compressing content minimizes the amount of
data that must traverse the wire and also decreases the back
and forth overhead of TCP that is so sensitive to latency.
Network congestion is reduced, and applications can be
accelerated by three to five times.
SSL Offload: Offloading encryption/decryption onto a
dedicated device to reduce datacenter costs removes the
burden of SSL processing from the server. Offloading can
significantly lower CPU utilization and even enable fewer
servers to handle application loads.
TCP Multiplexing: TCP overhead can slow any applications
performance. TCP optimization reduces the number of client
connections each application server has to deal with while
optimizing server response. The result is a server that can
support an increased number of users. This can extend the life
of existing hardware while delivering application content with
much better performance.
Reducing server load with TCP multiplexing
An online media provider sought a way to support
dramatic increases in online traffic during major
sports events without over-investing in servers. A TCP
multiplexing solution that consolidated multiple user TCP
sessions into fewer sessions on the Web servers allowed
the servers to focus on processing user requests. As
a result, the servers load dropped dramatically, while
throughput experienced a strong increase all without
the cost of adding more servers. The company was able
to reduce the number of servers required to support its
Web site by 66 percent.
TCP optimization: Latency, network congestion and TCP
overhead can slow any applications performance. In order to
minimize the unnecessary TCP transmissions and round trips
that increase network congestion, solutions should support
network optimizations such as limited transmit and fast
retransmit, windows scaling, selective acknowledgement and
TCP buffering.
Application-aware delivery
For networks to provide true business value, they must advance
from merely transporting network packets from point A to point
B to actively improving the applications themselves. To do this,
solutions must be able to inspect all aspects of application traffic,
take action based upon this inspection, and potentially change
or act on behalf of the applications themselves. With these
capabilities, the network becomes an enabler of overall business
agility and flexibility.
One of the most important capabilities is improved application
security. Network firewalls and authentication solutions have
largely secured the network itself. However, applications
themselves remain surprisingly vulnerable to attack. Cross-site
scripting, buffer overflows, SQL injection and other common
hacking techniques are continually used to steal valuable customer
and corporate data from applications.
As application services are rolled out to employees, agents,
customers and contractors on a global basis, the need to finely
control which users have access to which functions in which
applications has increased. SSL VPNs have emerged as the de
facto method for providing trusted application access. Integrating
SSL VPNs and application security with load balancing and traffic
management strengthens end-to-end application security and
simplifies the IT infrastructure. Another important functionality that
improves application delivery is end-user performance monitoring
solutions.
SSL VPN with granular access control: With the prevalence
of Internet threats, organizations need to control who is
accessing corporate applications and what actions they are
taking with each application. By integrating special SSL VPN
technology with granular access control into a load-balancing
solution, administrators can control both access and actions
(such as downloading, printing or saving) of remote and mobile
users who want to connect to applications over the Internet,
mitigating the risk of opening the corporate network to threats.
Application firewall: With over 70% of successful Internet
attacks now exploiting application vulnerabilities, network
firewalls are not enough. Standard firewalls are designed to
restrict access to certain ports or services that an administrator
doesnt want unauthorized people to access. In contrast,
application firewalls are often called deep packet inspection
firewalls because they look at all content within every request
and response. Some application firewalls look for certain
attack signatures to try to identify a specific attack that an
intruder may be sending, but this only protects against known
attacks. True application-layer defense protects against known
and unknown attacks.
Improved security of access by home-based workers
A newspaper publishing company wanted to enable
employees to connect to network resources from
home computers to meet tight deadlines without
compromising security. An advanced SSL VPN solution
allows IT administrators to define granular access
policies for different users. End-point analysis allows
them to thoroughly check each device that connects to
the network and ensure it meets security requirements.
With these security capabilities the company agreed
to let workers monitor content and make changes
necessitated by late-breaking news from home. Work is
performed more quickly, deadlines are met and people
do not have to drive into the office.
In many respects, the final frontier of successful application
delivery is obtaining direct feedback on how the applications
themselves are performing. Ultimately, applications and networks
are only as good as the perception of the people who use
them. Directly monitoring end users actual experience with an
application is critical to understanding how effectively users are
served, and how well the network is working. The point in the
network where load balancers are traditionally deployed is an ideal
junction for performing this monitoring. As such, solutions should
provide the ability to directly and transparently measure and track
end-user performance.

Conclusion Application-aware delivery: NetScaler protects applications
from application-layer attacks, helping to prevent the theft
Fundamental changes are affecting networks, particularly the and leakage of valuable corporate and customer data. The
sweeping transformations of Web 2.0. Because Web 2.0 is latest version, 8.0, includes application firewall technology
driving greater user participation, openness and network effects, that proactively protects against application-layer attacks
tomorrows networks will require infrastructure that is agile, flexible and helps prevent theft and leakage of valuable corporate
and dynamic. Is your organization prepared for these changes with and customer data. It also includes real-time and historical
a load-balancing solution that can optimize application performance, page-level monitoring of the end-user experience with
ensure high application availability and provide tools to safeguard application performance. NetScaler 8.0 makes secure access
data and improve the application experience? Citrix NetScaler to applications easier by tightly integrating SSL technology
offers a powerful and comprehensive solution to these challenges. that automatically responds to each user scenario with the
appropriate level of application access, including control of
actions such as print, save and edit.
About Citrix NetScaler
Citrix NetScaler from Citrix Systems, Inc., is an ideal solution
for any enterprise organization seeking basic and advanced load
balancing capability combined with application performance
enhancement, improved application security and increased
application availability for users. Citrix NetScaler integrates all the
critical functionality of Layer 4-7 network traffic management,
application acceleration and application-aware delivery in a single
appliance.

