Brocade ADX – Content Switching (CSW)

Content Switching provides the ability to distribute / rewrite traffic based upon a sessions Layer 7 payload. This feature also provides the ability to persist connections to a given server/server group. There are 4 main methods to Layer 7 switching:

• Cookie Switching – Uses either a server sent cookie or ADX injected cookie to direct traffic to specific server or server group
• Cookie Hashing – Generates a hash of teh cookie sent from the server to persist further requests when client uses the same cookie.
• URL Switching – Uses a user specified piece of the URL to direct to specific server or server group
• URL Hashing – Hashes the URL string to direct to a specific server or server group

Layer 7 Content Switching

1. Define CSW Rule

Specfies content to match in HTTP

Header

(config) # csw-rule rule4 header host exists

URL

(config) # csw-rule rule3 rule exists

Method

(config) # csw-rule rule1 method eq PUT

Versions  

(config) # csw-rule rules 2 version eq 1.1

Create a policy

Specifies action to take when rule is matched.

1. Create a policy

(config) # csw-policy p1
(config-cws-p1) #

2. Action

Match rule/take action in one statement. We can either

a) Forward

(config-csw-p1) # match rule1 forward 1029

b) Redirect

(config-csw-p1) # match rule1 redirect “*” “*” ssl (first * is match all domains, second * is match all URLs.)

c) Rewrite

(config-csw-p1) # match rule1 rewrite request-insert client-ip

Bind Policy

Bind policy and enable CSW
Bind poicy and turn on csw to a paritcluar VIP

(config) # server virtual cswVIP 192.168.1.1
(config-vs-cswVIP) # port http
(config-vs-cswVIP) # port http csw-policy p1
(config-vs-cswVIP) # port http csw
(config-vs-cswVIP) # bind http rs1 http

Cookie Switching (with cookie inserted)

Configure Server Group ID`s

(config) # server real-name rs1 10.10.10.201
(config-rs-rs1) # port http group-id 10 10
(config-rs-rs1) # exit

(config) # server real-name rs1 10.10.10.202
(config-rs-rs2) # port http group-id 10 10
(config-rs-rs2) # exit

As group ids are sqencial you have to speficy the groups that it will be a member of. If you you only want it to be group 109 then you have to spefcy that it will be in group 10 through to group 10

Configure Server ID`s

(config) # server real-name rs1 10.10.10.201
(config-rs-rs1) # port http server-id 1024
(config-rs-rs1) # exit

(config) # server real-name rs1 10.10.10.202
(config-rs-rs2) # port http group-id 1025
(config-rs-rs2) # exit

Create a Policy

Next create a policy that defines the action that is taken when the rule is matched.

(config)# csw-policy myCookie
(config-csw-myCookie)#

Within this example we take 3 actions. They are :

Persist – if rule 1 is matched then send (persist) to server

(config-csw-myCookie)# match r1 persist offset 0 length 3 group-or-server-id

Forward – if we dont match against that rule we will forward to group 10

(config-csw-myCookie)# default forward 10

Rewite – if i dont see the cookie I will insert it

(config-csw-myCookie)# default rewite insert-cookie

Define CSW Rule

Next we define a content switching rule. This rule spefies which content to match.

(config)# csw-rule r1 header “cookie” search “ServerID”

Assign to Virtual Server

(config) # server virtual cookieVIP 2.1.1.1
(config-vs-cookieVIP) # port http
(config-vs-cookieVIP) # port http cookie-name “ServerID”
(config-vs-cookieVIP) # port http csw-policy “myCookie”
(config-vs-cookieVIP) # port http csw
(config-vs-cookieVIP) # bind http rs1 http rs2 http

URL Switching

(config)# csw-rule products url prefix /PRODUCTS case-insensitive
(config)# csw-rule products url prefix /PARTNERS case-insensitive

(config)# csw-policy “myUrlPolicy” case-insensitive
(config-csw-myUrlPolicy)# match products forward 201
(config-csw-myUrlPolicy)# match support forward 202 (server group)
(config-csw-myUrlPolicy)# default forward 201

(config)# server virtual url-sw-VIP [IP]
(config-vs-url-sw-VIP)# port http
(config-vs-url-sw-VIP)# port http csw-policy “myUrlPolicy”
(config-vs-url-sw-VIP)# port http csw
(config-vs-url-sw-VIP)# bind http rs1 http rs2 http

• Author
• Recent Posts

Rick Donato

Rick Donato is a Network Automation Architect/Evangelist and the founder of Packet Coders.

Latest posts by Rick Donato (see all)

• How to Configure a BIND Server on Ubuntu - March 15, 2018
• What is a BGP Confederation? - March 6, 2018
• Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018

Want to become a networking expert?

Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial