FortiDirector allows you to configure two separate types of load balancing:
Although these two protocols can sometimes overlap, it is important to understand the differences between them so you can decide which protocol best suits the specific needs of your organization.
DNS load balancing is the most basic type of load balancing solution. DNS load balancing consists of delegating a subdomain or hostname to our redirector (r0.r1cd.com) by creating an NS record in your DNS zonefile. To illustrate how this works, let’s work through an example.
Let us imagine a situation where an end user is browsing your website, http://www.mydomain.com . The webpage served to his browser includes static assets hosted and served by content.mydomain.com.
The flow below will be observed:
- The end-user's browser will first query their ISPs DNS servers for content.mydomain.com , which will then ...
- ...query your own domain’s DNS servers for content.mydomain.com, where a lookup will reveal an NS delegation for content.mydomain.com to r1cd.3crowd.com...
- ...redirecting the ISP’s DNS servers to the FortiDirector platform...
- ...the ISP’s DNS servers will ask FortiDirector’s DNS servers at r1cd.3crowd.com for the content.mydomain.com record, and ...
- ... FortiDirector will look up the Ruleset and Rules for the content.mydomain.com hostname, process the Rulesets, and ...
- ... reply with a Network Resource (an IP address or hostname) to the ISP’s DNS servers.
- The ISP’s DNS servers then give this IP address or hostname to the end-user’s browser, and ...
- ...page loading continues. The process is completely transparent to the end-user.
A minimal understanding of DNS is necessary for you to point your records towards the FortiDirector platform – you will have to modify the authoritative DNS configuration for your domain, whether using the web GUI of your hosted DNS provider, or by modifying the configuration of the zonefile of your own DNS servers. This is a very simple thing to do, and our support staff can answer any questions you might have.
HTTP load balancing with the FortiDirector platform allows for more complex rule conditions than the DNS load balancing service. HTTP load balancing consists of creating an CNAME record in your zonefile for the hostname to be load-balanced pointing at the FortiDirector platform’s IP address. To illustrate how this works, let’s work through an example:
- The end-user’s browser will first query their ISPs DNS servers for http-content.mydomain.com, which will then…
- …query your own domain’s DNS servers for http-content.mydomain.com, which will redirect the browser to cname.3crowd.com becausehttp-content.mydomain.com has been CNAMEd to cname.3crowd.com.
- The end-user’s browser will ask CrowdDirector’s HTTP redirector servers at cname.3crowd.com for the http-content.mydomain.com content,
- FortiDirector will look up the Ruleset and Rules for the http-content.mydomain.com hostname, process the Rulesets, and...
- …reply with an HTTP 302 redirect to a configured Network Resource hosting the content. This may include additional processing, such as altering the path of the URL or the query parameters on the request.
- The end-user’s browser will connect to the Network Resource and continue loading the content as normal.
PERFORMANCE | DNS load balancing is much faster than HTTP load balancing, especially for small images, since it is connectionless: DNS load balancing consists of simply answering a DNS request, whereas HTTP load balancing requires an end user to create an extra TCP connection in step 2:
|
FLEXIBILITY | HTTP load balancing allows the use of additional conditions in the Rulesets over DNS because it has more context available for each request:
|
PROTOCOL INDEPENDENCE | The DNS load balancing service provides the flexibility to work with any protocol, such as RTMP, WMS, FTP, etc, as well as HTTP. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.