Cisco Systems OL-4344-01 manual Four-Tier System Architecture, Client tier

Page 31

Chapter 1 About Cisco IP Solution Center

The Four-Tier System Architecture

Figure 1-12 Redundant Load Balancing Configuration

Service Provider

network

Layer 3 router

 

 

 

 

 

 

 

 

 

 

Layer 3 router

 

 

 

 

 

 

 

 

 

 

 

 

 

 

192.168.0.1

 

 

 

 

 

 

 

 

 

 

(r-1)

 

 

 

(HSRP floating IP)

 

 

 

 

 

(r-2)

192.168.0.2

 

 

 

 

 

 

 

 

 

 

 

192.168.0.3

 

 

 

 

 

 

 

 

 

active

 

 

 

 

 

 

 

 

 

 

 

 

standby

 

 

 

 

 

 

 

 

 

192.168.0.10

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(floating IP)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

192.168.0.200

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(floating IP)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Load Balancer

 

 

 

 

 

 

 

 

 

 

 

 

 

Load Balancer

 

 

 

 

 

 

 

 

 

(lb-1)

 

 

 

 

 

 

Trunk

 

 

 

 

 

(lb-2)

 

 

 

 

 

 

192.168.0.11

 

 

 

 

 

 

 

 

 

 

 

 

192.168.0.12

 

 

 

Layer 2

 

Layer 2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

switch

 

 

switch

 

 

 

 

 

 

 

 

 

 

 

 

 

(sw-1)

 

 

(sw-1)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Web server

Web server

Web server

Web server

(ws-1)

(ws-2)

(ws-3)

(ws-4)

192.168.0.100

192.168.0.101

192.168.0.102

192.168.0.103

The Four-Tier System Architecture

The Cisco ISC architecture is a four-tier architecture. The four tiers are:

Client tier

93004

The Client tier consists of the user web browsers or client applications accessing ISC through the API. Just as in the previous VPN Solutions Center releases, ISC customers do not have to use ISC through the GUI. The software can be driven fully through its northbound API. This allows our customers to tightly integrate ISC into their OSS environment. The user web browsers communicate with ISC’s Web server through HTTP. The client applications communicate with ISC’s CORBA server (backward compatible API) or Web Server via XML/SOAP (new API).

Interface tier

The Interface Tier contains one or more web servers that form a web farm. As more and more operators need to access the system, the web farm can be scaled up by simply adding new web server machines to the farm. This arrangement provides horizontal scalability for handling a large number of users. It also provides high availability. As one machine of the farm goes away, the whole system continues to function and users can continue to interact with the system through other interface tier machines. This system allows the dynamic addition and removal of machines to and from the web farm.

Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

 

OL-4344-01

1-31

 

 

 

Image 31
Contents About Cisco IP Solution Center ISC Network Management Subnet Overview of ISCISC Features Service Provider Network for Vlan ID Management Resource Pools Access Domain AssignedVPN Service Profile-Based Provisioning Features and Functions Provided in Provisioning with ISCRole-Based Access Control Rbac CPE Customer’s View of the Network Customer’s and Provider’s View of the NetworkAbout Multi-VRF CEs About Provider Edge Routers PEsA Multi-VRF CE Providing Layer 3 Aggregation Mapping IPsec Tunnels to Mpls VPNs Using Templates to Customize Configuration FilesUses for the Template Function Auditing Service RequestsVPNs Sharing Sites About Mpls VPNsIntranets and Extranets Characteristics of Mpls VPNsVPN Routing and Forwarding Tables VRFs Ip vrf site2 rd VRF Implementation ConsiderationsRoute Distinguishers and Route Targets Creating a VRF InstanceCE Routing Communities Route Target CommunitiesHub and Spoke Considerations Routing Separation Security Requirements for Mpls VPNsAddress Space and Routing Separation Address Space SeparationHiding the Mpls Core Structure Securing the Routing Protocol Resistance to AttacksLabel Spoofing PE-CE Interface Routing AuthenticationSecuring the Mpls Core Trusted DevicesSeparation of CE-PE Links LDP AuthenticationConnectivity Between VPNs Security Through IP Address Resolution MP-BGP Security FeaturesEnsuring VPN Isolation North Bound Interface NBIAPI Functionality Supported NBI Benefits Distributed Load BalancingAPI Approach 11 Simple Flat-Based Server Load Balancing Configuration Client tier Four-Tier System ArchitectureControl tier