NPCSlli 1 DESIGN AND IMPLEMENTATION OF CONTENT SWITCH ON
IXP1200EB Presenter: Longhua Li Committee Members: Dr. C. Edward
Chow Dr. Jugal K. Kalita Dr. Charles M. Shub Dec. 3 rd, 2002
Slide 2
NPCS lli 2 Content-Based Switch
Slide 3
NPCS lli 3 Content Switch Architecture (Infocom 2000,
Apostolopoulos et al) Client Hash Table Step 1. Controller finds
there is no entry in Hash Table, Route request to content switch
processor Real Server 1 Step2. CS processor a. Extract
content/Match CS rules b.Route request c. Setup Sequence#
modification on server side port CS Rules pkt Modification info
Step 3. At server side port, Return pkts are modified Sequence#/IP
addr/Chksum Route back to client
Slide 4
NPCS lli 4 Commercial Content Switches Cisco Content Engine
(Arrowpoint) Foundry Networks ServerIron Products F5s Big-IP.
Nortel Networks Alteon Web Switches Intel XML Director Phobe
In-Switch
Slide 5
NPCS lli 5 Content Switch Operations Incoming Packets Content
Switching Rule Matching Algorithm Header Content Extraction Packet
Classification Content Switch Rules Packet Routing (Load Balancing)
CS Rule Editor Forward Packet To Servers Network Path Info Server
Load Status
Slide 6
NPCS lli 6 Secure Socket Layer (SSL) Protocol We need SSL for
secure communications between client and server. SSL Protocol
allows the exchange of certificates for the authentication of
servler and potentially the clients cipher suites and selection of
session keys for encryption
Slide 7
NPCS lli 7 Overview of SSL Procedure SSL Messages Client Server
1. Client hello----> 11. Finished----->
NPCS lli 33 Demo launch IXP12EB and open a shell window
Download ssl_proxy.out and rulemodule.out to IXP At shell window,
type > init >PethDrvInit >sslproxy Open another shell
window, type >rulemodule Go to test page: :
http://archie.uccs.edu/~acsd/ixp1200/sslproxytest.html
http://archie.uccs.edu/~acsd/ixp1200/sslproxytest.html