JP2006277569A - Load distribution system, load distribution device, real server and load distribution method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent all communication data between a client and a server from concentrating in a load distribution device and to enable an IP address conversion to be unnecessary in the load distribution device. <P>SOLUTION: The load distribution device 16 has real servers 12-1 to 12-3 and a network address existing in the same segment, and receives communication data sent to a real server in which a first IP address common to the real servers 12-1 to 12-3 from the client 11 is a destination IP address, as a substitute. The load distribution device 16 selects the real server to transfer this communication data, and transfers the communication data to a physical address of the selected real server. The real servers 12-1 to 12-3 performs address solution for obtaining the physical address of the client 11 by a second IP address common to the servers 12-1 to 12-3. The real servers 12-1 to 12-3 transmit the communication data to the physical address with the first IP address as the transmitter IP address. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a load distribution system, a load distribution apparatus, a real server, and a load distribution method suitable for receiving a request from a client by a load distribution apparatus and distributing the request to any of a plurality of servers.

  In a client / server system, the load of a server (server computer) often becomes a bottleneck, and therefore, a method of increasing the number of servers and distributing the load is employed. In this system, a load balancer that provides a function to distribute requests from clients (client computers) is used so that a specific server among a plurality of servers does not become overloaded (for example, Patent Documents). 1).

  The flow of communication data from the client to the server in the client / server system using the load balancer is as follows. First, the client transmits communication data to the address of the virtual server on the load balancer. For this reason, the load balancer receives communication data from the client instead of a server that actually provides services to the client (hereinafter referred to as a real server). The load distribution apparatus converts the destination IP (Internet Protocol) address of the received communication data into the address of the real server, and distributes and distributes to the real server based on the load distribution algorithm.

  On the other hand, the flow of communication data from the real server to the client in the system is as follows. The real server sets the default gateway to the address of the load balancer itself (an address different from the address of the virtual server) so that communication data to be transmitted to the client passes through the load balancer. The load balancer converts the transmission source address to the virtual server address for the packet addressed to the client sent from the real server, and transmits it to the client.

In this way, the load distribution device receives a request for the real server and performs load distribution by making the client appear to be communicating with the address of the virtual server on the load distribution device.
JP-A-9-218842 (Claims 1 and 2, paragraphs 0028 and 0029)

  In the above-described prior art, all packets transmitted and received are concentrated on the load balancer. For this reason, communication load may become large. Moreover, since the load balancer performs IP address conversion for all packets sent and received, there is a possibility that the processing load will increase.

  The present invention has been made in view of the above circumstances, and its purpose is to prevent all communication data between the client and the server from being concentrated on the load balancer and to eliminate the need for IP address conversion on the load balancer. To provide a load distribution system, a load distribution device, a real server, and a load distribution method.

  According to one aspect of the present invention, there are a plurality of real servers that provide services to a plurality of clients, the plurality of real servers having a first IP address common to the plurality of real servers, There is provided a load distribution system including a load distribution device in which a real server and a network address exist in the same segment, and a service request from each of the plurality of clients is allocated to the plurality of real servers. The load balancer is a receiving means for receiving communication data, the receiving means for receiving, by proxy, communication data addressed to a real server whose destination IP address is the first IP address from the client, and communication data A first transmission means for transmitting, a load distribution processing means for selecting a real server to which communication data received by the reception means as a proxy is selected from the plurality of real servers, and a proxy for the reception means. Transfer processing means for transferring the communication data received by the first transmission means to the physical address of the real server selected by the load distribution processing means. Each of the plurality of real servers includes address resolution protocol processing means for performing address resolution for acquiring the physical address of the client with a second IP address for transmitting an address resolution protocol request different from the first IP address. And second transmission means for transmitting communication data having the first IP address as the transmission source IP address with respect to the physical address determined by the address resolution by the address resolution protocol processing means.

  In such a configuration, only communication data (communication packet) addressed to the real server from the client is transferred to any one of the plurality of real servers by the load balancer. On the other hand, the communication data addressed to the client transmitted by the real server is directly transmitted to the destination client regardless of the load balancer. For this reason, communication load can be reduced. In addition, the load balancer relays communication data addressed to the real server from the client and does not require IP address conversion unlike the prior art, so that no load processing load is required.

  The real server performs address resolution for acquiring the physical address of the client using a second IP address for address resolution protocol request transmission different from the first IP address. Thus, the entry data including the first IP address and the physical address of the load balancer generated in the address resolution protocol table (ARP table) by the client or the router by the proxy address resolution protocol of the load balancer is The entry data including the IP address of 1 and the physical address of the real server is prevented from being rewritten.

  Here, a proxy address resolution protocol processing means for returning a proxy address resolution protocol response including a physical address of the load balancer in response to an address resolution protocol request for the first IP address from the client is added to the load balancer. Then, the receiving means of the load balancer sends communication data from the client to the physical address of the load balancer returned to the client by the proxy address resolution protocol response from the client with the first IP address. In this case, the communication data may be received. In particular, it is better if the address resolution protocol processing means of the server does not respond to an address resolution protocol request for the first IP address from the client.

  In such a configuration, only the load balancer can notify the physical address of the load balancer in response to an address resolution protocol request for the first IP address from the client. As a result, the load balancer can receive communication data addressed to the real server using the first IP address from the client as a proxy.

  In addition, a load balancer side registration table for storing entry data including physical addresses of the plurality of real servers to which service requests are allocated and the first IP address is added to the load balancer. The load distribution processing means of the distribution apparatus extracts entry data including an IP address that matches the destination IP address of the communication data received by the reception means from the load distribution apparatus side registration table, and the extracted entry data If the physical address of the real server to which the communication data is to be transferred is selected from the physical addresses included in the server, the load can be distributed efficiently to a plurality of servers.

The receiving means of the load balancer is configured to receive communication data whose destination IP address is the IP address of the load balancer, while the following means are included in the transfer processing means of the load balancer: That is, when communication data is received by the receiving means, the means for determining whether the destination IP address of the communication data matches the IP address of the load balancer itself, and the IP address of the load balancer itself If the communication data does not match the IP address of the load distribution device itself and the means for passing the communication data to the Internet protocol layer and the higher protocol layer, the communication data is passed to the load distribution processing means Means for selecting the physical address of the transfer destination by means, and physical of the real server to which the communication data is to be transferred If the dress is unable selected by the load distribution processing means, may be given a means for discarding said communication data.
In such a configuration, the load balancer can perform normal communication using its own IP address.

  A server-side registration table that stores entry data including a physical address of the load balancer in each of the plurality of real servers; a data link layer processing unit that performs data link layer processing in TCP / IP communication; In addition to the IP layer processing means for performing the IP layer processing in the TCP / IP communication, the communication data to be sent from the data link layer processing means to the IP layer processing means is received instead of the IP layer processing means. First receiving means for transmitting only packets having a physical address registered in the server side registration table as a transmission source address to the IP layer processing means when the received communication data is an IP packet. And communication data to be sent from the IP layer processing means to the data link layer processing means. A second receiving means for receiving instead of the data link layer processing means, and when the received communication data is an IP packet, a second receiving means for sending the IP packet as it is to the data link layer processing means is provided. And good. Here, further, the following data is sent to the address resolution protocol processing means of the real server, that is, the communication data received by the first receiving means is an address resolution protocol response packet including a target IP address and a target physical address. And means for converting the target IP address to the first IP address when the target IP address is the second IP address and the target physical address is the physical address of the real server; Means for sending an address resolution protocol response packet in which the target IP address is converted to the first IP address to the IP layer processing means; and whether the target IP address is not the second IP address or the target physical address is Physical server physical address And if the communication data received by the second receiving means is an address resolution protocol request packet including a target IP address and a target physical address, and the target Means for converting the source IP address to the second IP address when the IP address is the first IP address and the target physical address is the physical address of the real server; Means for sending an address resolution protocol request packet converted to a second IP address to the data link layer processing means, and whether the target IP address is not the first IP address or the target physical address is the real server Not a physical address The case, may be given a means for discarding the Address Resolution Protocol request packet.

  The server having such a configuration can be easily realized by causing a normal server having a TCP / IP communication function as a standard to execute a special program, and the server itself does not need to be a dedicated device.

  According to the present invention, communication data addressed to a real server from a client can be transferred to any one of a plurality of real servers by a load balancer without requiring conversion of an IP address. Communication data addressed to the client to be transmitted can be transmitted directly to the destination client regardless of the load balancer. That is, according to the present invention, it is possible to prevent all communication data between the client and the server from being concentrated on the load balancer, and to make IP address conversion on the load balancer unnecessary.

Embodiments of the present invention will be described below with reference to the drawings.
FIG. 1 is a diagram for explaining the basic configuration and operation principle of a load distribution system according to an embodiment of the present invention. In FIG. 1, a client 11 and a plurality of real servers that provide services to a plurality of clients including the client 11, for example, real servers 12-1, 12-2, and 12-3, are two networks 13 having different network addresses. And 14 are connected. The client 11 is connected to the network 13, and the real servers 12-1 to 12-3 are connected to the network 14. In FIG. 1, for convenience of drawing, one client 11 is connected to the network 13, but in general, many clients are connected to the network 13.

  The networks 13 and 14 are connected by a router 15. The router 15 has a routing function for connecting the networks 13 and 14 having different network addresses. Note that the router 15 is not required if the network addresses of the networks 13 and 14 are the same.

  A load balancer 16 is connected to the network 14. That is, the load balancer 16 exists on the same segment with the same network address. The load balancer 16 has an IP address “192.168.10.10” different from that of the real servers 12-1 to 12-3. On the other hand, the real servers 12-1 to 12-3 have an IP address “192.168.10.11” common to all servers, although they are different from the IP address of the load balancer 16.

  When the communication data (communication packet) addressed to the real server using the destination IP address “192.168.10.11” is transmitted from the client 11 (step S1), the load balancer 16 substitutes the communication packet addressed to the real server. Receive. The load balancer 16 forwards the packet received on behalf of one of the real servers 12-1 to 12-3 according to the load balancing algorithm (step S2).

  The real servers 12-1 to 12-3 that are load distribution targets by the load distribution device 16 include dedicated devices 120-1 to 120-3, respectively. The dedicated devices 120-1 to 120-3 of the real servers 12-1 to 12-3 set a common IP address “192.168.10.11” for all the real servers, and only the packets transferred from the load balancer 16 Process. The dedicated devices 120-1 to 120-3 further directly transmit the packets transmitted by the real servers 12-1 to 12-3 without relaying the load balancer 16 (step S3).

  In the load distribution system of FIG. 1, only packets transmitted by the client 11 pass through the load distribution device 16. On the other hand, packets transmitted by the real server 12-i (i = 1, 2, 3) do not pass through the load balancer 16. For this reason, the communication load on the load balancer, which is a problem of the conventional load balancer, can be reduced.

