SUPPORT: Frequently asked questions
 |
 |
|
|
Pre-Sales
Q: What does Equalizer do?
A: Equalizer lets you bond multiple servers together to provide powerful and reliable Virtual Clusters. By always directing each client request to the server best able to handle it, Equalizer ensures that your servers operate at peak efficiency. If a server becomes overloaded or fails, Equalizer will stop sending it requests and will notify the system administrator of the problem.
Q: How do we avoid a single point of failure?
A: You can deploy a pair of Equalizers in a redundant-hot-standby configuration. Both Equalizers heartbeat one another constantly over all network interfaces. Should a failure be detected, the backup unit will take over within 20 seconds. Coyote Point's Envoy can add an extra level of resilience, letting you create geographically distributed clusters on different networks.
Q: Can I have a remote site?
A: If you deploy Envoy, you can have up to 100 unique datacenters hosting your network services. "Geographic Sites" can be in different cities or different continents or located in the same datacenter on unique networks. Envoy ensures that a site-wide failure won't interrupt your critical services.
Q: If I deploy Envoy, do I need hardware at each site?
A: You will need an Equalizer and Envoy at each site that hosts a Geographic Site.
Q: Why do we need layer7?
A: Coyote Point's Equalizer E450 offers advanced Layer7 technology, which lets you to define content-based clusters. When an HTTP request arrives at a virtual cluster, you can direct the request to subsets of servers based on the data type requested (requests for images to servers 1, 3 & 5, requests for .asp pages to servers 2 & 4, etc), or other variables, such as browser type or HTTP header information. Another important consideration is the need for cookie based persistence. With cookie persistence enabled, Equalizer can insert persistence cookies into the data stream returned to the clients and use these cookies to determine which server within the cluster should receive the next client request.
Q: How do you maintain persistent sessions?
A: The Equalizer E450 supports two persistence modes. Layer4 persistence is based on "sticky connections," which remembers a client's IP address and the server to which it should be "stuck" for a configurable time. More advanced Layer7 is based on HTTP persistence cookies, which Equalizer inserts transparently into returned data to ensure the client will remain connected to the desired server. The E250si only supports Layer4.
Q: Does Equalizer balance SSL traffic?
A: Certainly. The Equalizer E450 product manages SSL connections at Layer7. Equalizer performs all SSL handshaking, encryption and decryption, freeing your servers from this intensive task. Equalizer also supports coyote Point's optional Xcel SSL hardware security upgrade. The E250si load balances SSL connections at Layer4, though servers must perform SSL encryption/decryption.
Q: What is Secure Key Storage (SKS)?
A: The Xcel SSL accelerator incorporates a form of write-only memory called secure key storage (SKS). Once data is written into SKS it cannot be read back by any user. It can only be read by the embedded SSL acceleration engine. When Xcel is installed, Equalizer stores SSL-certificate private keys in SKS memory. This ensures extremely sensitive private key data cannot be compromised.
Q: Can you configure fail over with two different types of Equalizers?
A: If you are configuring failover between two different types of Equalizers, where one contains a built-in switch and the other does not, configuration file transfers must remain disabled between the two systems.
Q: How often does the Equalizer check servers in a cluster for availablity?
A: This is configurable, default is every .2 seconds
Q: I believe Envoy uses ping to calculate the latency and determine which server's the closest to the client location. Most people run firewall software nowadays and it usually blocks ICMP requests. How does Envoy deal with that?
A: ICMP isn't necessary, it can be turned off. And if the client can't be pinged Envoy will serve the clients request from the most "Available" Envoy server.
Q: Can Equalizer support Active-Active configurations?
A: Yes, with Envoy, enabled Equalizer is in an Active-Active configuration.
Q: How long have we been in business?
A: Coyote Point has been selling traffic-management devices since 1999. Our first installation was at HotWired in the summer of that year.
Installation
Q: Do I need Coyote Point technicians to install your products? Can I install them myself?
A: If you have a basic understanding of networking and can set up a server, you can install Equalizer. We've put a great deal of thought and effort into making our products easy to install and our documentation easy to understand. And we always have top-notch tech support standing by to help.
Q: How many servers can I balance?
A: The E250si supports up to 8 servers per cluster, the E350si 16 servers/cluster. Both the E450 and Extreme II provide support for 64 servers per cluster.
Q: Are clustered servers able to connect to their own cluster address?
A: No, because of IP routing, clustered servers are only able to access other cluster addresses, not their own. It's possible to make this work with special routes, but it is not supported.
Q: Why isn't setting a default gateway always enough for routing?
A: If you have clients on the local subnet which contains the servers you may need additional host routes. Servers will try to answer directly back to clients on the same subnet and bypass the Equalizer on return traffic by default.
Q: How does Equalizer determine if a server has failed?
A: Equalizer uses a combination of methods to determine server availability. ICMP probes at regular intervals determine if the server hardware is up and running. TCP/UDP probes determine if the server OS and server program are running and Active Content Verification can determine if services are actually returning valid data.
Q: What kind of monitoring and reporting features are available?
A: Equalizer and Envoy provide detailed counters and historical plotting capabilities. That means you can display up to a week's worth of traffic and performance history in intuitive graphical format. Equalizer also supports SNMP via an embedded Net-SNMP agent.
Q: I am not having much luck using the HyperTerminal application as my terminal emulator. Do you have any other suggestions?
A: We have found that TeraTerm provides much better vt100 compatibility compared to HyperTerminal. It's free, too.
Q: Do I need to make changes to both Primary and Backup?
A: Not when adding, deleting, or modifying clusters or servers. When you add an SSL cluster, certificates do need to be loaded on each unit. Configuration changes should always take place on the acting primary unit in a failover configuration.
Q: What is the base Operating System for Equalizer?
A: Coyote Point's Equalizer and Envoy products are built on the FreeBSD operating system. FreeBSD is one of the first Open Source operating systems released and is recognized as one of the most scalable and reliable platforms around. We use FreeBSD as a scaffold on which to build our kernel-mode packet-management software.
Q: How do I connect to Equalizer for the first time?
A: Connect one end of the supplied serial cable to Equalizer's serial port and connect the other end to either a serial terminal or to a PC running terminal emulation software. Use the following terminal settings:
- 9600 bps
- 8 data bits
- one stop bit
- no parity
- ignore hangups
- VT100 terminal emulation
Boot Equalizer and wait for the login prompt to appear; then, log in to the eqadmin account to configure the network interfaces.
Q: How do I determine whether to use single or dual network mode?
A: Single network only uses one interface and one subnet; dual mode uses both interfaces with two unique subnets. The external can be a public or private address scheme. Please keep in mind that the two interfaces should never be configured for the same network. This will cause routing problems.
Q: Are servers able to be configured on both the external and internal networks?
A: No, servers must be configured on either internal or external networks, depending on Equalizer and whether it's part of a single or dual network. Equalizer E450 server can be on external or internal interfaces. Equalizer E250si will always be on internal interfaces.
Q: Can your load balancers have, a fiber connection rather than a copper connection for their LAN connectivity?
A: Yes, we can do this as a "special order" on the extreme II.
Q: I tried logging into the Equalizer web admin tool via HTTPS, and received warning that the certificate had expired. What gives?
A: The HTTPS (SSL) protocol provides both encryption and authentication. Encryption assures that your traffic is secure from interception and authentication proves that you are talking to the system you think you're talking to. The certificate installed on Equalizer is a stub certificate that is not intended to provide authentication. If you click through the warnings, you will still have an encrypted session. Since Coyote Point cannot authenticate your equalizer (only you can do that) we provide a stub certificate for "Snake Oil, Ltd." This is not a security problem so long as you understand the purpose and function of SSL certificates.
Troubleshooting
Q: I've installed my license file manually. Why do I lose my license file when I reboot?
A: The file needs to be shadowed, instead of using the reboot command, try the shutdown -r now command or shut down through the GUI,? this will allow the file to be shadowed.
Q: How do I get support in Europe?
A: Our distribution partners are versed in Coyote Point's products. They provide first-line support, backed with the tools and resources they need to provide the best service for you.
Q: Is the 8x5 support in my time zone?
A: Yes. Your 8x5 support is active in whatever time zone you've registered.
Q: How do I reboot Equalizer thru the Web administration tool?
A: Equalizer can be remotely rebooted by selecting Equalizer > Reboot thru the Web administration tool. If you log into Equalizer as root through the serial interface, you can type "reboot" (7.2.x and later systems) or "shutdown -r now" (7.1.x and earlier systems).
Q: Why aren't my new clusters working if the server is showing "up"?
A: There are several reasons this could be happening. Make sure that Equalizer is being used as the servers default gateway and that the server service or daemon is running. Sometimes additional host or network routes will need to be added to the clustered servers in single network. The traceroute (tracert on windows) command is a useful diagnostic tool. Trace from the clustered server back to any client that is not able to resolve the cluster address. If Equalizer is not showing up as the first hop, routing is the cause of the problem.
Q: Is Equalizer affected by the 2007 Day Light Savings Time (DST) change?
A: Yes. Release 7.2.3e is a patch release that updates the Equalizer for the changes to US Day Light Savings Time in 2007. See the 7.2.3e Release Notes and the Upgrade Instructions for more information.
|
|
|
Important Notice
End of life announcement for "classic 1U" appliances...
» more |
Resource Den
Product Demo
Product Comparison
White Papers
|
|
