Step 1: Initial setup with load balancers

The Initial Setup step for a service using a load balancer as the front end component has a checklist section and six setup sections:

• Name/Description

• Name End Users Component

• Define Front End Component

• Identify Applications and Ports

• Create Front End Segments

• Configuring SNAT

When you complete each setup section, click Next to move on to the next section.

Name/Description

The Service Name you enter in this section is displayed on the dashboards and reports. It should be short but descriptive enough for you to recognize. Do not use spaces in the name.

Entries you make in the Notes section are displayed in the Description column on the Definitions > Services page.

Name End Users Component

The end user component is a group of hosts that use the service. The name you enter for the end user component is displayed on the service map.

Define Front End Component

The front end component includes the servers that the end users are connecting to.

Name - Enter a name that represents the function of the servers in this component. The name you enter for the front end component is displayed on the service map.

Type - Select the type of front component, Servers or Load Balancer VIPs. If the front end component of the service uses virtual servers (the virtual IP addresses of a load balancer), then the displays and steps are as follows below. If the front end component uses physical servers, the procedure is slightly different. The description of the setup fields that are required for a physical server as the front end component are here: Servers

VIPs - Virtual IP addresses of the front end component. Enter the addresses that the end users are connecting to. These are the virtual servers being provided by a load balancer. If one or more load balancers have already been defined on the Administration > Integration > Load Balancers page and can be queried, you can select one in the Load Balancer box, click Browse and select its VIPs from a list.

Note:  The browse feature is currently limited to Riverbed SteelApp Traffic Manager and F5 Local Traffic Manager versions 9 and 10 (not 11) load balancers that can be queried. If the load balancer is a SteelApp Traffic Manager, the configuration query will not detect VIPs that are added to SteelApp Traffic Manager by Traffic Scripts.

Alternatively, use any of the following formats to enter a comma-separated list of virtual IP addresses:

<address> - IP address or host name; If you define a virtual server by only an IP address or host name, then traffic for all protocols and ports used with that address is aggregated.

<address>:<proto> - must be tcp or udp

<address>:<port> - if only a number follows the address, it is interpreted as a port

<address>:<proto>/<port>

Example:  10.100.120.100:tcp/80

Load Balancer - If you browsed to addresses of the load balancer's virtual servers, then this field will already show the name of the load balancer handling the virtual addresses you selected. If you entered the VIPs manually, then select the load balancer serving as the front end component from the drop down list.

If more than one SteelApp or F5 version 9 or 10 load balancer have been defined as service components, you can click Detect to have NetProfiler identify the one that handles the virtual servers you have identified.

If no load balancers have been identified as components yet, click New to identify one. Adding a new load balancer from this link is the same as adding it on the Administration > Integration > Load Balancers page. For creating a new load balancer component of type "Other," you can leave the Management IP and Ports, Username and Password fields blank.

If the front end component is a SteelApp or F5 version 9 or 10 load balancer, then the NetProfiler appliance can automatically query it to identify information needed in the steps that follow. If you prefer to enter the additional information manually, select the Manually configure all options check box.

Identify Applications and Ports

After you have defined the front end server component, you can use NetProfiler to discover which applications and ports are being served by that component. That is, you can identify the applications and/or ports with which the end users communicate with the front end servers. This process may identify end user clients or services that you did not know about but want to include in the service you are tracking.

Discovery method - If the load balancer is a SteelApp Traffic Manager or F5 LTM version 9 or 10, you are given the additional choice of querying the load balancer itself to determine which applications it is serving. However, you can still choose to discover the services by analyzing traffic. This allows you to find which ports are actually in use and not include ports that are configured but unused.

• Traffic query - The appliance uses historical traffic data for the previous business day to determine the applications, protocols and server ports that were connecting to the front end servers component. However, you can change this time frame in the Advanced options section.

• Load balancer configuration query - The appliance obtains information directly from the load balancer. This feature is currently available for only SteelApp Traffic Manager and F5 Local Traffic Manager version 9 and 10 load balancers.

Advanced options - You can use these options to limit the discovery process to specific applications and a specific time frame.

Advanced options for the traffic query discovery method are:

• Restrict discovery to applications/ports - Enter ports or applications manually, or use the Browse feature to look up named applications and ports. This limits the discovery process to just those applications, ports, or application-port combinations that you select.   Syntax notes

• Aggregate discovery results by - The discovery process finds each application, port, or application-port combination in use between end users and the front end servers. You can use the Aggregate discovery results by options to control how the discovered applications and ports are aggregated into proposed service segments:

• • Ports only – A service segment is proposed for each server port that is in use.

  • Applications and Ports – A service segment is proposed for each application-port combination discovered.

  • Applications only – A service segment is proposed for each Layer 7 application that is discovered.

• Discovery time frame - The time frame must include a time when there was traffic involving the front end servers component.

Advanced options for the load balancer configuration query discovery method (currently available for only SteelApp Traffic Manager and F5 Local Traffic Manager load balancers) are:

• Restrict discovery to ports - Enter ports manually or use the Browse feature to look up named ports. This limits the discovery process to just those ports.   Syntax notes

Skip discovery - If you choose to enter the segment definition manually instead of using the discovery process.  

Run Discovery & Next - Causes NetProfiler to look for all applications being served by the front end servers component. The discovery process either lists its results or displays a message box with suggestions for improving the discovery criteria.

Create Front End Segments

The Create Front End Segments section is used to select the applications/ports that you want to be included in the front end segments of the service you are defining. Use the New Apps/Ports tab to add discovered applications or ports to the service. Use the other tabs help you keep track of what you have added or merged into the definition of the service.

New Apps/Ports tab

This tab lists all server ports and applications that were discovered in the preceding section and have not yet been processed. Each application/port combination, along with its client component and server component, is a candidate for being added to the service as a service segment.

Select the check box for a proposed segment and click Add to add it to the service. Alternatively, select the check boxes for multiple proposed segments and click Merge to include them in the service as a single segment.

Clicking Add or Merge opens a window in which you can assign a name to the front end segment. In this window you can also click Show traffic report to run a service traffic report to check on the applications/ports that you are adding.

When you click Save, the appliance adds your selected application/port connections, and the client and server components that are using them, as a new service segment. The Service Map displays the new segment with the name that you assigned to it.

Any discovered application/port that you did not add, drop or delete is displayed as "Undecided." Note that if the Undecided segment and the added segment are using the same client and server components, those components are displayed only once. Each segment includes the both components, and the components are highlighted for each segment that you hover the mouse over.

To remove an "Undecided" connection from the segment, select it and click Drop or Delete.

If you click Drop, the application/port connection is not monitored as part of the service and it is not rediscovered if you run the discovery step again. However, it is saved in case you choose to add it in the future. It remains listed on the All Segments tab.

If you choose Delete, the proposed segment is discarded and no longer available to be added to the definition of the service. However, it will be rediscovered if you run the discovery step again.

Added Segments tab

This tab lists the segment names, their client and server components and applications/ports between the components. Select the check box for a segment and click Edit to open a window in which you can edit the definition and run a service traffic report. You can select two or more segments and click Merge to combine them into one segment. You can also drop or delete the segment.

Components tab

This tab lists the components that have been added to the service. Components can be shared between segments. You can edit or delete components on this tab.

All Segments tab

This tab lists the segments that have been added or merged and the proposed segments that have been dropped or remain undecided.

Next

Continue to add, merge, drop or delete all proposed segments to create the front end segments of the service. After the end user connections to the virtual IP addresses of the load balancer have been identified, NetProfiler needs to know how these source addresses are translated to the addresses that the load balancer uses when connecting to the load-balanced server pool.  

If the load balancer is a SteelApp Traffic Manager or F5 LTM versiopn 9 or 10, the SNAT (source network address translation) configuration can be obtained automatically by NetProfiler querying the load balancer. If it is an other load balancer, then you will be prompted to enter the SNAT values.

Click Next and provide the SNAT information to NetProfiler.

Configuring SNAT

The SNAT configuration determines which IP addresses are used as source addresses in the packets that the load balancer sends to the load-balanced server pool.

Connections to servers - Select one of the possibilities from the list box.  

• SNAT is used for all connections - All traffic for the service that comes into the load balancer from the front end side leaves for the load-balanced server pool using one of the addresses specified in the SNAT Addresses box as its source address.

• SNAT is used for some connections - The load balancer is configured to use the addresses in the SNAT Addresses box as the source addresses for some of the traffic it receives from the front end. For other traffic, it uses the source addresses of the received packets in the packets it sends toward the load-balanced server pool.

• SNAT is not used - The load balancer uses the source addresses of the packets it receives from the front end in the packets it sends toward the load-balanced server pool.

If the load balancer is SteelApp Traffic Manager or F5 LTM and you have not chosen earlier to enter information manually, then choose Detect to have NetProfiler automatically obtain this information from the load balancer. Otherwise, enter the SNAT addresses manually. Check with the administrator responsible for the load balancer to get the SNAT addresses.

SNAT Addresses - A comma-separated list of physical IP addresses that the load balancer uses to connect to the load-balanced server pool.

When you click Save & Next, the service definition process moves on to Step 2: Find Additional Components and Segments.

Top of page

Define a new service