  In the load distribution system of FIG. 1, the client 11 directly transmits to the IP address of the real server 12-i. For this reason, IP address conversion in the load balancer 16 does not occur. Thereby, it is possible to prevent the processing load due to the IP address translation, which is a problem of the existing load distribution apparatus, from occurring.

  Next, in the system of FIG. 1, a method for transmitting a communication packet (communication data) from the client 11 to the real server 12-i through the load balancer 16 will be described with reference to the data flow diagram of FIG. explain.

  The load balancer 16 has an IP address “192.168.10.11” common to the real servers 12-1 to 12-3 and a MAC (Media Access Control) address (that is, a physical address) of the real servers 12-1 to 12-3 in advance. Assume that you know the combination.

  Assume that an ARP (Address Resolution Protocol) request for a common IP address “192.168.10.11” is transmitted from the client 11 to the real servers 12-1 to 12-3 (step S11). Since the load balancer 16 receives a packet addressed to the real server (a packet having an IP address of 192.168.10.11) as a proxy, it responds to the ARP request for the IP address of the real server with the proxy ARP (step S12). As a result, when the communication packet addressed to the real server (packet with the IP address 192.168.10.11) is transmitted from the client 11 (step S13), the load balancer 16 receives the packet addressed to the real server.

  The load balancer 16 receives a packet addressed to a real server (for example, a packet for a service request) based on a load balancing algorithm, and determines the actual load determined as a load distribution target among the real servers 12-1 to 12-3. Transfer to the MAC address of the server (step S14). Various algorithms for load distribution have been known in the past and are not directly related to the present invention, so that the description thereof is omitted.

  The dedicated device 120-i on the real server 12-i has a function of managing and controlling the communication of the real server 12-i, and the IP address “192.168.10.10” of the load balancer 16 and the load balancer 16 in advance. Assume that you know the MAC address.

  The dedicated device 120-i on the real server 12-i has a function of discarding the ARP request for its own IP address “192.168.10.11” and the ARP response for its own address. With this function, since the real server 12-i does not respond to the ARP request, the packet addressed to the real server from the client 11 is received by the load balancer 16. In this embodiment, all the real servers 12-i (i = 1, 2, 3) set a common IP address “192.168.10.11”. It is possible to prevent IP address conflicts between servers.

  The dedicated device 120-i on the real server 12-i receives the packet addressed to itself transferred from the load distribution device 16. If the source MAC address of the received packet indicates the load balancer 16, the dedicated device 120-i passes the received packet to the OS of the real server 12-i. On the other hand, when the source MAC address is other than the load balancer 16, the dedicated device 120-i discards the received packet.

  Next, regarding a method for transmitting a communication packet (communication data) from the real server 12-i (for example, the real server 12-1) to the client 11 without relaying the load balancer 16, the data flow diagram of FIG. The description will be given with reference.

  First, it is assumed that the IP address “192.168.10.12” for ARP request transmission is set in advance in the dedicated device 120-i on the real server 12-i. When transmitting a communication packet to the client 11, the dedicated device 120-i on the real server 12-i transmits an ARP request to the client 11 using the IP address “192.168.10.12” (step S 21). . The dedicated device 120-i on the real server 12-i receives the ARP response from the client 11 in response to this ARP request (step S22). The dedicated device 120-i is addressed to the client 11 based on the ARP response data. The communication packet is transmitted using the IP address “192.168.10.11” for communication packet transmission / reception common to the real servers 12-1 to 12-3 as the transmission source IP address (step S23).

  As described above, the real server 12-i switches between the IP address for communication packet transmission / reception and the IP address for ARP request and uses them by the proxy ARP of the load balancer 16 (the network 13 and the ARP table). In order to prevent the data created in the network address of the network 14, that is, when the segments are the same) or the ARP table of the router 15 (when the network addresses of the network 13 and the network 14, that is, when the segments are different) from being rewritten is there.

  If an ARP request is transmitted with the IP address “192.168.10.11” of the real server 12-i, as shown in FIG. 3, the ARP table 110 created by the proxy ARP with the MAC address of the load balancer 16 is stored. The data is rewritten to the MAC address of the real server 12-i. In this case, the next packet addressed to the real server is transmitted to the MAC address of the real server 12-i based on the data in the ARP table 110. In the present embodiment, all packets addressed to the real server need to be relayed by the load balancer 16, which is a problem.

  Therefore, in the present embodiment, as described above, the real server 12-i (the dedicated device 120-i above) transmits to the client 11 the ARP request transmission IP address “192.168.10.12” as the transmission source IP address. Send an ARP request. In this case, entry data including the IP address “192.168.10.12” for transmitting the ARP request is additionally registered in the ARP table 110 of the client 11 or the router 15 as shown in FIG. For this reason, the data created with the MAC address of the load balancer 16 by the proxy ARP is not rewritten. In this case, the next packet addressed to the real server is transmitted to the MAC address of the load balancer 16 based on the data in the ARP table 110.

  The above-described operation in the system of FIG. 1 will be organized and described with reference to the sequence chart of FIG. In FIG. 5, the client 11 transmits an ARP request for the common IP address “192.168.10.11” to the real servers 12-1 to 12-3 (step S31).

  Since the real server 12-i (the dedicated device 120-i above) performs communication by relaying through the load balancer 16, it stops responding to all ARP requests addressed to itself. Instead, when the load balancer 16 receives an ARP request from the client 11, it functions as a proxy ARP response means, and returns a response to the ARP request to the client 11 by the proxy ARP (step S32). As a result, the load balancer 16 notifies the client 11 of the MAC address of the load balancer 16 itself, not the MAC address of the real server 12-i. As a result, the MAC address of the load balancer 16 is registered in the ARP table 110 of the client 11 or the router 15 in association with the IP address “192.168.10.11” common to the real servers 12-1 to 12-3. Therefore, the communication data (communication packet) addressed to the real server from the client 11 is sent to the MAC address of the load balancer 16 and is received by the load balancer 16 (step S33).

  When receiving the communication data addressed to the real server, the load balancer 16 transfers the communication data from the MAC addresses of the registered real servers 12-1 to 12-3 based on the load balancing algorithm. 12-i is determined, and the received communication data is transferred to the determined MAC address of the real server 12-i (step S34).

  Then, the dedicated device 120-i on the real server 12-i receives communication data (communication packet) from the client 11. When the real server 12-i transmits communication data, the communication IP address “192.168.10.11” is used as the source IP address. In order for the real server 12-i to transmit communication data to the client 11, it is necessary to acquire the MAC address of the client 11 by an ARP request. However, this ARP request does not prevent the data (the MAC address associated with the IP address “192.168.10.11”) created in step S32 on the ARP table 110 of the client 11 or the router 15 from being rewritten. Don't be. Therefore, the dedicated device 120-i on the real server 12-i transmits an ARP request to the client 11 using the ARP transmission IP address “192.168.10.12” instead of the communication IP address “192.168.10.11”. Then, the client 11 returns an ARP response to the ARP request to the real server 12-i (step S36).

  The dedicated device 120-i on the real server 12-i uses the communication IP address “192.168.10.11” as the transmission source IP address based on the ARP response from the client 11 (step S36). The communication data addressed is transmitted (step S37).

  When the client 11 transmits communication data (communication packet) after data is created in the ARP table 110 of the client 11 or the router 15, the client 11 transmits a communication packet addressed to the real server based on the data of the ARP table 110. (Step S38). At this time, the data on the ARP table 110 is not rewritten in response to the ARP request from the real server 12-i (step S35). Received.

  The load distribution device 16 determines a real server to which the communication packet received from the real servers 12-1 to 12-3 is to be transferred based on the load distribution algorithm, and the received communication packet is determined. Transfer to the pre-registered MAC address of the real server (step S39).

  Next, a method for automatically creating a table holding entry data (address information) including a pair of an IP address and a MAC address of a real server on the load balancer 16 will be described with reference to the sequence chart of FIG. To do.

  The dedicated device 120-i on the real server 12-i transmits a packet transfer request (packet transfer request packet) by broadcast or multicast in order to acquire the MAC address of the load balancer 16 (step S41). This packet transfer request may be in any format as long as it uses data of a packet higher than the IP layer and can be identified as at least a packet transfer request, and is transmitted by broadcast or multicast. As an example, the packet transfer request may be a router solicitation packet of ICMP (Internet Control Message Protocol).

  When receiving the packet transfer request, the load balancer 16 transmits a packet transfer advertisement (packet transfer advertisement packet) to the source address of the IP address and MAC address of the received packet (step S42). This packet transfer advertisement may be in any format as long as it uses a packet of IP layer or higher and can be identified as at least a packet transfer advertisement, and is transmitted using the source address of the packet transfer request. As an example of the packet transfer advertisement, an ICPM router advertisement packet may be used.

  When receiving the packet transfer advertisement, the dedicated device 120-i on the real server 12-i sends a packet transfer registration request (registration request packet) to the source address of the IP address and MAC address of the received packet. Transmit (step S43). This registration request needs to use a packet of an IP layer or higher and include information on an expiration date. Here, the registration request (deregistration request to be described later) with an expiration value of 0 is used when the dedicated device 120-i on the real server 12-i explicitly requests to stop packet transfer. And Such a case corresponds to a case where the dedicated device 120-i on the real server 12-i detects a failure on the real server 12-i.

  After receiving the registration request from the dedicated device 120-i on the real server 12-i, the load distribution device 16 determines whether the request data is valid. If the request data is valid, the load balancer 16 newly registers or updates the registration (if already registered) with the registration request source real server 12-i as the load distribution target if the registration is successful. Thereafter, the load distribution device 16 transmits a registration response (registration response packet) indicating the start of packet transfer for load distribution to the IP address and MAC address of the registration request (step S44). This registration response needs to use a packet of the IP layer or higher, and needs to include information indicating registration success or failure. When the dedicated device 120-i on the real server 12-i receives the registration response, the dedicated device 120-i periodically transmits a registration request to the load balancer 16 thereafter.

  FIG. 7 shows an address flow among the packet transfer request packet 71, the packet transfer advertisement packet 72, the registration request packet 73, and the registration response packet 74. The arrows in FIG. 7 indicate that the next packet is generated by copying the address in the previous packet.

  For example, as the destination MAC address of the data link layer header of the packet transfer advertisement packet 72, the transmission source MAC address of the data link layer header of the packet transfer request packet 71 (the MAC address of the real server 12-i) is used. Similarly, the source IP address of the IP header of the packet transfer request packet 71 (IP address for transmitting / receiving communication packets of the real server 12-i) is used as the destination IP address of the IP header of the packet transfer advertisement packet 72. Further, the MAC address and IP address of the load balancer 16 are used as the source MAC address and source IP address of the packet transfer advertisement packet 72.

  The transmission source MAC address (the MAC address of the load balancer 16) of the data link layer header of the packet transfer advertisement packet 72 is used as the destination MAC address of the data link layer header of the registration request packet 73. Similarly, the source IP address of the IP header of the packet transfer advertisement packet 72 (the IP address of the load balancer 16) is used as the destination IP address of the IP header of the registration request packet 73. Further, the MAC address and IP address of the real server 12-i are used as the transmission source MAC address and IP address of the registration request packet 73.

  Further, as the destination MAC address of the data link layer header of the registration response packet 74, the transmission source MAC address (the MAC address of the real server 12-i) of the data link layer header of the registration request packet 73 is used. Similarly, the transmission source IP address of the IP header of the registration request packet 73 (the IP address of the real server 12-i) is used as the destination IP address of the IP header of the registration response packet 74. Further, the MAC address and IP address of the load balancer 16 are used as the source MAC address and source IP address of the registration response packet 74.

  When the load distribution device 16 receives a registration request packet having an expiration date other than 0 from the dedicated device 120-i, the load distribution device 16 additionally registers data in a table of address information including a pair of an IP address and a MAC address. The real server registered in this way is handled as one of servers that can be a load distribution target by the load distribution device 16.

  When the expiration date in the registration request packet is exceeded, the load distribution device 16 deletes the data specified by the registration request packet from the address information table and removes it from the load distribution target.

  Also, when receiving a registration request packet with an expiration value of 0, the load balancer 16 deletes the data specified by the registration request packet from the address information table and removes it from the load distribution target. .

  When the dedicated device 120-i on the real server 12-i receives the registration response packet and confirms that the registration is successful, the dedicated device 120-i starts communication relaying the load distribution device 16. Thereafter, the dedicated device 120-i on the real server 12-i maintains registration by periodically transmitting a registration request to the load balancer 16 at intervals within the registration expiration date.

  In normal communication, an ARP request / response by address is generally used to obtain an IP address and MAC address pair. However, in the present embodiment, the real server 12-i is stopped from transmitting the ARP request / response with the IP address for communication packet transmission / reception. For this reason, the load balancer 16 cannot know the MAC address of the real server 12-i unless it is manually registered from the beginning. Similarly, the real server 12-i cannot know the MAC address of the load balancer 16. However, in the present embodiment, the real server 12-i can inform the load balancer 16 of the MAC address and the IP address without using the ARP request / response by the procedure shown in FIGS. The real server 12-i itself can also acquire the MAC address and IP address of the load balancer 16.

  FIG. 8 is a block diagram showing the configuration of the load balancer 16. The load balancer 16 includes a network IF (network interface) 161, a data link layer processing unit 162, an IP layer processing unit 163, a transport layer processing unit 164, a registration table TBL1, and a session management table TBL2. . The load distribution device 16 also includes a packet transfer advertisement processing unit 165, a registration processing unit 166, a proxy ARP processing unit 167, a packet transfer processing unit 168, and a load distribution processing unit 169.

  The network IF 161 serves as an interface with the network 14 to which the load balancer 16 is connected. The network IF 161 includes an IF input unit 161a and an IF output unit 161b. The data link layer processing unit 162 includes a data link input unit 162a and a data link output unit 162b. The IP layer processing unit 163 includes an IP input unit 163a and an IP output unit 163b.

  Next, the operation of each unit in the load balancer 16 will be described sequentially. The IF input unit 161 a in the network IF 161 sends all communication data (communication packets) input via the network 14 to the data link input unit 162 a in the data link layer processing unit 162. The IF output unit 161 b in the network IF 161 transmits the communication packet output from the data link output unit 162 b in the data link layer processing unit 162 to the network 14.

  Here, the operation of the data link input unit 162a in the load balancer 16 will be described with reference to the flowchart of FIG. 9 and the data format of FIG. First, a communication packet (data link layer packet) input from the IF input unit 161a to the data link input unit 162a includes a packet 101 shown in FIG. 10A and a packet 102 shown in FIG. It is divided roughly into. The packet 101 includes a data link layer header, an IP header, and an IP payload. Data composed of an IP header and an IP payload is called an IP packet. On the other hand, the packet 102 is an ARP packet (ARP request / response packet) including a data link layer header and data of an ARP request / response (ARP request or ARP response). Both the data link layer headers of the packets 101 and 102 include a destination MAC address and a source MAC address.

  When the data link input unit 162a receives the communication packet input by the IF input unit 161a, the data link input unit 162a determines whether the packet (input packet) is the ARP packet 102 having the format shown in FIG. 10B (step S51). . If the input packet is the ARP packet 102, the data link input unit 162a converts the ARP packet 102 from which the data link layer header is removed (ARP request / response) into the ARP packet shown in FIG. 103 is sent to the proxy ARP processing unit 167 (step S52).

  On the other hand, if the input packet is not the ARP packet 102 (step S51), that is, if it is the packet 101 in the format shown in FIG. 10A, the data link input unit 162a indicates that the packet 101 is the packet shown in FIG. It is determined whether the packet is a packet transfer request packet (corresponding to the transfer request packet 71) (step S53). If the packet 101 is a packet transfer request packet, the data link input unit 162a sends the packet 101 as it is to the packet transfer advertisement processing unit 165 as the packet transfer request packet 104 shown in FIG. 10D (step S54). ). The IP payload of the packet transfer request packet 104 includes packet transfer request data.

  If the packet 101 is not a packet transfer request packet (step S53), the data link input unit 162a determines whether the packet 101 is a registration request packet (corresponding to the registration request packet 73 shown in FIG. 7). (Step S55). If the packet 101 is a registration request packet, the data link input unit 162a sends the packet 101 as it is to the registration processing unit 166 as the registration request packet 105 shown in FIG. 10E (step S56). Registration request data including an expiration date (value) is set in the IP payload of the registration request packet 105.

  On the other hand, if the packet 101 is not a registration request packet (step S55), the data link input unit 162a removes the data link layer header from the packet 101 as the IP packet 106 shown in FIG. The packet is sent to the packet transfer processing unit 168 (step S57).

  Next, the operation of the data link output unit 162b in the load balancer 16 will be described with reference to the flowchart of FIG. 11 and the data format of FIG. First, the data link output unit 162b receives the MAC address 111 and the IP packet 112 shown in FIG. 12 from the IP output unit 163b, the packet transfer advertisement processing unit 165, the registration processing unit 166, the proxy ARP processing unit 167, or the packet transfer processing unit 168. Receive. As the MAC address 111, a transmission destination MAC address is used. The data link output unit 162b generates a communication packet 113 shown in FIG. 12 used for communication in the data link layer from the MAC address 111 and the IP packet 112 (step S61). The packet 113 includes a data link layer header and the IP packet 112. The data link layer header includes a destination MAC address and a source MAC address. The data link output unit 162b sends the generated communication packet to the IF output unit 161b (step S62).

  Next, the operation of the packet transfer advertisement processing unit 165 in the load balancer 16 will be described with reference to the flowchart of FIG. 13 and the data format of FIG. The packet transfer advertisement processing unit 165 receives the packet transfer request packet 141 including the data link layer header shown in FIG. 14 from the data link input unit 162a. The packet transfer advertisement processing unit 165 uses the source IP address (IP address of the real server 12-i) of the received packet transfer request packet 141 (corresponding to the packet transfer advertisement packet 72 shown in FIG. 7). The packet transfer advertisement packet 143 shown in FIG. 14 is generated (step S71). The source IP address of the packet transfer request packet 141 is used as the destination IP address of the packet transfer advertisement packet 143, and the IP address of the load balancer 16 is used as the source IP address of the packet transfer advertisement packet 143. . The packet transfer advertisement processing unit 165 transmits the generated packet transfer advertisement packet 143 to the transmission source of the packet transfer request packet 141, so that the packet transfer advertisement packet 143 and the data link layer header of the packet transfer request packet 141 are displayed. The included source MAC address (the MAC address of the real server 12-i) is sent to the data link output unit 162b (step S72).

  Next, the operation at the time of registration request input of the registration processing unit 166 in the load balancer 16 will be described with reference to the flowchart in FIG. 15, the data structure example of the registration table TBL1 in FIG. 16, and the data format in FIG. When the registration request packet 171 shown in FIG. 17 is input from the data link input unit 162a (corresponding to the registration request packet 73 shown in FIG. 7 or the registration request packet 105 shown in FIG. 10), the registration processing unit 166 performs the registration. It is determined whether the registration request indicated by the request packet 171 is valid (step S81). If the registration request is not valid, the registration processing unit 166 determines registration failure and deletes the address information including the pair of the source MAC address and source IP address set in the registration request packet 171 from the registration table TBL1. (Step S82). As an example of the registration request packet 171 whose registration request is not valid, one including an expiration date value exceeding a predetermined upper limit (maximum expiration date) can be cited. If the address information including the MAC address and the IP address that match the transmission source MAC address and the transmission source IP address set in the registration request packet 171 is not registered in the registration table TBL1, nothing is performed in step S82. Not done.

  On the other hand, when the registration request indicated by the registration request packet 171 is valid, the registration processing unit 166 determines whether the value of the expiration date included in the registration request data in the registration request packet 171 is 0 ( Step S83). If the value of the expiration date is 0, the registration processing unit 166 sends the source MAC address (the MAC address of the real server 12-i) and the source IP address (the real server) set in the registration request packet 171. Address information including a pair with the IP address for 12-i communication packet transmission / reception, that is, the IP address for communication packet transmission / reception common to the real servers 12-1 to 12-3 is deleted from the registration table TBL1 (step S82). ). This means that the registration request packet 171 whose expiration date is 0 is used as a packet for requesting registration cancellation (registration cancellation request packet). Therefore, when the real server 12-i has its own failure, the communication data from the client 11 is transmitted by sending this registration cancellation request packet to the load balancer 16 to notify the failure of the real server 12-i. Can be prevented from being transferred to the real server 12-i by the load balancer 16.

  On the other hand, if the value of the expiration date is not 0, the registration processing unit 166 determines registration success, and address information including a pair of the source MAC address and the source IP address set in the registration request packet 171. Are additionally registered in the registration table TBL1 (step S84). This address information includes expiration date data included in the registration request data (IP payload) of the registration request packet 171. In this way, the entry data of the registration table TBL1 includes items of MAC address, IP address, and expiration date (see FIG. 16). The term of validity means a period during which a packet is transferred to a real server that is a target of load distribution by the load balancer 16. Is stopped. If the address information including the MAC address and IP address that match the source MAC address and source IP address set in the registration request packet 171 is already registered in the registration table TBL1, the above steps In S84, processing for changing (updating) the expiration date value of the address information to the expiration date value included in the registration request data in the registration request packet 171 is performed.

  When executing the step S82 or S84, the registration processing unit 166 uses the transmission source IP address (the address of the real server 12-i) of the registration request packet 171 (to the IP packet of the registration response packet 74 shown in FIG. 7). A registration response packet (IP packet) 173 shown in FIG. 17 (corresponding) is generated (step S85). In the IP payload of the registration response packet 173, registration response data including registration result data is set. Here, in the case of registration failure, data indicating that there is a problem with the expiration date is used as registration result data. On the other hand, in the case of successful registration, data indicating successful registration is used as registration result data. Further, in the registration response packet 173 corresponding to the registration request packet 171 whose expiration date is 0, data indicating successful registration cancellation is used as registration result data.

  The source IP address of the registration request packet 171 (the IP address of the real server 12-i) is used as the destination IP address of the registration response packet 173, and the load balancer 16 is used as the source IP address of the registration response packet 173. IP address is used. Since the registration processing unit 166 transmits the generated registration response packet 173 to the transmission source of the registration request packet 171, the registration processing unit 166 includes the registration response packet 173 and the data link layer header of the registration request packet 171 illustrated in FIG. 17. The transmission source MAC address 172, that is, the transmission source MAC address 172 of the registration request packet 171 is sent to the data link output unit 162b (step S86).

  In the example of the registration table TBL1 in FIG. 16, “192.168.10.110” exists in addition to “192.168.10.11” already described as the IP address of the real server. The reason will be described with reference to FIG.

  In the present embodiment, as a real server group (collection of real servers) to be subjected to load balancing by the load balancer 16, in addition to the real server group # 1 including the real servers 12-1 to 12-3 in FIG. As shown in FIG. 18, it is assumed that the real server group # 2 also exists. However, in FIG. 18, the real server 12-3 is omitted for the sake of drawing. The real server group # 2 includes real servers 12-5 and 12-6. The real servers 12-1 and 12-2 and the like belonging to the real server group # 1 each have a common IP address “192.168.10.11” for communication packet transmission / reception. On the other hand, the real servers 12-5 and 12-6, etc., belonging to the real server group # 2 each have a common IP address “192.168.10.110” for transmitting and receiving communication packets.

  In the example of FIG. 18, when a communication packet (communication data) addressed to the IP address “192.168.10.11” is transmitted from the client 11 as indicated by the arrow 181, the load balancer 16 transmits the communication data to the real server group # 1 to any real server belonging to 1. On the other hand, when a communication packet (communication data) addressed to the IP address “192.168.10.110” is transmitted from the client 11 as indicated by the arrow 182, the load balancer 16 transmits the communication data to the real server group. Transfer to any real server belonging to # 2. In this way, for each real server group, a unique IP address common to all real servers belonging to the real server group is set, so that the load balancer 16 treats each real server group as a load distribution target. be able to.

  The registration processing unit 166 periodically monitors the registration table TBL1, and deletes entry data (address information) whose expiration date is 0 from the registration table TBL1. The regular monitoring process of the registration table TBL1 by the registration processing unit 166 will be described with reference to the flowchart of FIG. Here, it is assumed that the second is used as the unit of the expiration date of the entry data registered in the registration table TBL1, and that the table TBL1 is monitored every second.

  The registration processing unit 166 takes out one entry data (address information) from the registration table TBL1 (step S91). The registration processing unit 166 determines whether the expiration date value included in the extracted data is 0 (step S92).

If the value of the expiration date is 0 (0 seconds), the registration processing unit 166 deletes the corresponding data from the registration table TBL1 (step S93). On the other hand, if the value of the expiration date is not 0, the registration processing unit 166 decreases the value of the expiration date included in the corresponding data in the registration table TBL1 by 1 (1 second) (step S94).
The registration processing unit 166 performs the above-described processing for all entry data in the registration table TBL1 (step S95), and ends the processing.

  When the real server 12-i confirms the registration success from the registration response packet returned from the load distribution device 16 in response to the registration request packet, the real server 12-i periodically requests registration at intervals within the registration expiration period as described above. The packet is transmitted to the load balancer 16. As a result, the real server 12-i can prevent the data including the MAC address and IP address of the real server 12-i from being deleted from the registration table TBL1, and maintain the registration of the real server 12-i. it can. If a failure occurs in the real server 12-i and the registration request packet cannot be transmitted periodically, the registration expiration date of the data including the MAC address and IP address of the real server 12-i is set. Since it expires, the registration processing unit 166 of the load balancer 16 deletes the data from the registration table TBL1 (step S93). That is, the load balancer 16 can detect the real server 12-i that cannot regularly transmit a registration request due to a failure. Thereby, it is possible to prevent the communication data from the client 11 from being transferred to the real server 12-i where the failure has occurred.

  Next, the operation of the proxy ARP processing unit 167 in the load balancer 16 will be described with reference to the flowchart of FIG. 20 and the data format of FIG. When proxy ARP processing unit 167 receives an ARP packet (corresponding to ARP packet 103 shown in FIG. 10) from data link input unit 162a, it determines whether the ARP packet is an ARP response packet (step S101). If the packet is an ARP response packet, the proxy ARP processing unit 167 sends the ARP response packet to the IP input unit 163a to be processed as normal TCP / IP communication data (step S102).

  In contrast, if the ARP packet is not an ARP response packet, that is, the ARP request packet 211 shown in FIG. 21, the proxy ARP processing unit 167 sends an ARP request for the IP address of the load balancer 16 to the ARP request packet 211. It is determined whether it is shown (step S103). The determination in step S103 is performed by determining whether the target IP address of the ARP request packet 211 matches the address of the load balancer 16.

  If the target IP address of the ARP request packet 211 matches the address of the load balancer 16, the proxy ARP processing unit 167 sends the ARP request packet 211 as it is to the IP input unit 163a, and performs normal TCP / IP It is processed as communication data (step S102).

  On the other hand, if the target IP address of the ARP request packet 211 does not match the address of the load balancer 16, the proxy ARP processing unit 167 receives the IP address of the real server 12-i (IP address for transmission / reception of communication packets, eg, “ In order to determine whether it is an ARP request for 192.168.10.11 "), the IP address on the registration table TBL1 is checked (step S104). In step S104, the proxy ARP processing unit 167 searches the registration table TBL1 for data including an IP address that matches the target IP address of the ARP request packet 211.

  If there is data including an IP address that matches the target IP address of the ARP request packet 211 (step S105), the proxy ARP processing unit 167 creates an ARP response packet 213 shown in FIG. 21 for the ARP request packet 211 ( Step S106). In the ARP response packet 213, the MAC address of the load balancer 16 is set as the source MAC address, and the IP address determined to match in the registration table TBL1 is set as the source IP address. Further, the source MAC address and the source IP address of the ARP request packet 211 are set in the target MAC address and the target IP address, respectively.

  When the proxy ARP processing unit 167 creates the ARP response packet 213, the proxy ARP processing unit 167 transmits the ARP response packet 213 to the transmission source of the ARP request packet 211. Therefore, the transmission source MAC address 212 of the ARP response packet 213 and the ARP request packet 211 is transmitted. Are sent to the data link output unit 162b (step S107).

  On the other hand, when there is no data including an IP address that matches the target IP address of the ARP request packet 211 (step S105), the proxy ARP processing unit 167 discards the ARP request packet 211 and ends the processing (step S108).

  Next, the operation of the packet transfer processing unit 168 in the load balancer 16 will be described with reference to the flowchart of FIG. 22 and the data format of FIG. When the packet transfer processing unit 168 receives the IP packet 231 shown in FIG. 23A (corresponding to the IP packet 106 in FIG. 10) from the data link input unit 162a, the packet transfer processing unit 168 checks the destination IP address of the packet 231 and loads It is determined whether or not the packet is destined for the distribution device 16 (that is, whether the packet is transferred to the real server) (step S111).

  If the IP packet 231 is addressed to the load balancer 16, the packet transfer processing unit 168 sends the IP packet 231 as it is and processes it as normal TCP / IP communication data (step S112).

  On the other hand, when the IP packet 231 is not destined for the load balancer 16 but is a packet to be transferred to the real server (step S111), the packet transfer processing unit 168 determines the MAC of the real server 12-i at the transfer destination (load distribution destination). In order to obtain the address, the IP packet 231 is sent to the load distribution processing unit 169 as the IP packet 232 shown in FIG. 23B (step S113).

  When the packet transfer processing unit 168 can acquire the transfer destination MAC address as the MAC address 233 shown in FIG. 23 from the load distribution processing unit 169 (step S114), the IP packet 231 is changed to the IP packet 234 shown in FIG. As well as the acquired MAC address 233 and sent to the data link output unit 162b (step S115). On the other hand, when acquisition of the MAC address of the transfer destination fails, the packet transfer processing unit 168 discards the IP packet 231 and ends the process (step S116).

  Thus, in this embodiment, the load balancer 16 can not only relay communication data addressed to the real server 12-i from the client 11 (step S115), but can also perform normal communication with its own address. (Step S112).

  Next, the operation of the load distribution processing unit 169 in the load distribution apparatus 16 will be described with reference to the flowchart in FIG. 24 and the data structure example of the session management table TBL2 in FIG. When the IP packet 232 in FIG. 23B is sent from the packet transfer processing unit 168, the load distribution processing unit 169 determines whether the destination IP address (including address information) of the IP packet 232 exists on the registration table TBL1. Is checked to determine whether the IP packet 232 is a load distribution target packet (step S121).

  If the destination address of the IP packet 232 does not exist on the registration table TBL1, the packet transfer processing unit 168 returns an error to the packet transfer processing unit 168 to prevent the IP packet 232 from being transferred to the real server. Is finished (step S122).

  On the other hand, when the destination address of the IP packet 232 exists on the registration table TBL1 (step S121), the load distribution processing unit 169 acquires the MAC address of the real server 12-i that is the transfer destination of the IP packet 232. The session management table TBL2 is checked (step S123).

  The session management table TBL2 is prepared for session management. As shown in FIG. 25, entry data (a set of entries) in the session management table TBL2 is prepared for each IP address for communication packet transmission / reception of a real server (real server group), and includes a client address, a real server MAC address, and It shall have an expiration value.

  In the case of connection-type communication, session management means that communication data needs to be transferred to the same server until the session expires, and therefore management is performed with an expiration date for retaining the session. If no packet is transmitted from the client during the expiration date, the load distribution processing unit 169 determines that the session has expired, and deletes the corresponding entry data from the session management table TBL2. Even when the IP packet 232 sent from the packet transfer processing unit 168 is a packet that explicitly stops (disconnects) a session (connection), such as a TCP FIN packet, the load distribution processing unit 169 disconnects the session. The corresponding entry data is deleted from the session management table TBL2.

  In step S123, the load distribution processing unit 169 transmits the source of the IP packet 232 from the set of entries corresponding to the destination address of the IP packet 232 sent from the packet transfer processing unit 168 in the session management table TBL2. The data (address information) of the entry whose IP address matches the client IP address is searched.

