vADC Forum

Reply
New Contributor
Posts: 3
Registered: ‎04-10-2013
Accepted Solution

Multiport applications

Hello.  I'm evaluating stingray, and I'm none of my searches have turned up an answer about mutliport applications. 

We have an application that uses about 20 tcp.  Is there a way to define pools/virtual servers based on a range of IPs?

Thanks,

Matt

Frequent Contributor
Posts: 321
Registered: ‎11-29-2012

Re: Multiport applications

Hi Matt,

The core 'listener' for Stingray is a virtual server, and as you've probably discovered, a virtual server can listen for either TCP or UDP traffic on a named set of IP addresses (default is 'all IP addresses') and a single named port.

If you would like to listen for traffic on a range of IPs (same port), this is straightforward; check out the 'Listening On' setting of a virtual server.

If you would like to listen for traffic on a range of ports, this is more difficult; it's not a built-in capability of a Stingray virtual server.  You have a couple of options:

  • If the port range is small (up to 20 ports) it may be possible to configure multiple virtual servers, one per port.  Note that you can share configuration objects such as rules and pools to simplify management but nevertheless this approach becomes difficult to manage with a large port range and you may need to resort to the API to script the configuration

  • You can use an iptables approach to rewrite incoming traffic for the port range so that it's directed to a single virtual server:

iptables –t nat –A PREROUTING –p tcp --dport 6005:7004 –j REDIRECT --to-port=7777

This will rewrite traffic targeted at ports 6005 to 7004 so that it will be picked up by a virtual server listening on port 7777.  The virtual server can use the TrafficScript function 'request.getDestPort()' to determine the original port (before the rewrite) if necessary.  It's similar to the approach described in Transparent Load Balancing with Stingray Traffic Manager.

There are alternatives for some protocols/applications... Stingray already proxies FTP traffic (including the data connections) appropriately even though the data connections may use any of a range of ports, by virtue of our FTP protocol handler.  Some applications that use port ranges can be easily configured to use a single port (for security/firewall reasons) so this can be used to simplify the Stingray configuration too.

regards

Owen

New Contributor
Posts: 3
Registered: ‎04-10-2013

Re: Multiport applications

Thanks.  I was going to look at using puppet but it doesn't look that that's supported on the virtual appliance.  Any chance that puppet will be supported in the future?

thanks,

Matt

Contributor
Posts: 82
Registered: ‎11-29-2012

Re: Multiport applications

Hi Matt,

We have no immediate plans to support the Virtual Appliance with the Puppet module.  If enough people ask for it, then we can look into it of course.  Puppet relies heavily on an Agent running on the target nodes.  With the Virtual Appliance we cannot install this Agent.  There is a workaround this by using a Proxy but its not nearly as nice.

If you like Puppet look into using it with the software version of Stingray.  It automatically downloads, installs, and configures Stingray so the installation is really easy.  And I got a new version in the works that should making managing a web app as simple as 4 lines of code.

Faisal

New Contributor
Posts: 3
Registered: ‎04-10-2013

Re: Multiport applications

Faisal,

Thanks. I'll give it a shot.  I'm comfortable with linux but we don't have anyone else in my organization who is, so the appliance is really preferable.  I'll look into the API as well.

Matt

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.