Load Balancing Digest

I think there are many people confused with the term “web switch”. I was definitely one of them, so I think it might help to explain what the term means.

Part of the confusion for the term “web switch” stems from the fact that many Layer 7/web switch devices also act as a Layer 2 switch. Alteon, Foundry, and Arrowpoint/Cisco CSS are all Layer 2 switches that also do Layer 7 load balancing. This would imply that web switches are Layer 2 devices that are capable of Layer 7/HTTP/web operations. Which is partly true, but not entirely the case. There are some web switches (such as KEMP’s LoadMaster series) that cannot do any Layer 2 switching operations. They’re pure Layer 4-7. So if web switches aren’t Layer 2 switches that do load balancing, what are they?

Web switching, as a term, refers to the ability of a network device to send traffic to different servers depending upon web (HTTP) parameters. Common methods of differentiation include the URL (”/images” versus “/content”) and HTTP cookies.

These terms are based on the 7-layer OSI model, which is the layered abstraction used in design of computer internetworking. While there are seven distinct layers, with reference to load balancers and modern implementations, there are essentially only five: Media, Data Link, Network, Transport, and Application (layers 1 through 4 and layer 7). The Session, Presentation, and Application layers (layers 5, 6 and 7) are, for most intents and purposes, treated as a single layer and referred to simply as the Application Layer (or more commonly, Layer 7).

There are certain devices or objects associated with these OSI Layers in the modern data center:

• Layer 1: Ethernet, optical fiber cables
• Layer 2: Switches, hubs, bridges
• Layer 3: Routers
• Layer 4: Typically handled by routers and firewalls, often in the form of NAT, ACLs, or firewall rules
• Layer 5-7: Load balancers, application firewalls, proxy servers, app servers, web servers

An Ethernet switch will “switch” an Ethernet frame to a specific port, based on a directory of address and port associations that it keeps (the MAC table). If a frame comes in on port 1 of a 6 port switch, destined for a machine with an Ethernet address off “aaaa.aaaa.aaaa”, and the switch knows there’s a system with that address on port 5, it will “switch” that frame to port 5 (without sending that frame to any other ports).

In the same way, a web switch will “switch” an HTTP connection to a specific server, based on load balancing algorithms and/or persistence. A connection comes in with an existing persistence cookie, the load balancer knows to send that connection to server 2, so it “switches” that connection to server 2.

It would also be correct, using the same comparative terminology, to use the term “web router” (but that just sounds silly) or “HTTP connection facilitator” (even sillier).

To further confuse the terminology, web switches can be familiar with more than just HTTP/HTTPS. They’re often aware of other protocols, such as RDP, SIP, RTSP, FTP, and other protocols. Which would mean they’re also RDP switches/SIP switches/etc. I haven’t seen those terms used, but they would be correct, at least as much as the term web switching is correct.

The term web switching is interchangeable (more or less) with the term server load balancer, application delivery controller, and Layer 7 load balancer. Application Delivery Controller is more in vogue now, although they’re often referred to as simply load balancers. Various vendors will use any (or all) of those terms, depending on the sales collateral/documentation that you see. I hope this helps clear up some of the confusion in the industry.