  If there is data (address information) corresponding to the entry in the session management table TBL2 (step S123), the load distribution processing unit 169 notifies the packet transfer processing unit 168 of the MAC address of the transfer destination. The MAC address of the real server 12-i paired with the transmission source IP address of the IP packet 232 is acquired from the data (step S124). Next, the load distribution processing unit 169 determines whether the IP packet 232 is a TCP FIN packet (step S125).

  If the IP packet 232 is a FIN packet, the load distribution processing unit 169 deletes the data of the corresponding entry from the session management table TBL2 (step S126). On the other hand, if the IP packet 232 is not a FIN packet, the load distribution processing unit 169 sets the value of the expiration date included in the data of the corresponding entry of the session management table TBL2 as an initial value (step S127). The initial value is not necessarily a fixed value, and may be a parameter that can be changed by the load balancer 16. For example, the configuration may be such that the administrator of the load balancer 16 manually sets the initial value according to the environment. The initial value may be used when registering a session management table, which will be described later.

  On the other hand, when there is no entry data corresponding to the session management table TBL2 (step S123), the load distribution processing unit 169 uses the destination IP address (eg, “192.168.”) Of the IP packet 232 on the registration table TBL1 (see FIG. 16). The entry data relating to the real server 12-i to which the IP packet 232 is to be transferred is selected (determined) from the entry data including the IP address that matches 10.11 ″) (step S128). Various methods for determining which real server is the optimal transfer destination (load distribution destination) are not directly related to the present invention, but are conventionally known. For example, a method of selecting the server with the smallest number of sessions with clients is known. When this method is applied, an optimal real server can be determined as a transfer destination by calculating the number of data in the registration table TBL1 for each MAC address of the real server.

  When the load distribution processing unit 169 selects (determines) the transfer destination real server 12-i, the load distribution processing unit 169 obtains the MAC address of the real server 12-i from the data of the entry in the registration table TBL1 including the IP address of the real server 12-i. Obtain (step S129). Then, the load distribution processing unit 169 adds entry data including the MAC address of the real server 12-i, the transmission source IP address (client IP address) of the IP packet 232, and the expiration date holding the session to the session management table TBL2. Register (step S130). As a result, a session between the transmission source of the IP packet 232 and the real server 12-i is started. Here, the expiration date registered in the session management table TBL2 is a parameter that can be changed by the load balancer 16, and the administrator of the load balancer 16 is set manually according to the environment. The expiration value may be the same as the initial value set in step S127.

  After step S126, S127, or S130, the load distribution processing unit 169 sends the MAC address to the packet transfer processing unit 168 and ends the processing (step S131). Here, the MAC address sent from the load distribution processing unit 169 to the packet forwarding processing unit 168 is the same as that in the case where the source IP address of the IP packet 232 exists in the session management table TBL2 (in the case of YES in step S123). It is the MAC address acquired from the session management table TBL2. On the other hand, when the source IP address of the IP packet 232 does not exist in the session management table TBL2 (in the case of NO in step S123), the MAC address sent from the load distribution processing unit 169 to the packet transfer processing unit 168 is This is the MAC address of the real server 12-i determined as the transfer destination from the registration table TBL1.

  As described above, in the present embodiment, by using the session management table TBL2 in the load balancer 16, layer 4 session management becomes possible. In particular, in the present embodiment, since the entry data registered in the session management table TBL2 is managed for each real server group (collection of real servers), the load balancer 16 applies load balancing and layer 4 to a plurality of real server groups. Session management becomes possible.

  The load distribution processing unit 169 periodically monitors the session management table TBL2, and deletes entry data whose expiration date is 0 from the session management table TBL2. The periodic monitoring process of the session management table TBL2 by the load distribution processing unit 169 will be described with reference to the flowchart of FIG. Here, it is assumed that seconds are used as a unit of the expiration date of entry data registered in the session management table TBL2, and monitoring of the table TBL2 is executed every second.

  The load distribution processing unit 169 takes out one entry data (address information) from the session management table TBL2 (step S141). The load distribution processing unit 169 determines whether the value of the expiration date included in the extracted data is 0 (step S142).

If the value of the expiration date is 0 (0 seconds), the load distribution processing unit 169 deletes the corresponding data from the session management table TBL2 (step S143). On the other hand, when the value of the expiration date is not 0, the load distribution processing unit 169 decreases the value of the expiration date included in the corresponding data in the session management table TBL2 by 1 (1 second) (step S144).
The load distribution processing unit 169 performs the above-described processing for all entry data in the session management table TBL2 (step S145), and ends the processing.

  Now, the IP input unit 163a and IP output unit 163b in the IP layer processing unit 163, and the transport layer processing unit 164 which is a processing unit of the higher protocol layer, convert the input data as normal TCP / IP communication data. To process. Thereby, normal communication using the IP address of the load balancer 16 becomes possible.

  FIG. 27 is a block diagram showing the configuration of the real server 12-i. The real server 12-i includes a network IF (network interface) 121, a data link layer processing unit 122, an IP layer processing unit 123, and a transport layer processing unit 124. The real server 12-i includes a dedicated device 120-i and a registration table TBL3 accessed by the dedicated device 120-i. The dedicated device 120-i exists between the data link layer processing unit 122 and the IP layer processing unit 123 of the real server 12-i. The dedicated device 120-i in the present embodiment is realized by the real server 12-i (CPU) reading and executing dedicated software for controlling communication on the real server 12-i. . As a result, the real server 12-i itself does not have to be a dedicated device. Due to the presence of the dedicated device 120-i, a path between the data link layer processing unit 122 and the IP layer processing unit 123 of the conventional real server, that is, a path between the data link input unit 122a and the IP input unit 123a, There is no path between the IP output unit 123b and the data link output unit 122b.

  The network IF 121 serves as an interface with the network 14 to which the real server 12-i is connected. The network IF 121 includes an IF input unit 121a and an IF output unit 121b. The data link layer processing unit 122 includes a data link input unit 122a and a data link output unit 122b. The IP layer processing unit 123 includes an IP input unit 123a and an IP output unit 123b.

  The dedicated device 120-i corresponds to the data link layer processing unit 125 corresponding to the data link layer processing unit 122 (original data link layer processing unit 122) and the IP layer processing unit 123 (original IP layer processing unit 123). And an IP layer processing unit 126. The data link layer processing unit 125 includes a data link input unit 125a and a data link output unit 125b. The IP layer processing unit 126 includes an IP input unit 126a, an IP output unit 126b, a registration processing unit 126c, and an ARP processing unit 126d.

  Next, the operation centering on the dedicated device 120-i of the real server 12-i will be described. The dedicated device 120-i receives a communication packet (a data link layer packet including a data link layer header) from the original data link layer processing unit 122 on the real server 12-i, and then inside the dedicated device 120-i. Data processing is performed, and an IP packet is sent to the original IP layer processing unit 123 of the real server 12-i. Also, the dedicated device 120-i receives the IP packet or the ARP request packet from the original IP layer processing unit 123 of the real server 12-i, performs data processing inside the dedicated device 120-i, and performs the real server 12-i. The data link layer packet is sent to the original data link layer processing unit 122 of -i.

Next, the operation of each unit in the dedicated device 120-i will be described sequentially.
First, the operation of the data link input unit 125a in the dedicated device 120-i will be described with reference to the flowchart of FIG. 28, the data format of FIG. 29, and the data structure example of the registration table TBL3 of FIG.

  The data link input unit 125a receives a communication packet (data link layer packet) from the original data link layer processing unit 122 (the data link input unit 122a) of the real server 12-i. Communication packets (data link layer packets) input to the data link input unit 125a are roughly classified into a packet 291 shown in FIG. 29A and a packet 292 shown in FIG. The packet 291 includes a data link layer header, an IP header, and an IP payload. Data composed of an IP header and an IP payload is called an IP packet. On the other hand, the packet 292 is an ARP packet (ARP request / response packet) including a data link layer header and data of an ARP request / response (ARP request or ARP response). The data link layer headers of the packets 291 and 292 both include a destination MAC address and a source MAC address.

  When the data link input unit 125a receives the communication packet (input packet) input by the data link input unit 122a, the data link input unit 125a determines whether the packet is the ARP packet 292 having the format shown in FIG. 29B (step S151). ). If the input packet is the ARP packet 292, the data link input unit 125a converts the ARP packet 292 from which the data link layer header is removed (ARP request / response) into the ARP packet shown in FIG. It is sent to the ARP processor 126d as 293 (step S152).

  On the other hand, if the input packet is not the ARP packet 292 (step S151), that is, if the packet 291 has the format shown in FIG. 29A, the data link input unit 125a indicates that the packet 291 (the packet shown in FIG. It is determined whether it is a packet transfer advertisement packet (corresponding to the transfer advertisement packet 72) (step S153). If the packet 291 is a packet transfer advertisement packet, the data link input unit 125a sends the packet 291 as it is to the registration processing unit 126c as the packet transfer advertisement packet 294 shown in FIG. 29D (step S154). The IP payload of the packet transfer advertisement packet 294 includes packet transfer advertisement data.

  On the other hand, if the packet 291 is not a packet transfer advertisement packet (step S153), the data link input unit 125a determines whether the packet 291 is a registration response packet (step S155). If the packet 291 is a registration response packet, the data link input unit 125a sends the packet 291 as it is to the registration processing unit 126c as a registration response packet 295 shown in FIG. 29 (e) (step S154).

  On the other hand, if the packet 291 is not a registration response packet (step S155), the data link input unit 125a checks the data on the registration table TBL3, and the source MAC address in the packet 291 exists on the registration table TBL3. It is determined whether to do (step S156). The entry data of the registration table TBL3 includes items of an IP address, a MAC address, and an expiration date as shown in FIG. The registration table TBL3 is used to indicate whether registration to the load balancer 16 has been successful. If the registration is successful, entry data including an IP address, a MAC address, and an expiration date is set in the registration table TBL3.

  If the transmission source MAC address in the packet 291 exists on the registration table TBL3, the data link input unit 125a extracts a portion excluding the data link layer header from the packet 291, that is, the IP packet, and FIG. The IP packet 296 shown in (f) is sent to the IP input unit 123a (step S157). In contrast, when the source MAC address in the packet 291 does not exist on the registration table TBL3 (step S156), the data link input unit 125a discards the packet 291 (step S158).

  Next, the operation of the data link output unit 125b in the dedicated device 120-i will be described with reference to the flowchart of FIG. 31 and the data format of FIG. The data link output unit 125b receives the destination MAC address and the IP packet from the IP output unit 126b, the registration processing unit 126c or the ARP processing unit 126d, and receives the original data link layer processing unit 122 (the data link output unit 122b of the original data link layer 122b). ) To send the MAC address and the IP packet (step S161). Here, the destination MAC address 321 and the IP packet 322 shown in FIG. 32A are sent from the IP output unit 126b and the registration processing unit 126c to the data link output unit 125b. In this case, the data link output unit 125b sends the destination MAC address 321 and the IP packet 322 to the data link layer processing unit 122 as the destination MAC address 325 and the IP packet 326 shown in FIG. 32C, respectively. . On the other hand, the destination MAC address 323 and the ARP packet 324 shown in FIG. 32B are sent from the ARP processing unit 126d to the data link output unit 125b. In this case, the data link output unit 125b sends the destination MAC address 323 and the ARP packet 324 to the data link layer processing unit 122 as the destination MAC address 327 and the ARP packet 328 shown in FIG. .

Next, the operation of the registration processing unit 126c in the dedicated device 120-i will be described. The registration processing unit 126c mainly performs the following first to third processes.
(1) First, the registration processing unit 126c starts registration of the real server 12-i to the load balancer 16, so that the packet is generated when the dedicated device 120-i is activated and the administrator of the real server 12-i operates. A transfer request packet is generated and transmitted to the data link output unit 125b (first process).

  (2) In addition, the registration processing unit 126c receives data from the data link input unit 125a. When the data is a packet transfer advertisement, the registration processing unit 126c generates a registration request packet and transmits it to the data link output unit 125b. When the registration processing unit 126c receives a registration response (registration response packet) to the registration request packet, the registration processing unit 126c registers entry data in the registration table TBL3 (second processing).

  (3) Further, the registration processing unit 126c periodically monitors the registration table TBL3, and transmits a registration request packet when the expiration date is less than or equal to a certain value (but greater than 0), and the expiration date becomes 0. If this happens, the corresponding data is deleted from the registration table TBL3 (third process).

  Next, details of the first processing by the registration processing unit 126c will be described with reference to the flowchart of FIG. 33 and the data format of FIG. The registration processing unit 126c generates a packet transfer request packet 342 shown in FIG. 34 in order to start registration of the real server 12-i to the load balancer 16 when the dedicated device 120-i is activated (step S171). The IP header of the packet transfer request packet 342 includes a broadcast or multicast destination IP address and a source IP address. As this source IP address, the IP address for communication packet transmission / reception of the real server 12-i where the dedicated device 120-i is placed is used. The registration processing unit 126c sends the generated packet transfer request packet 342 and the broadcast MAC address 341 to the data link output unit 125b (step S172). This process is executed not only when the dedicated device 120-i described above is started, but also by performing a special operation when the administrator of the real server 12-i determines that registration to the load balancer 16 is necessary. Is done.

  Next, details of the second processing by the registration processing unit 126c will be described with reference to the flowchart of FIG. 35 and the data formats of FIGS. This process is executed when the registration processing unit 126c receives a communication packet from the data link input unit 125a.

  Upon receiving the communication packet from the data link input unit 125a, the registration processing unit 126c determines whether the packet is the packet transfer advertisement packet 361 shown in FIG. 36 (corresponding to the transfer advertisement packet 294 in FIG. 29D). (Step S181). If the received packet is a packet transfer advertisement packet 361, the registration processing unit 126c uses the transmission source IP address of the packet transfer advertisement packet 361 (the IP address of the load balancer 16) as the destination IP address. Is generated (step S182). The registration request packet 363 includes a value for the expiration date of registration for packet transfer. It is also possible to adopt a configuration in which the administrator of the real server 12-i can determine the value of the registration expiration date and set it in the dedicated device 120-i.

  When the registration processing unit 126c generates the registration request packet 363, the transmission source MAC address (MAC address of the load balancer 16) 362 of the received packet (packet transfer advertisement packet 361) and the registration request packet 363 are converted into a data link output unit. 125b (step S183).

  On the other hand, when the received packet is other than the packet transfer advertisement packet, the registration processing unit 126c determines whether the received packet is the registration response packet 371 shown in FIG. 37 (corresponding to the registration response packet 295 in FIG. 29E). (Step S184). If the received packet is other than the registration response packet 371, the registration processing unit 126c discards the received packet and ends the process (step S185).

  On the other hand, when the received packet is the registration response packet 371, the registration processing unit 126c determines whether the registration is successful from the registration result included in the registration response data of the registration response packet 371 (step S186). If the registration is successful, the registration processing unit 126c determines the source MAC address (the MAC address of the load balancer 16), the source IP address (the IP address of the load balancer 16), and the expiration date of the registration response packet 371. The included entry data is additionally registered in the registration table TBL3 (step S187). Here, the value set in the packet 363 when the registration request packet 363 is transmitted in step S183 is used as the expiration date. If the registration cancellation is successful, the registration processing unit 126c deletes the entry data including the transmission source MAC address and the transmission source IP address of the registration response packet 371 from the registration table TBL3 in step S187.

  On the other hand, in the case of registration failure (step S186), if the cause of the registration failure is the expiration date, that is, the registration result included in the registration response data of the registration response packet 371 indicates that there is a problem with the expiration date. If so (step S188), the registration processing unit 126c generates a new registration request packet 373 shown in FIG. 37 in which the expiration date is set shorter than the previously transmitted registration request packet (step S189). Here, in order to shorten the validity period, a process of subtracting a certain value every time may be performed, or a process of subtracting a certain percentage of the value of the validity period transmitted last time may be performed.

  When the registration processing unit 126c generates a new registration request packet 373 (step S189), the transmission source MAC address (MAC address of the load balancer 16) 372 of the received packet (registration response packet 371), the registration request packet 373, Is sent to the data link output unit 125b (step S190). If the registration failure is for a reason other than the expiration date (step S188), the registration processing unit 126c discards the received packet and ends the process (step S185).

  Next, details of the third processing by the registration processing unit 126c will be described with reference to the flowchart in FIG. 38 and a diagram showing the relationship between the data in the registration table TBL3 in FIG. 39 and the output data from the registration processing unit 126c. To do. Here, it is assumed that seconds are used as a unit of the expiration date of entry data registered in the registration table TBL3, and monitoring of the table TBL3 is executed every second.

  The registration processing unit 126c extracts one entry data (address information) from the registration table TBL3 (step S191). The registration processing unit 126c determines whether the expiration date value included in the extracted data is 0 (step S192).

  If the value of the expiration date is 0 (0 seconds), the registration processing unit 126c deletes the corresponding data from the registration table TBL3 (step S193). On the other hand, if the value of the expiration date is not 0, the registration processing unit 166 determines whether the value of the expiration date is a certain threshold value, for example, 10 (10 seconds) or less (step S194).

  If the value of the expiration date is greater than 0 but less than or equal to 10, the registration processing unit 126c creates a new entry in order to prevent the entry data from being deleted in the near future expiration date. A registration request packet is generated (step S195). Thereby, if the value of the expiration date is 9, as in the example of the registration table TBL3 in FIG. 39, the registration request packet 392 is generated. As the destination IP address of the registration request packet 392, the IP address of the load balancer 16 included in the data of the corresponding entry in the registration table TBL3 is used. Note that the threshold of the expiration date, which is a condition for transmitting a new registration request packet, is not limited to 10 seconds. For example, this threshold value may be ½ of the initial value of the expiration date.

  The registration processing unit 126c sends the MAC address 391 of the load balancer 16 and the generated registration request packet 392 included in the data of the corresponding entry in the registration table TBL3 to the data link output unit 125b (step S196). . When the registration request packet 392 is received by the load balancer 16, the value of the expiration date set in the data of the corresponding entry in the registration table TBL1 is changed to the value set in the registration request packet 392. Can be updated.

  When executing the above step S196, the registration processing unit 126c decreases the value of the expiration date included in the corresponding data in the registration table TBL3 by 1 (1 second) (step S197). On the other hand, when the value of the expiration date is larger than 10 (step S194), the registration processing unit 126c skips steps S195 and S196 and executes step S197.

  Next, the operation of the ARP processing unit 126d in the dedicated device 120-i will be described with reference to the flowchart of FIG. 40 and the data format of FIGS. 41 and 42. An ARP packet (ARP request packet or ARP response packet) is sent from the IP output unit 126b or the data link input unit 125a to the ARP processing unit 126d. When receiving the ARP packet, the ARP processing unit 126d determines whether the ARP packet is the ARP request packet 411 shown in FIG. 41 or the ARP response packet 421 shown in FIG. 42 (step S201).

  When the received ARP packet is the ARP request packet 411, the MAC address and IP address of the transmission source of the ARP request packet 411 are the MAC address and IP address of the real server 12-i (IP address “192.168 for communication packet transmission / reception). 10.11 ") is determined (step S202).

  If the MAC address and the IP address match, the received ARP packet is the ARP request packet 411 sent from the IP output unit 126b, so the ARP processing unit 126d sends the source IP of the ARP request packet 411. The ARP request packet 411 is converted into the ARP request packet 413 shown in FIG. 41 by rewriting the address from the IP address “192.168.10.11” for communication packet transmission / reception to the IP address “192.168.10.12” for ARP transmission (step S204). ). The ARP processing unit 126d sends the ARP request packet 413 with the rewritten IP address and the MAC address 412 to the data link output unit 125b (step S204). Since the MAC address 412 is an ARP request, a broadcast address is used.

  On the other hand, the MAC address of the source of the received ARP request packet 411 does not match the MAC address of the real server 12-i, or the IP address of the source of the received ARP request packet 411 is the IP address of the real server 12-i. If it does not match (step S202), the ARP processing unit 126d discards the ARP request packet 411 and ends the processing (step S205).

  On the other hand, when the received ARP packet is the ARP response packet 421 (step S201), the target MAC address and the target IP address in the ARP response packet 421 are the MAC address of the real server 12-i and the IP address for ARP transmission, respectively. It is determined whether or not it matches “192.168.10.12” (step S206). If the MAC address and the IP address match, the received ARP packet is the ARP response packet 421 sent from the data link input unit 125a, so the ARP processing unit 126d has the target IP of the ARP response packet 421. The ARP response packet 421 is converted into the ARP response packet 422 shown in FIG. 42 by rewriting the address from the IP address “192.168.10.12” for ARP transmission to the IP address “192.168.10.11” for communication packet transmission / reception (step S207). ). The ARP processing unit 126d sends the ARP response packet 422 whose IP address has been rewritten to the IP input unit 126a (step S208).

  On the other hand, the target MAC address in the received ARP response packet 421 does not match the MAC address of the real server 12-i, or the target IP address in the received ARP response packet 421 is for ARP transmission of the real server 12-i. If the IP address does not match (step S206), the ARP processing unit 126d discards the ARP response packet 421 and ends the process (step S209).

  Next, the operation of the IP input unit 126a in the dedicated device 120-i will be described with reference to the flowchart of FIG. 43 and the data format of FIG. The IP input unit 126a receives the IP packet 441 shown in FIG. 44A or the ARP shown in FIG. 44B from the IP input unit 126a or the ARP processing unit 126d, respectively (corresponding to the ARP response packet 422 in FIG. 42). A response packet 442 is sent.