Load balancing: NetScaler delivers fine-grained direction of

client requests to ensure optimal distribution of traffic to servers.
In addition to Layer 4 addressing information (protocol and
port number), traffic management policies can be based on
application content. For example, administrators can segment
application traffic based upon information contained within
an HTTP request body or TCP payload, as well as Layer 4-7
header information such as URL, application data type or
cookie. Numerous load-balancing algorithms and extensive
server health checks provide greater application availability by
ensuring client requests are directed only to correctly behaving
servers.

Web application acceleration: Citrix NetScaler accelerates

Web application performance by up to five times by leveraging
multiple acceleration technologies including data compression
and caching of static and dynamic content. NetScaler TCP
optimizations overcome the issues caused by high latency
and congested network links and are transparent to clients
and servers, accelerating the delivery of any application while
requiring little or no configuration.


Appendix A

Glossary of terms
Application firewall An enhanced firewall that limits access to the operating system (OS) of a computer. Conventional firewalls merely
control the flow of data to and from the central processing unit (CPU), examining each packet and determining whether or not to forward it
toward a particular destination. An application firewall offers additional protection by controlling the execution of files or the handling of data
by specific applications.

Application-layer attack Targets application servers by deliberately causing a fault in a servers operating system or applications, which
results in the attacker gaining the ability to bypass normal access controls.

Caching Local storage of remote data on a file server, which is designed to reduce network transfers and therefore increase speed of
download.

Compression Encoding data to take up less storage space and less bandwidth for transmission.

Content switching Allows traffic management to be based on application-layer content such as the information contained in the body of
a TCP or HTTP request.

Global server load balancing, GSLB, (also known as global traffic management) The load balancer distributes load to a
geographically distributed set of server farms based on health, server load or proximity.

Layer 4 (Transport layer of the Open System Interconnection model) Provides transparent transfer of data between end systems,
or hosts, and is responsible for end-to-end error recovery and flow control.

Layer 7 (Application layer of the Open System Interconnection model) Defines the services that directly support applications, such
as software for network management, electronic mail or file transfers. It interfaces directly to and performs common application services for
the application processes.

Load balancing A technique performed by load balancers to spread work between many computers, processes, hard disks or other
resources in order to get optimal resource utilization and decrease computing time.

SSL offloading Relieves a Web server of the processing burden of encrypting and/or decrypting traffic sent via SSL, the security
protocol that is implemented in every Web browser. The processing is offloaded to a separate device designed specifically to perform SSL
acceleration.

SSL VPN Provides a comprehensive, secure remote access technology for remote users without the use of additional remote client
software, but instead uses common client technology and industry-standard Secure Sockets Layer technology for content privacy.

TCP optimization Reduces the number of client connections each application server has to deal with while optimizing server responses.

Web 2.0 applications Deliver software as a continually updated service that gets better the more that people use it, consuming and
remixing data from multiple sources including individual users.

Web server farm A redundant cluster of several Web servers serving a single IP address.


 Citrix Worldwide
Worldwide headquarters

Citrix Systems, Inc.

851 West Cypress Creek Road
Fort Lauderdale, FL 33309
USA
T +1 800 393 1888
T +1 954 267 3000

Regional headquarters

Americas
Citrix Silicon Valley
4988 Great America Parkway
Santa Clara, CA 95054
USA
T +1 408 790 8000

Europe
Citrix Systems International GmbH
Rheinweg 9
8200 Schaffhausen
Switzerland
T +41 52 635 7700

Asia Pacific
Citrix Systems Hong Kong Ltd.
Suite 3201, 32nd Floor
One International Finance Centre
1 Harbour View Street
Central
Hong Kong
T +852 2100 5000

Citrix Online division

5385 Hollister Avenue
Santa Barbara, CA 93111
USA
T +1 805 690 6400

www.citrix.com

Notice
The information in this publication is subject to change without notice. THIS PUBLICATION IS PROVIDED AS IS WITHOUT
WARRANTIES OF ANY KIND, EXPRESSED OR IMPLIED, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE OR NON-INFRINGEMENT. CITRIX SYSTEMS, INC. (CITRIX), SHALL NOT BE LIABLE FOR TECHNICAL
OR EDITORIAL ERRORS OR OMISSIONS CONTAINED HEREIN, NOR FOR DIRECT, INCIDENTAL, CONSEQUENTIAL OR ANY
OTHER DAMAGES RESULTING FROM THE FURNISHING, PERFORMANCE, OR USE OF THIS PUBLICATION, EVEN IF CITRIX
HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE. THE USE CASES IN THIS PAPER ARE PROVIDED
ONLY AS POTENTIAL EXAMPLES AND YOUR ACTUAL COSTS AND RESULTS MAY VARY.

About Citrix
Citrix Systems, Inc. (Nasdaq:CTXS) is the global leader and the most trusted name in application delivery infrastructure. More than
200,000 organizations worldwide rely on Citrix to deliver any application to users anywhere with the best performance, highest
security, and lowest cost. Citrix customers include 100% of the Fortune 100 companies and 98% of the Fortune Global 500, as well
as hundreds of thousands of small businesses and prosumers. Citrix has approximately 6,200 channel and alliance partners in more
than 100 countries. Annual revenue in 2006 was $1.1 billion.

2007 Citrix Systems, Inc. All rights reserved. Citrix and NetScaler are trademarks or registered trademarks of Citrix Systems, Inc. and/or one or more of its
subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property
of their respective owners.

PDF-12-07

www.citrix.com