Enterprise load balancing
The enterprise load balancer dynamically allocates managed units to S-TAP® agents based on system load and availability.
Overview
- It dynamically rebalances loaded or busy managed units by relocating S-TAP agents to managed units with lower loads. It balances the load of a group of S-TAPs among a group of managed units.
- It dynamically manages failover and unavailable managed unit scenarios, relocating S-TAP agents to another managed unit, or units, in its associated group.
- It evaluates the load of managed units before it assigns those managed units to an S-TAP agent.
See the Load Balancer Events report to review all load balancing activity.
Enterprise load balancing is disabled by default on Guardium® systems.
Enterprise load balancer does not balance the number of S-TAPs, sessions, or traffic. It allocates and moves S-TAPs between managed units to avoid overloading the sniffer process on those Guardium systems. The result is that some managed units have more S-TAPs pointing to them than others.
How it works
The enterprise load balancing application works by collecting and maintaining up-to-date load information from all its managed units. This process is called load collection.
It uses the load information to create a load map. This load map provides the data that directs load balancing and managed unit allocation activities. For more information, see Viewing the enterprise load balancing load map.
Load collection errors from specific managed units are recorded in the Load Balancer Events report but do not interfere with the overall load collection and load balancing processes. However, failure to collect load information from a managed unit excludes that managed unit from participation in load balancing processes.
Failover groups
If an S-TAP is requesting a new managed unit to fail over to, the load balancer searches in the associated managed unit group for an available managed unit. If it cannot find a managed unit, it continues its search in the failover groups until it finds one. You can define multiple failover groups.
- The priority list must be sequential starting with 1.
- Multiple groups can have the same priority.
- The priorities cannot skip a level. For example, 1,1,2,3 is valid. However, 1,2,4,5 is invalid.
You must specify at least one associated managed unit group before you can specify a failover group association.