  When the IP input unit 126a receives the IP packet 441 or the ARP response packet 442 sent from the IP input unit 126a or the ARP processing unit 126d, the IP packet 441 or the ARP response packet 442 is shown in FIG. 44 (c), respectively. The IP packet 443 or the ARP response packet 444 shown in FIG. 44 (d) is sent to the original IP layer processing unit 123 (its IP input unit 123a) on the real server 12-i, and the processing is ended (step S211).

  Next, the operation of the IP output unit 126b in the dedicated device 120-i will be described with reference to the flowchart of FIG. 45 and the data format of FIG. The IP output unit 126b receives the IP packet 462 and the destination MAC address 461 shown in FIG. 46A from the original IP layer processing unit 123 (its IP output unit 123b) on the real server 12-i, or FIG. The ARP request packet 464 and the destination MAC address 462 shown in 46 (b) are sent.

  When receiving the communication packet sent from the IP layer processing unit 123, the IP output unit 126b determines whether the received packet is an ARP packet (ARP request packet) (step S221).

  If the received packet is the ARP packet (ARP request packet) 464 shown in FIG. 46 (b), the IP output unit 126b converts the ARP packet (ARP request packet) 464 into the ARP packet (ARP) shown in FIG. 46 (c). Request packet) 465 is sent to the ARP processing unit 126d and the processing is terminated (step S222).

  On the other hand, if the received packet is not an ARP packet, that is, the IP packet 462 shown in FIG. 46A, the IP output unit 126b receives the MAC address 461 and the IP packet 462 received from the IP layer processing unit 123. Then, the MAC address 466 and the IP packet 467 shown in FIG. 46D are sent to the data link output unit 125b, respectively, and the process is terminated (step S223).

  Note that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. Further, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment.

The figure for demonstrating the basic composition and operation | movement principle of the load distribution system which concern on one Embodiment of this invention. In the system of FIG. 1, a method of transmitting a communication packet from the client 11 to the real server 12-i via the load balancer 16, and a real server 12-i (= 12−) without relaying the load balancer 16 The figure for demonstrating the method to transmit a communication packet to the client 11 from 1). The figure which shows the example by which the data of the ARP table 110 produced by the proxy ARP with the MAC address of the load distribution apparatus 16 are rewritten to the MAC address of the real server 12-i. The figure which shows the example in which the data of the ARP table 110 produced with the MAC address of the load distribution apparatus 16 by proxy ARP are not rewritten by the MAC address of real server 12-i. 2 is a sequence chart showing the operation of the system of FIG. 1 in an organized manner. 7 is a sequence chart for explaining a method of automatically creating a table that holds address information including a pair of an IP address and a MAC address of a real server on the load balancer 16. The figure which shows the flow of the address between the packet transfer request packet 71, the packet transfer advertisement packet 72, the registration request packet 73, and the registration response packet 74. FIG. 3 is a block diagram showing a configuration of a load distribution device 16. 7 is a flowchart for explaining the operation of a data link input unit 162a in the load balancer 16. The figure which shows the format of the data input into the data link input part 162a, and the data output from the said data link input part 162a. 7 is a flowchart for explaining the operation of a data link output unit 162b in the load balancer 16. The figure which shows the format of the data input to the data link output part 162b, and the data output from the said data link output part 162b. 6 is a flowchart for explaining the operation of a packet transfer advertisement processing unit 165 in the load balancer 16. The figure which shows the format of the data input into the packet transfer advertisement process part 165, and the data output from the said packet transfer advertisement process part 165. 7 is a flowchart for explaining an operation when a registration request is input by a registration processing unit 166 in the load distribution apparatus 16. The figure which shows the data structure example of registration table TBL1. The figure which shows the format of the data input into the registration process part 166, and the data output from the said registration process part 166. The figure for demonstrating the relationship between the destination IP address of communication data, and the operation | movement of the load distribution apparatus 16, when two sets of real servers used as the object of load distribution by the load distribution apparatus 16 exist. The flowchart for demonstrating the regular monitoring process of registration table TBL1 by the registration process part 166. FIG. 7 is a flowchart for explaining the operation of a proxy ARP processing unit 167 in the load balancer 16. The figure which shows the format of the data input into the proxy ARP processing part 167, and the data output from the said proxy ARP processing part 167. 7 is a flowchart for explaining the operation of a packet transfer processing unit 168 in the load balancer 16. The figure which shows the format of the data input into the packet transfer process part 168, and the data output from the said packet transfer process part 168. 9 is a flowchart for explaining the operation of a load distribution processing unit 169 in the load distribution device 16. The figure which shows the example of a data structure of session management table TBL2. The flowchart for demonstrating the regular monitoring process of session management table TBL2 by the load distribution process part 169. FIG. The block diagram which shows the structure of real server 12-i. The flowchart for demonstrating operation | movement of the data link input part 125a in exclusive apparatus 120-i. The figure which shows the format of the data input into the data link input part 125a, and the data output from the said data link input part 125a. The figure which shows the data structure example of registration table TBL3. The flowchart for demonstrating operation | movement of the data link output part 125b in dedicated apparatus 120-i. The figure which shows the format of the data input to the data link output part 125b, and the data output from the said data link output part 125b. The flowchart for demonstrating the 1st process by the registration process part 126c. The figure which shows the format of the data input into the registration process part 126c, and the data output from the said registration process part 126c. The flowchart for demonstrating the 2nd process by the registration process part 126c. The figure which shows the format of the input-output data at the time of packet transfer advertisement reception by the registration process part 126c. The figure which shows the format of the input-output data at the time of the registration response reception by the registration process part 126c. The flowchart for demonstrating the 3rd process by the registration process part 126c. The figure which shows the relationship between the data of registration table TBL3, and the output data from the registration process part 126c. The flowchart for demonstrating operation | movement of the ARP process part 126d in exclusive apparatus 120-i. The figure which shows the relationship between the said ARP request packet and the data output from the said ARP processing part 126d when the data input into the ARP processing part 126d is an ARP request packet. The figure which shows the relationship between the said ARP response packet and the data output from the said ARP processing part 126d when the data input into the ARP processing part 126d is an ARP response packet. The flowchart for demonstrating operation | movement of the IP input part 126a in dedicated apparatus 120-i. The figure which shows the format of the data input into the IP input part 126a, and the data output from the said IP input part 126a. The flowchart for demonstrating operation | movement of the IP output part 126b in dedicated apparatus 120-i. The figure which shows the format of the data input from the IP output part 126b, and the data output from the said IP output part 126b.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 11 ... Client, 12-1 to 12-3, 12-5, 12-6, 12-i ... Real server, 13, 14 ... Network, 16 ... Load balancer, 121, 161 ... Network IF, 122, 125, 162 ... Data link layer processing unit, 122a ... IP input unit, 122b ... Data link output unit, 123, 126, 163 ... IP layer processing unit, 123a, 126a, 163a ... IP input unit, 123b ... IP output unit, 124, 164: Transport layer processing unit, 125a: Data link input unit (reception unit, first reception unit), 125b ... Data link output unit (transmission unit, second transmission unit), 126b ... IP output unit (second 126c, 166 ... registration processing unit, 126d ... ARP processing unit, 162a ... data link input unit (receiving unit), 162b ... data link output unit (Transmission means, first transmission means), 163b ... IP output section, 165 ... packet transfer advertisement processing section, 167 ... proxy ARP processing section, 168 ... packet transfer processing section, 169 ... load distribution processing section, TBL1, TBL3 ... Registration table, TBL2 ... session management table.

Claims (19)

