Load Balancer Policy Configuration

The lbp-config configuration element manages the SLB endpoint table. It also creates and manages a list of service interfaces (signaling addresses) that are advertised to endpoints comprising the user access population.

Use the following procedure to perform required lbp-config configuration.

  1. From superuser mode, use the following ACLI command sequence to access lbp-config configuration mode. While in this mode, you configure the lbp-config configuration element. 
    ORACLE# configure terminal
ORACLE(configure)# session-router
ORACLE(session-router)# lbp-config
ORACLE(lbp-config)#?
state                               lbp state
log-level                           configure log level
untrusted-grace-period              Untrusted grace period
max-untrusted-percentage            Maximum untrusted endpoints percentage
max-untrusted-upper-threshold       Maximum untrusted endpoints upper
                                    threshold
max-untrusted-lower-threshold       Maximum untrusted endpoints upper
                                    threshold
endpoint-capacity-upper-threshold   endpoint capacity upper threshold
endpoint-capacity-lower-threshold   endpoint capacity lower threshold
red-port                            lbp redundant sync port: 0 to disable
                                    and 2000 to enable
red-max-trans                       maximum redundancy transactions to keep
                                    on active
red-sync-start-time                 timeout for transitioning from standby
                                    to active
red-sync-comp-time                  sync request timeout after initial sync
                                    completion
port-aware-balancing                Include endpoint source port, in addition 
                                    to the source IP address if NAT is used 
options                             optional features/parameters
strategy                            Configure the balancing strategy
select                              select lbp config
no                                  delete lbp config
show                                show lbp config
done                                save lbp config information
exit                                return to previous menu
ORACLE(lbp-config)#
  2. Use the state parameter to enable or disable the SLB software.

    The default setting, enabled, enables SLB functionality; disabled renders the SLB inoperable. 

    ORACLE(lbp-config)# state enabled
ORACLE(lbp-config)#
  3. Use the log-level parameter to specify the contents of the SLB log.

    Log messages are listed below in descending order of severity.

    • emergency — the most severe
    • critical
    • major (error)
    • minor (error)
    • warning
    • notice
    • info — (default) the least severe
    • trace — (test/debug, not used in production environments)
    • debug — (test/debug, not used in production environments)
    • detail — (test/debug, not used in production environments)

    In the absence of an explicitly configured value, log-level defaults to critical, meaning that log messages with a severity of critical or greater (emergency) are written to the LBP log. 

    ORACLE(lbp-config)# log-level critical
ORACLE(lbp-config)#
  4. Use the untrusted-grace-period parameter to specify the maximum time, in seconds, that a forwarding rule is retained by the SLB before it is confirmed with a promotion message from the OCSBC that received the untrusted endpoint. Refer to the Balancing section for message details

    In the absence of an explicitly assigned value, the SLB provides a default setting of 32 (seconds). If this time period elapses without a promotion message arriving to confirm this user, the SLB deletes the entry.

    Setting this parameter to 0 allows untrusted/unconfirmed entries to exist indefinitely without aging out. 

    ORACLE(lbp-config)# untrusted-grace-period 32
  5. Use the max-untrusted-percentage parameter to specify the percentage of the overall endpoint population that is reserved for untrusted users.

    The default setting is 20 (percent); supported values are integers within the range 1 through 100.

    This percentage is applied to the overall remaining occupancy of the SLB after trusted (confirmed) users are accounted for. For example, when empty, the SLB holds two million forwarding rules; assuming the default setting, at most 400,000 rules are reserved for untrusted rules. By the time one million users have been promoted, 20% of the remaining space means that up to 200,000 entries can be used for untrusted users. 

    ORACLE(lbp-config)# max-untrusted-percentage 20
  6. Use the max-untrusted-upper-threshold parameter to specify a threshold level at which the SLB (1) raises an alarm, and (2) issues an SNMP trap reporting an excessive number of untrusted endpoints within the entire endpoint population.

    This parameter, which has a default setting of 80 (percent), is calculated as a percent of max-untrusted-percentage. For example, assuming default settings for both parameters, the SLB raises an alarm and issues an SNMP trap when the percentage of untrusted endpoints attains 16%. 

    ORACLE(lbp-config)# max-untrusted-upper-threshold 80
  7. Use the max-untrusted-lower-threshold parameter to specify a threshold level at which the SLB (1) clears the existing untrusted endpoint alarm, and (2) issues an SNMP trap reporting alarm clearance.

    This parameter, which has a default setting of 70 (percent), is calculated as a percent of max-untrusted-percentage. For example, assuming default settings for both parameters, the SLB clears an alarm and issues an SNMP trap when the percentage of untrusted endpoints falls to 14%. 

    ORACLE(lbp-config)# max-untrusted-lower-threshold 70
  8. Use the endpoint-capacity-upper-threshold and endpoint-capacity-lower-threshold parameters to implement license-based management and monitoring of the SLB endpoint counts.

    endpoint-capacity-upper-threshold specifies a threshold level at which the SLB (1) raises an alarm, and (2) issues an SNMP trap reporting an excessive number of active endpoints.

    This parameter, which has a default setting of 80 (percent), is calculated as a percentage of the endpoints allowed by the installed SLB license.

    endpoint-capacity-lower-threshold specifies a threshold level at which the SLB (1) clears the existing endpoint alarm, and (2) issues an SNMP trap reporting alarm clearance.

    This parameter, which has a default setting of 70 (percent), is calculated as a percentage of the endpoints allowed by the installed SLB license. 

    ORACLE(lbp-config)# endpoint-capacity-upper-threshold 80
ORACLE(lbp-config)# endpoint-capacity-lower-threshold 70
ORACLE(lbp-config)#
  9. Enable port-aware-balancing to include endpoint source port, in addition to the source IP and destination service representation when looking up a unique EPT prior to forwarding towards the OCSBC cluster. Choices are enabled and disabled. Default is disabled.
    Reboot all SLBs and OCSBCs when enabling or disabling this parameter. 
    ORACLE(lbp-config)# port-aware-balancing enabled
ORACLE(lbp-config)#

WARNING:

The user must reset the deployment's endpoint tables upon any change to this parameter to establish entry consistency. Reboot or, in the case of devices operating in HA mode, dual reboot all systems affected by changes to this parameter.

  1. Set your preferred strategy to determine how the SLB distributes new end-points to the OCSBCs. Choices include capacity-proportional and least-occupied. The default is least-occupied. 
    ORACLE(lbp-config)# strategy least-occupied
ORACLE(lbp-config)#
  2. Use done, exit, and verify-config to complete configuration of this load-balancer-policy configuration element.