Multi-Tier Load Balancing

The multi-tier load balancing feature enables you to create multiple levels of load balancing groups, called tiers. When one tier is unreachable, the system fails over to the next tier. You can have a maximum of three tiers. You must configure the tiers in order for example, you can’t have tier 3 without having tiers 1 and 2.

If you are new to to this concept, we recommend you to read article on load balancing.

The following parameters are tier-aware that is - their values can vary by tier:

To vary the values by tier, add the suffix .n to the parameter's name, where n is the tier number. You can opt to apply one value to all tiers by omitting the .n suffix.

Good examples

To set up different port configurations for tier1, tier2, and tier3, use the following settings:

• NAE_Port.1 =9000

• NAE_Port.2 =9000

• NAE_Port.3 =7000

To set up same port configurations for tier1 and tier2 and different port configuration for tier3, use the following settings:

• NAE_Port =9000 (tier 1 and tier 2 will use this port)

• NAE_Port.3 =8000 (configured for tier3)

Bad example

• NAE_Port.2 =9000

• NAE_Port.3 =7000

You can't set these values because, the there is no configuration available for tier1. You must configure the tiers in order.

How it works

The following steps describe what happens when the client attempts to connect to the multi-tier load balancing group for the first time:

1. The client creates a session. This in turn creates a new load balancer. The load balancer stores the NAE_IP, NAE_Port, KMIP_Port, Protocol, Connection_Timeout, Connection_Retry_Interval, and Unreachable_Server_Retry_Period` parameters.

   If persistent connections are enabled, the load balancer also creates a new connection pool for each server in the load balancing group. else, the connection pool is not created.

   Tip

   It is recommended to enable persistent connection.

2. The client requests a connection from the load balancer. For the first connection request, the load balancer chooses one of the available Key Managers at random and creates a connection. For future requests, the load balancer will apply the Load_Balancing_Algorithm to decide which Key Manager to use. The load balancer chooses server 1 on tier 1.

3. The client waits the duration of Connection_Timeout for a server1 response.

4. If server 1 does not respond within the timeout period. The client ignores server 1 for the duration of the Connection_Retry_Interval.

5. The client attempts to connect to server 2 on tier1.

6. The client waits the duration of Connection_Timeout for a response from server 2. The client can’t connect to any server on tier 1 within the Unreachable_Server_Retry_Period.

7. The client attempts to connect to a server on tier 2. For the first connection request, the load balancer chooses one of the available Key Managers at random and creates a connection. For future requests, the load balancer will apply the Load_Balancing_Algorithm to decide which Key Manager to use. The load balancer chooses server 1 on tier 2. The client will cycle through all of the Key Managers on all tiers until the Maximum_Server_Retry_Period expires.

8. The client obtains the connection from server 3 on tier 2.

9. The client uses the connection to send a cryptographic request to server 3.

10. Server 3 sends the response.

11. The client receives the response. The load balancer keeps the connection in the pool, if persistent connections are enabled. Otherwise, the connection is closed.

12. The client requests another connection. The load balancer uses the algorithm selected in Load_Balancing_Algorithm to decide which Key Manager to use. If persistent connections are enabled, the load balancer searches that Key Manager’s connection pool for an existing connection

Related parameters

• NAE_IP

• NAE_Port

• KMIP_Port

• Protocol

• Load_Balancing_Algorithm

• Connection_Timeout

• Connection_Retry_Interval

• Unreachable_Server_Retry_Period

For more information about these parameters, refer to Connection Parameters.