A plurality of real servers that provide services to a plurality of clients, the plurality of real servers having a first IP address common to the plurality of real servers;
A load balancer that allocates service requests from each of the plurality of clients to the plurality of real servers, the network addresses of the plurality of real servers being in the same segment,
The load balancer is:
Receiving means for receiving communication data, the receiving means for receiving, on behalf of, communication data addressed to a real server having the first IP address from the client as a destination IP address;
First transmission means for transmitting communication data;
Load distribution processing means for selecting a real server to which communication data received on behalf of the receiving means is to be transferred from the plurality of real servers;
Transfer processing means for causing the first transmission means to transfer the communication data received on behalf of the reception means to the physical address of the real server selected by the load distribution processing means,
Each of the plurality of real servers is
Address resolution protocol processing means for performing address resolution for acquiring the physical address of the client with a second IP address for address resolution protocol request transmission different from the first IP address;
A second transmission unit configured to transmit communication data having the first IP address as a transmission source IP address with respect to the physical address determined by the address resolution by the address resolution protocol processing unit; Distributed system. The load balancer further includes a proxy address resolution protocol processing unit that returns a proxy address resolution protocol response including a physical address of the load balancer in response to an address resolution protocol request for the first IP address from the client. ,
The receiving unit of the load balancer receives communication data from the client to the physical address of the load balancer returned to the client by the proxy address resolution protocol response from the client using the first IP address. The load distribution system according to claim 1, wherein the communication data is received.   2. The load distribution system according to claim 1, wherein the address resolution protocol processing means of the real server does not respond to an address resolution protocol request for the first IP address from the client. The load balancer further includes a load balancer side registration table that stores entry data including physical addresses of the plurality of real servers to which service requests are allocated and the first IP address,
The load distribution processing means of the load distribution apparatus extracts entry data including an IP address that matches the destination IP address of the communication data received by the reception means from the load distribution apparatus side registration table, and extracts the data 2. The load distribution system according to claim 1, wherein a physical address of a real server to which the communication data is to be transferred is selected from physical addresses included in the entry data. The receiving means of the load balancer also receives communication data having the IP address of the load balancer as a destination IP address;
The transfer processing means of the load balancer, when communication data is received by the receiving means, means for determining whether the destination IP address of the communication data matches the IP address of the load balancer itself, and the load Means for passing the communication data to the Internet protocol layer and higher protocol layers if the IP address of the distribution device itself matches, and the load distribution processing if the communication data does not match the IP address of the load distribution device itself Means for selecting a transfer destination physical address by the load distribution processing means, and when the physical address of a real server to which the communication data is to be transferred cannot be selected by the load distribution processing means, The load balancing apparatus according to claim 4, further comprising a discarding unit. The load balancer includes an IP address of a transmission source of communication data addressed to a real server having the first IP address as a destination IP address, a physical address of a real server of a transfer destination of the communication data, and expiration date data. A session management table in which entry data including
When the communication data addressed to the real server is transferred from the transfer processing unit of the load distribution device, the load distribution processing unit of the load distribution device receives entry data including a transmission source IP address of the communication data. The means for determining whether or not the session management table exists, and entry data including the source IP address of the communication data do not exist in the session management table, the source IP address of the communication data and a predetermined expiration date If the entry data including the communication data transmission source IP address exists in the session management table, the session is held if the entry data including the entry data is additionally registered in the session management table. Expiration date included in the entry data as being Means for returning the value to the value of the predetermined expiration date, and means for deleting the corresponding entry data on the session management table when the communication data is data indicating session termination. The load distribution system according to claim 5.   The load distribution processing means of the load balancer periodically monitors the session management table, and reduces the value of the validity period of the entry data registered in the session management table each time, 7. The load distribution system according to claim 6, further comprising means for deleting the expired data from the session management table. Aside from the set of a plurality of real servers having the first IP address, at least one set of a plurality of real servers having a common first IP address different from the first IP address is provided. ,
The entry data of the session management table is associated with the first IP address unique to the set for each set of the real servers,
When the communication data addressed to the real server is delivered from the transfer processing unit of the load distribution device, the load distribution processing unit of the load distribution device is configured to distribute the load distribution based on a destination IP address of the communication data. The load distribution system according to claim 6, wherein a set of entry data in the session management table to be referred to for determination by the determination unit of the processing unit is specified. Each of the plurality of real servers is
A server side registration table for storing entry data including a physical address of the load balancer;
Data link layer processing means for performing data link layer processing in TCP / IP communication;
IP layer processing means for processing the IP layer in the TCP / IP communication;
First receiving means for receiving communication data to be sent from the data link layer processing means to the IP layer processing means instead of the IP layer processing means, and when the received communication data is an IP packet, the server side First receiving means for sending only a packet having a physical address registered in a registration table as a transmission source address to the IP layer processing means;
A second receiving means for receiving communication data to be sent from the IP layer processing means to the data link layer processing means instead of the data link layer processing means, the second receiving means including the second sending means; A second receiving means for sending the IP packet as it is to the data link layer processing means when the data is an IP packet;
The address resolution protocol processing means of the real server is an address resolution protocol response packet in which the communication data received by the first receiving means includes a target IP address and a target physical address, and the target IP address is the first address. And a means for converting the target IP address into the first IP address when the target physical address is a physical address of the real server, and the target IP address is the first IP address. Means for sending the address resolution protocol response packet converted into the IP layer processing means, and the target IP address is not the second IP address or the target physical address is not the physical address of the real server , The address Means for discarding a resolution protocol response packet; and communication data received by the second reception means is an address resolution protocol request packet including a target IP address and a target physical address, and the target IP address is the first IP address. Means for converting a source IP address into the second IP address when the target physical address is a physical address of the real server, and the target IP address is converted into the second IP address. The address resolution protocol request packet sent to the data link layer processing means and the target IP address is not the first IP address, or the target physical address is not the physical server physical address, The address resolution Load balancing system according to claim 4, characterized in that it comprises a means for discarding protocol request packet. The load balancer is:
When a packet transfer request including a broadcast or multicast IP packet is sent to exchange a physical address and IP address pair with the real server, a packet including an IP packet with respect to the source address of the packet transfer request A packet transfer advertisement processing means for causing the first transmission means to transmit a transfer advertisement;
When a registration request is sent from the real server that is the transmission source of the packet transfer request in response to the packet transfer advertisement, the entry data including the physical address and IP address of the real server that is the transmission source of the registration request Registration processing for additionally registering in the load balancer side registration table and causing the first transmission means to transmit a registration response including an IP packet for notifying the server of the transmission source of the packet transfer request of the registration result And further comprising means
The real server exchanges a pair of a physical address and an IP address with the load balancer so that the packet transmission request including a broadcast or multicast IP packet is transmitted by the second transmission unit, and the packet transfer When the packet transfer advertisement is sent from the load balancer in response to the request, the registration request including the IP packet having the source IP address of the packet transfer advertisement as the destination IP address is transmitted by the second transmission unit. A registration processing means for registering entry data including a physical address of the load balancer in the server side registration table when the registration response is sent from the load balancer in response to the registration request. The load distribution system according to claim 9, wherein: The registration request sent from the real server includes registration expiration data,
When the registration request is sent from the real server, the registration processing unit of the load distribution apparatus, if the value indicated by the expiration date data included in the registration request is valid, the registration request Entry data including the physical address, IP address, and value of the expiration date of the real server that is the source of the registration is additionally registered in the load balancer side registration table, and the physical address of the real server that is the source of the registration request Means for changing the value of the expiration date in the entry data to the value indicated by the expiration date data included in the registration request, if the entry data including the IP address is already registered, and the registration request If the value indicated by the expiration date data included in the data is not valid, the user data is not registered in the load balancer side registration table, and the registration If the entry data including the physical address and the IP address of the real server that is the transmission source has already been registered, the entry data is deleted from the load balancer side registration table, and transmitted by the first transmission unit. Generating the registration response including registration result data indicating success or failure of registration in the load balancer side registration table as the registration response to be performed,
When the packet transfer advertisement is sent from the load balancer in response to the packet transfer request, the registration processing unit of the real server sends the registration request including the expiration date data to the second transmission unit. When the registration response including the registration result data is sent from the load balancer in response to the registration request, a physical address and an IP address of the load balancer that is a transmission source of the registration response Entry data including the expiration date value included in the registration request is additionally registered in the server-side registration table, and an entry includes the physical address and IP address of the load balancer that is the transmission source of the registration response If the data has already been registered, it is possible to change the expiration date value in the entry data to the expiration date value included in the registration request. If the registration failure is indicated by the registration result data included in the registration response, a new registration request changed to a value shorter than the expiration date included in the registration request is sent to the second registration request. The load distribution system according to claim 10, further comprising means for retransmitting by the transmission means.   The registration processing means of the load balancer periodically monitors the load balancer side registration table, and reduces the validity period value of the entry data registered in the load balancer side registration table each time. 12. The load distribution system according to claim 11, further comprising means for deleting the expired data from the load distribution apparatus side registration table.   The registration processing means of the real server periodically monitors the server-side registration table, and decreases the value of the validity period of the entry data registered in the server-side registration table each time. 12. The load distribution system according to claim 11, further comprising means for deleting the expired data from the server side registration table. When a registration cancellation request is sent as a registration request indicating cancellation of registration from the real server, the registration processing means of the load distribution apparatus obtains the physical address and IP address of the real server that is the transmission source of the registration cancellation request. Means for deleting the entry data including from the load balancer side registration table,
The means for generating the registration response generates, as the registration response to the registration cancellation request, a registration response including registration result data indicating successful registration cancellation,
The registration processing means of the real server includes means for causing the registration cancellation request to be transmitted by the second transmission means, and data of a registration result indicating successful registration cancellation from the load balancer in response to the registration cancellation request. Means for deleting entry data including a physical address and an IP address of the load balancer that is a transmission source of the registration response from the server-side registration table when the registration response is transmitted. The load distribution system according to claim 11. A load distribution device for allocating service requests from each of the plurality of clients to the plurality of real servers, wherein a plurality of real servers that provide services to a plurality of clients have network addresses in the same segment,
Proxy address resolution protocol processing means for returning a proxy address resolution protocol response including a physical address of the load balancer in response to an address resolution protocol request for the first IP address from the client;
A receiving means for receiving communication data, when the communication data is transmitted from the client to the physical address of the load balancer returned to the client by the proxy address resolution protocol response from the client at the first IP address And receiving means for receiving the communication data on behalf of,
A transmission means for transmitting communication data;
Load distribution processing means for selecting a real server to which communication data received on behalf of the receiving means is to be transferred from the plurality of real servers;
A load distribution apparatus comprising: transfer processing means for causing the transmission means to transfer communication data received on behalf of the reception means to a physical address of a real server selected by the load distribution processing means. A first IP address that is common to the load balancer and a network address that provides a service to the client in response to a service request from each of a plurality of clients allocated by the load balancer and that is in the same segment A real server belonging to a set of multiple real servers having
Communication data addressed to the real server having the first IP address as the destination IP address from the client is received by the load balancer as a proxy, and the communication data received by the proxy by the distribution by the load balancer is A receiving means for receiving the communication data when transmitted to its own physical address;
Address resolution protocol processing means for performing address resolution to obtain a physical address of the client with a second IP address for address resolution protocol request transmission different from the first IP address;
A real server comprising: a transmission unit configured to transmit communication data having the first IP address as a transmission source IP address with respect to a physical address determined by the address resolution by the address resolution protocol processing unit. A server side registration table for storing entry data including a physical address of the load balancer;
Data link layer processing means for performing data link layer processing in TCP / IP communication;
IP layer processing means for processing the IP layer in the TCP / IP communication;
A first receiving means including the receiving means for receiving communication data to be sent from the data link layer processing means to the IP layer processing means instead of the IP layer processing means, wherein the received communication data is an IP packet; In this case, a first receiving means for sending only a packet having a physical address registered in the server side registration table as a transmission source address to the IP layer processing means,
Second receiving means for receiving, instead of the data link layer processing means, communication data to be sent from the IP layer processing means to the data link layer processing means, and when the received communication data is an IP packet, Second receiving means for sending the packet as it is to the data link layer processing means,
The address resolution protocol processing means is an address resolution protocol response packet in which the communication data received by the first receiving means includes a target IP address and a target physical address, and the target IP address is the second IP address. And when the target physical address is the physical address of the real server, the target IP address is converted to the first IP address, and the target IP address is converted to the first IP address. Means for sending said address resolution protocol response packet to said IP layer processing means, and said address resolution when said target IP address is not said second IP address or said target physical address is not a physical address of said real server Protoco Means for discarding the response packet; and communication data received by the second receiving means is an address resolution protocol request packet including a target IP address and a target physical address, and the target IP address is the first IP address. And when the target physical address is the physical address of the real server, means for converting the source IP address to the second IP address, and the target IP address is converted to the second IP address. Means for sending the address resolution protocol request packet to the data link layer processing means, and if the target IP address is not the first IP address or the target physical address is not a physical address of the real server, the address Resolution protocol request Real server of claim 16, characterized in that it comprises a means for discarding packets. A plurality of real servers that provide services to a plurality of clients, the plurality of real servers having a first IP address common to the plurality of real servers, and the network addresses of the plurality of real servers in the same segment A load distribution method applied to a load distribution system that includes a load distribution device that exists and allocates a service request from each of the plurality of clients to the plurality of real servers,
The load balancer receives, on behalf of, communication data addressed to a real server whose destination IP address is the first IP address from the client;
Selecting a real server to which communication data received on behalf of the proxy is to be transferred, from among the plurality of real servers;
Transferring the communication data received on behalf of the proxy to the physical address of the selected real server;
The real server performing address resolution for obtaining the physical address of the client with a second IP address for sending an address resolution protocol request different from the first IP address;
A load distribution method comprising: a step of transmitting communication data having the first IP address as a transmission source IP address with respect to a physical address determined by the address resolution. In response to an address resolution protocol request for the first IP address from the client, the load balancer returns a proxy address resolution protocol response including a physical address of the load balancer;
The load balancing method according to claim 18, further comprising a step in which each of the plurality of servers does not respond to an address resolution protocol request for the first IP address from the client.

Images